www.tvnotas.com.mx Open in urlscan Pro
2606:4700::6811:8936 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tvnotas.com.mx/
Effective URL:
https://www.tvnotas.com.mx/
Submission Tags: tranco_l324
Submission: On November 09 via api (November 9th 2021, 8:21:28 am UTC) from DE — Scanned from DE

Summary HTTP 518 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 66 IPs in 11 countries across 76 domains to perform 518 HTTP transactions. The main IP is 2606:4700::6811:8936, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tvnotas.com.mx.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2021. Valid for: a year.

This is the only time www.tvnotas.com.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.18.144.3 104.18.144.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 108	2606:4700::68... 2606:4700::6811:8936	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	199.232.194.2 199.232.194.2	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	13.225.78.39 13.225.78.39	16509 (AMAZON-02) (AMAZON-02)
4 17	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
12	185.86.139.95 185.86.139.95	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
12	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
3	51.91.154.17 51.91.154.17	16276 (OVH) (OVH)
1	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
1	13.224.186.18 13.224.186.18	16509 (AMAZON-02) (AMAZON-02)
1	34.249.212.247 34.249.212.247	16509 (AMAZON-02) (AMAZON-02)
1	13.224.186.112 13.224.186.112	16509 (AMAZON-02) (AMAZON-02)
1	34.252.163.14 34.252.163.14	16509 (AMAZON-02) (AMAZON-02)
1	213.254.244.12 213.254.244.12	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 4	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	141.94.102.46 141.94.102.46	16276 (OVH) (OVH)
1	168.119.149.178 168.119.149.178	24940 (HETZNER-AS) (HETZNER-AS)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 45	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
64	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	44.194.225.67 44.194.225.67	14618 (AMAZON-AES) (AMAZON-AES)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	44.193.191.16 44.193.191.16	14618 (AMAZON-AES) (AMAZON-AES)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	34.254.8.42 34.254.8.42	16509 (AMAZON-02) (AMAZON-02)
2 2	18.157.150.79 18.157.150.79	16509 (AMAZON-02) (AMAZON-02)
3 3	35.205.207.25 35.205.207.25	15169 (GOOGLE) (GOOGLE)
10	2800:3f0:4001... 2800:3f0:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:11::9	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:6f::9	15169 (GOOGLE) (GOOGLE)
2 2	72.251.244.141 72.251.244.141	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	91.207.59.213 91.207.59.213	48061 (UMA-TECH-AS) (UMA-TECH-AS)
3	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.69.203.30 52.69.203.30	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3 3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	172.104.105.5 172.104.105.5	63949 (LINODE-AP...) (LINODE-AP Linode)
4 4	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	217.66.147.166 217.66.147.166	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
2 2	50.31.142.95 50.31.142.95	23352 (SERVERCEN...) (SERVERCENTRAL)
2	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:5c5f:6ed9:45fe:73d4	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
1 1	2600:9000:20e... 2600:9000:20eb:a600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
6	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1	35.187.117.15 35.187.117.15	15169 (GOOGLE) (GOOGLE)
2	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
4 4	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
2 2	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
2	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
6	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
3	13.225.78.5 13.225.78.5	16509 (AMAZON-02) (AMAZON-02)
6	54.75.239.54 54.75.239.54	16509 (AMAZON-02) (AMAZON-02)
518	66

2 104.18.144.3 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

tvnotas.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

108 2606:4700::6811:8936 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.tvnotas.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.2 (United States)

ASN54113 (FASTLY, US)

media.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.78.39 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Aalsmeer, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.91.154.17 (France)

ASN16276 (OVH, FR)
PTR: ns3158246.ip-51-91-154.eu

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-18.fra2.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.212.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-212-247.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-112.fra2.r.cloudfront.net

tag.researchnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.163.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-163-14.eu-west-1.compute.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.12 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.166 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.102.46 (France)

ASN16276 (OVH, FR)
PTR: ns31432935.ip-141-94-102.eu

services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.225.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-225-67.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.191.16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-191-16.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.8.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.150.79 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-150-79.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.205.207.25 (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2800:3f0:4001:81d::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:11::9 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

rr4---sn-4g5lznez.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:6f::9 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

rr4---sn-4g5ednsk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.141 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.207.59.213 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp8.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.69.203.30 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-203-30.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.105.5 (Tokyo, Japan) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1715-5.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.13 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.166 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-166-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.95 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:5c5f:6ed9:45fe:73d4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.197.47.23 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:a600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.187.117.15 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 15.117.187.35.bc.googleusercontent.com

neso.r.niwepa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.85.162 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.113.101.132 (Wetzlar, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-5.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.75.239.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
110	tvnotas.com.mx 3 redirects tvnotas.com.mx www.tvnotas.com.mx	2 MB
89	googlesyndication.com 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	2 MB
77	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	235 KB
42	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	767 KB
31	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	424 KB
25	google.com 4 redirects cse.google.com www.google.com adservice.google.com clients1.google.com mts0.google.com	220 KB
20	ampproject.org cdn.ampproject.org	407 KB
15	rubiconproject.com 3 redirects fastlane.rubiconproject.com pixel.rubiconproject.com	17 KB
14	smartadserver.com prg.smartadserver.com ssbsync.smartadserver.com	7 KB
13	taboola.com cdn.taboola.com trc.taboola.com pips.taboola.com cds.taboola.com	189 KB
9	webgains.io analytics.webgains.io api.webgains.io	154 KB
8	googletagservices.com www.googletagservices.com	296 KB
7	scorecardresearch.com 2 redirects sb.scorecardresearch.com	6 KB
7	crazyegg.com script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com	28 KB
6	webgains.com track.webgains.com	202 KB
6	googlevideo.com 3 redirects rr4---sn-4g5lznez.googlevideo.com rr4---sn-4g5ednsk.googlevideo.com	3 MB
6	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	11 KB
5	yahoo.com 5 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	3 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	o2online.de 2 redirects partner.o2online.de portal.o2online.de	4 KB
4	advertising.com 4 redirects pixel.advertising.com	2 KB
4	lijit.com 4 redirects ap.lijit.com	3 KB
4	adsrvr.org 2 redirects match.adsrvr.org	2 KB
4	sunmedia.tv static.sunmedia.tv services.sunmedia.tv track.sunmedia.tv	101 KB
3	mts.ru 3 redirects sm.rtb.mts.ru tech.rtb.mts.ru	2 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	1 KB
3	sonobi.com sync.go.sonobi.com	1 KB
3	2mdn.net s0.2mdn.net	811 B
3	avads.net 3 redirects ads.avads.net	957 B
3	google.de www.google.de adservice.google.de	1 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net	2 KB
2	telefonica-partner.de 2 redirects www.telefonica-partner.de	573 B
2	adcell.com t.adcell.com	957 B
2	3lift.com 2 redirects eb2.3lift.com	943 B
2	turn.com 1 redirects ad.turn.com r.turn.com	878 B
2	openx.net 2 redirects rtb.openx.net	761 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	rfihub.com 2 redirects a.rfihub.com	2 KB
2	appier.net 2 redirects a.c.appier.net	1 KB
2	sniperlog.ru 2 redirects sync3.sniperlog.ru	1 KB
2	adhigh.net 2 redirects px.adhigh.net	956 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	sharethrough.com 2 redirects match.sharethrough.com	625 B
2	tapad.com pandg.tapad.com pixel.tapad.com	1 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com	2 KB
2	e-planning.net 1 redirects ads.us.e-planning.net	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	niwepa.com neso.r.niwepa.com	462 B
1	congstar.de banner.congstar.de	517 B
1	awin1.com 1 redirects www.awin1.com	687 B
1	smaato.net 1 redirects s.ad.smaato.net	440 B
1	dyntrk.com c.eu1.dyntrk.com	215 B
1	travelaudience.com 1 redirects ads.travelaudience.com	522 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	480 B
1	simpli.fi 1 redirects um.simpli.fi	710 B
1	mathtag.com 1 redirects sync.mathtag.com	828 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	537 B
1	quantserve.com cms.quantserve.com	463 B
1	adingo.jp cc.adingo.jp	44 B
1	yieldmo.com ads.yieldmo.com	35 B
1	adkernel.com dsp.adkernel.com	233 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	728 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	583 B
1	fksnk.com 1 redirects fksnk.com	611 B
1	pghub.io pghub.io	4 KB
1	richaudience.com sync.richaudience.com	1 KB
1	doubleverify.com tps.doubleverify.com	367 B
1	flashtalking.com d9.flashtalking.com	597 B
1	researchnow.com tag.researchnow.com	442 B
1	adnxs.com ib.adnxs.com	10 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	giphy.com media.giphy.com	882 KB
1	googletagmanager.com www.googletagmanager.com	55 KB
0	netmng.com Failed google2waycm.netmng.com Failed
518	76

	Domain	Requested by
108	www.tvnotas.com.mx	1 redirects www.tvnotas.com.mx static.cloudflareinsights.com
64	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.tvnotas.com.mx cdn.ampproject.org 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com www.gstatic.com
45	cm.g.doubleclick.net	1 redirects 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
20	cdn.ampproject.org	securepubads.g.doubleclick.net
20	securepubads.g.doubleclick.net	www.tvnotas.com.mx securepubads.g.doubleclick.net 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com www.googletagservices.com
18	assets.ad4m.at	as.ad4m.at
17	www.google.com	4 redirects cse.google.com www.tvnotas.com.mx tpc.googlesyndication.com 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com www.googletagservices.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com as.ad4m.at ad4m.at
12	fastlane.rubiconproject.com	www.tvnotas.com.mx
12	prg.smartadserver.com	www.tvnotas.com.mx
11	www.gstatic.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com
10	csi.gstatic.com	www.gstatic.com
9	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
9	cdn.taboola.com	www.tvnotas.com.mx cdn.taboola.com
8	www.googletagservices.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
7	googleads.g.doubleclick.net	www.tvnotas.com.mx
7	sb.scorecardresearch.com	2 redirects www.tvnotas.com.mx cdn.taboola.com
6	api.webgains.io	analytics.webgains.io
6	track.webgains.com	as.ad4m.at track.webgains.com
5	fonts.googleapis.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
4	pixel.advertising.com	4 redirects
4	ap.lijit.com	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	rr4---sn-4g5ednsk.googlevideo.com	1 redirects 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
4	match.adsrvr.org	2 redirects 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
4	ad.doubleclick.net	3 redirects www.tvnotas.com.mx
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	analytics.webgains.io	track.webgains.com
3	static-de.ad4mat.net	as.ad4m.at
3	image6.pubmatic.com	3 redirects
3	sync.go.sonobi.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
3	pixel.rubiconproject.com	3 redirects
3	s0.2mdn.net	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
3	mts0.google.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
3	ads.avads.net	3 redirects
3	prod-rtb.ad4mat.net	www.tvnotas.com.mx
2	portal.o2online.de	as.ad4m.at
2	partner.o2online.de	2 redirects
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	t.adcell.com	as.ad4m.at
2	eb2.3lift.com	2 redirects
2	rtb.openx.net	2 redirects
2	ssbsync.smartadserver.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
2	b1sync.zemanta.com	2 redirects
2	a.rfihub.com	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	a.c.appier.net	2 redirects
2	sync3.sniperlog.ru	2 redirects
2	px.adhigh.net	2 redirects
2	tracking.m6r.eu	2 redirects
2	rr4---sn-4g5lznez.googlevideo.com	2 redirects
2	match.sharethrough.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	trc.taboola.com	cdn.taboola.com
2	static.sunmedia.tv	www.tvnotas.com.mx static.sunmedia.tv
2	ads.us.e-planning.net	1 redirects www.tvnotas.com.mx
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cse.google.com	www.tvnotas.com.mx www.google.com
2	tvnotas.com.mx	2 redirects
1	neso.r.niwepa.com	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	s.ad.smaato.net	1 redirects
1	c.eu1.dyntrk.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	pixel-sync.sitescout.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
1	cc.adingo.jp	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
1	ads.yieldmo.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
1	dsp.adkernel.com	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
1	sync.srv.stackadapt.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	fksnk.com	1 redirects
1	pixel.tapad.com	pandg.tapad.com
1	pandg.tapad.com	pghub.io
1	track.sunmedia.tv
1	pghub.io	www.tvnotas.com.mx
1	sync.richaudience.com	www.tvnotas.com.mx
1	services.sunmedia.tv	static.sunmedia.tv
1	tps.doubleverify.com	www.tvnotas.com.mx
1	d9.flashtalking.com	www.tvnotas.com.mx
1	tag.researchnow.com	www.tvnotas.com.mx
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	clients1.google.com	www.tvnotas.com.mx
1	ib.adnxs.com	www.tvnotas.com.mx
1	www.google.de	www.tvnotas.com.mx
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.cloudflareinsights.com	www.tvnotas.com.mx
1	media.giphy.com	www.tvnotas.com.mx
1	www.googletagmanager.com	www.tvnotas.com.mx
0	google2waycm.netmng.com Failed	82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
518	111

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
cklass.com
popup.taboola.com
servedby.flashtalking.com
trc.taboola.com
ad.doubleclick.net
cdn.hoergeraete.hoeren-heute.de
stars-and-stories.com
partners.etoro.com
bit.ly
tvnotas.pressreader.com
www.record.com.mx
www.pasala.com.mx
www.notmusa.com.mx

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-18` - `2022-07-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.giphy.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.sunmedia.tv Sectigo ECC Domain Validation Secure Server CA	`2021-01-13` - `2022-02-13`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
*.researchnow.com Amazon	`2020-12-13` - `2022-01-11`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2021-07-19` - `2022-08-20`	a year	crt.sh
*.doubleverify.com Network Solutions OV Server CA 2	`2019-11-05` - `2021-12-13`	2 years	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2021-02-09` - `2022-02-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
c.eu1.dyntrk.com R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
*.r.niwepa.com AlphaSSL CA - SHA256 - G2	`2021-03-15` - `2022-04-16`	a year	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2021-09-20` - `2022-09-20`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://www.tvnotas.com.mx/
Frame ID: 521B0B4F1F4D8504A88A18C46C1E533D
Requests: 198 HTTP requests in this frame

Frame: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A979E9045109EF3C900CC8B5FC0A610
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: A8AEE02BF5AF2099FDF2084ECEC6BDAF
Requests: 2 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Fwww.tvnotas.com.mx%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22News%22%7D
Frame ID: A70EE32C13CA6A5A6A2667DDC5AB12A8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 330916442B21A287C38FCA4865519F0E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DAB597E14AB948A61C4BF361A993B517
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 988441D513307926512DA9EFE962042B
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 02A7AFC6BB7D9334BBFA0912EDCDE8AB
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 3EF898C7058D9989197D434BBBDB7ECB
Requests: 15 HTTP requests in this frame

Frame: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 02142249DE2AA9DAD5BBD749F6393F0C
Requests: 33 HTTP requests in this frame

Frame: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AA7851DC2CE5660C3C367D0111418332
Requests: 24 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: CB10CA84D312BCFE6F03FE08CD34B68E
Requests: 15 HTTP requests in this frame

Frame: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 35F2B1E7E16B7C1007FB75477FF24D8C
Requests: 23 HTTP requests in this frame

Frame: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 78AFD09F13452042F18FA91246B2B1AC
Requests: 13 HTTP requests in this frame

Frame: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E18CB539970265E403D3995CAA40B55
Requests: 14 HTTP requests in this frame

Frame: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 388DCECCACB80BE20069ECEFADE462E4
Requests: 9 HTTP requests in this frame

Frame: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C8ACD75A5BCE3352FCB5715814A73C2E
Requests: 9 HTTP requests in this frame

Frame: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FED025ED2EB308602598C4EFC355B002
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jy0ty8kk9tmpy98609t1gkzphna2rehs9gh3xbe104a9e58xqj7swj45h7n63tq2bc333pf7y66e8dgdx9e4exn48qqkb6s5zpyqm5dvq3rrktkdmq7sa160r30kravq65cgrp2snweqpbyj057bwkcf5vrb0mt2ygvea57sgerwbwrqn32yn11c6syvxmybzwftm6b5vvwjxn3tep3x0zhzj8s7ga2ftr4zbnytq2e4y1wbnjmc2bf78w73kyhkrtz0a3nt4zqh1ypp4cf1q2ent2damkvp71p2wrq1k7rgtn5fhxqnawbp31vbpsnyc6a4856c9mg1m4yk2de7mcjmng0hn49ka802s5kn2p8m4mqgwk78zx1qj2ht4qrk2zdh634559hzmgt5w149a8ywhk94zkdx8pz71jf3q6w29g1dhrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%26client%3Dca-pub-2626566186821602%26adurl%3D
Frame ID: 36AFB21706D90A6543432F978E481A03
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2DA1D95002A7F1C09F19C89A68BF3C41
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kgrbtrdk80tybhns6d2py3kq5ap9s3q2fse4h08qvn9tcbd60zz4766xvphjq04a5thbkvz718ae2qb6brzm0vpb3rhyykqz6b5cayw7ev2yq80y9x5r4a9bnp8n7s9wwfhap4ak85f3s81ee16xw6ysfwp96165pebtfrnpfv0yz4rpvywxpqay2kv2rxcdhwk78frkxy83wtxzc7xvqzshavvv4rg2pbtzmqmysmh0tht0jc65ct6k2281v3dddb6qdbrk7as50xf60g8eh2xnsf9wxzwe88pabnyenz84en1t97rbj108bs6zecf6pkn5gbng8x47cs8wjw7bnzpj5rnwjm34t6g788rm5qbz5h16x8bfbjvvv8ajk8vbs8h87jtmt2mcv5an3a30g2hqjqyqt53xcqss9m6aec7grxa5fdke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%26client%3Dca-pub-2626566186821602%26adurl%3D
Frame ID: 8EA02D8556F62DAECE101EE1438705E8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 912909FCB9133622639E528C06F827F1
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ghkfn2d4m38d8ve62pqfk22ek3wd0tcaw3qved8jrbxgwq65kmz46zk1vv4cypmnq70y4xpvdvjd66a03s2dp4w3rej9g4q1pkds6sdj8pfywwqwkbaq0eeva0hjdge35kf10ct3das3px6eyk62md0pqkm8391eds0mns036cdgss42py7ch50gsgn9r14kb5eab085tdwgyyzab0jvtnq6atvq74bdzvepgf64wwbbv3hdx9ec2j8dywb32550qbf5rqvfj480x547wkftsmvywj0jwj695p34e678k7v63pee30gx39g79d3pj0cp4p6q0dnb27fzxd7v7ndswp9rd1hvf591azvpq8xjc5q2092221vz1ygj073sr61bkgk18ppf33a2rba2r4xzq29vfxwb9f6wpt24z64cct8pkzyteng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%26client%3Dca-pub-2626566186821602%26adurl%3D
Frame ID: 07665A3A02F4F6D27FC2D6FE7CAA8FD2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6628B8F382A6B08173568D51FF29DA7B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5B7E0A2825529AC3D4006F95B2B4B80F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B890DF66A60B6F5A9AFE122C212736A8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8FDE18385381EF0499A59BF6344D7B2F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC58311236444B84954501723515F1BE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6FE29FF67ABB74C9A761F27682E49179
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DCE76CAECCB173EC50FA90425BA6B8E6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 10FE0769A060DD9412C9B45CAF1CC72D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C5B46DFF71457779264CFD827B39170F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Frame ID: 53C2FC0A51FFA68B7D14FF2BC0E71277
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Frame ID: 67AF1DDF899CD953A0F6A35ACC740F58
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Frame ID: 957AA8345A14DDEEE146CA1CEA2110F7
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TVNotas ¡Irresistible!buscar

Page URL History Show full URLs

http://tvnotas.com.mx/ HTTP 301
https://tvnotas.com.mx/ HTTP 301
http://www.tvnotas.com.mx/ HTTP 301
https://www.tvnotas.com.mx/ Page URL

Page Statistics

518
Requests

89 %
HTTPS

34 %
IPv6

76
Domains

111
Subdomains

66
IPs

11
Countries

11364 kB
Transfer

20835 kB
Size

80
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com//RevistaTVNotas
Title: Ir a Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TVNotasmx
Title: Ir a Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/RevistaTVNotas
Title: Ir a YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/revistatvnotas/
Title: Ir a Instagram

Search URL Search Domain Scan URL

URL: https://cklass.com/catalogos/?utm_source=VisualizaCatalogosOI21&utm_medium=Cklass&utm_campaign=TvNotas&utm_id=TvNotas&utm_term=VisualizaCatalogosOI21&utm_content=TvNotas

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/es/?template=colorbox&utm_source=notmusa-tvnotas&utm_medium=referral&utm_content=thumbnails-a:Below%20Article%20Thumbnails%20Home:
Title: por Taboola

Search URL Search Domain Scan URL

URL: https://servedby.flashtalking.com/click/8/163698;5942472;50126;211;0/?ft_width=1&ft_height=1&gdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT_78%7D&us_privacy=$%7BUS_PRIVACY%7D&url=31929700&tblci=GiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiDdxlUo77Hf6fzd77Mt#tblciGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiDdxlUo77Hf6fzd77Mt
Title: Adobe Sign

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/notmusa-tvnotas/log/3/click?pi=%2F&ri=4422b17622f4a8d6424508063d6617fc&sd=v2_051d10159277f89a9f40ad06eb41d656_67950498-1729-42c4-b9f4-c553a2000364-tuct883b500_1636446080_1636446080_CIi3jgYQ_I9EGJabpp7QLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGjtxY_Nk8uW5EJwAA&ui=67950498-1729-42c4-b9f4-c553a2000364-tuct883b500&it=text&ii=~~V1~~1671352577607451440~~Mchtvm-evC_T3ItRhCbmE0BxgZ3uTS5tigXmuNkuvGRFiu7t5aMeQv_OvQ_xsFedK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAqrQC3QmDUwPs-tYHvFZpBJAEsMl7twtt9t6raCgfO24zAg2UZwCRiFZZloALrDg28TVw3uH6lOm65JGJiuXmsH3tCu8EPBJMg6qTZmU9SnQIHRbFOCv1N3lpTOn4-Xi-b-hhcFP2bbkYMaKo5Hh64nqda9iqgyJhgHDzjlyNcrI6zhr_uog6GC70OqLAd6RE&pt=home&li=rbox-h2m&sig=f89a387071d28729867b8fcc8f532a3ad7d8a82eb34f&redir=https%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F8%2F163698%3B5942472%3B50126%3B211%3B0%2F%3Fft_width%3D1%26ft_height%3D1%26gdpr%3D%24%257BGDPR%257D%26gdpr_consent%3D%24%257BGDPR_CONSENT_78%257D%26us_privacy%3D%24%257BUS_PRIVACY%257D%26url%3D31929700%26tblci%3DGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiDdxlUo77Hf6fzd77Mt%23tblciGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiDdxlUo77Hf6fzd77Mt&vi=1636446080406&p=wavemakeruk-adobe-sign-sc&r=95&lti=deflated&ppb=CEk&cpb=EhIyMDIxMTEwOC0zLVJFTEVBU0UYx-aowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIJd2F0ZXI0MjQ4OICMz8cIQJvjCUiEihBQ8KzZA1ij7BBjCNcWENUfGCNkYwjc__________8BENz__________wEYJGRjCNwKEPsaGBZkYwjSAxDgBhgIZGMIlhQQmxwYGGRjCPsZEJwmGAlkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9keAGAAQKIAfSTl8QB&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N280805.4306944BRITA_DE_TABOOLA/B26527206.316784214;dc_trk_aid=509586315;dc_trk_cid=157578517;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?tblci=GiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiD-nkso1_eDr4LQ84_1AQ#tblciGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiD-nkso1_eDr4LQ84_1AQ
Title: Marella Spar-Set

Search URL Search Domain Scan URL

URL: https://cdn.hoergeraete.hoeren-heute.de/founders_horizon/?aud_h=6fmkTxnK4jAihon14PXPH8&utm_content=3041621981&utm_publisher_ID=notmusa-tvnotas&mkt_tool_id=96d3da&utm_term=96d3da&act=ACT0000034136ACT&utm_source=taboola&utm_medium=display&utm_campaign=de_de_hoe_display_taboola_founders_horizon_acq_desktop_cw26_audibene-de2-sc_ACT0000034136ACT&utm_creative_ID=3041621981&aud_adcopy=Wiesbaden%3A+Dieses+neue+H%C3%B6rger%C3%A4t+verkauft+sonst+keiner%21&tbclid=GiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiDrvUIouObVm_68mq20AQ&utm_content=3041621981&utm_publisher_ID=notmusa-tvnotas&mkt_tool_id={{AD_ID}}&utm_term={{AD_ID}}#tblciGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiDrvUIouObVm_68mq20AQ
Title: Hören heute

Search URL Search Domain Scan URL

URL: https://stars-and-stories.com/fast-immer-ausverkauft?utm_source=taboola&utm_medium=referral&tblci=GiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiDwoVYou8b_pJnx7tDfAQ#tblciGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiDwoVYou8b_pJnx7tDfAQ
Title: Stars & Stories

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/notmusa-tvnotas/log/3/click?pi=%2F&ri=4422b17622f4a8d6424508063d6617fc&sd=v2_051d10159277f89a9f40ad06eb41d656_67950498-1729-42c4-b9f4-c553a2000364-tuct883b500_1636446080_1636446080_CIi3jgYQ_I9EGJabpp7QLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGjtxY_Nk8uW5EJwAA&ui=67950498-1729-42c4-b9f4-c553a2000364-tuct883b500&it=text&ii=~~V1~~8891612458069759430~~Pl8QDu640gtuCiMlxhKQMDfBBfteK4VfcU-13MJ5fWsndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQFu0j783Q_EE-KSm6Xrl4i6oXnmNlLVSt5mwbFcOS6cRX0x5FRcVAObd7yweDUXbHFjh_a66zSY8_y20wTH2--C1_9IcMNUcW0jKRZqK4Au6FNmZ8eZuZGvXujkB34m5PImUt5dQdKHDSD-IROEG5rKQ&pt=home&li=rbox-h2m&sig=1a34654b5b8824eafcc0409dfc2b41044d9c16e9a078&redir=https%3A%2F%2Fstars-and-stories.com%2Ffast-immer-ausverkauft%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiDwoVYou8b_pJnx7tDfAQ%23tblciGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiDwoVYou8b_pJnx7tDfAQ&vi=1636446080406&p=pacifichealthcareag-skinproject-sc&r=93&lti=deflated&ppb=CEk&cpb=EhIyMDIxMTEwOC0zLVJFTEVBU0UYx-aowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIJd2F0ZXI0MjQ4OICMz8cIQJvjCUiEihBQ8KzZA1ij7BBjCNcWENUfGCNkYwjc__________8BENz__________wEYJGRjCNwKEPsaGBZkYwjSAxDgBhgIZGMIlhQQmxwYGGRjCPsZEJwmGAlkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9keAGAAQKIAfSTl8QB&cta=true
Title: Weiterlesen

Search URL Search Domain Scan URL

URL: https://partners.etoro.com/aw.aspx?A=45729&Task=Click&SubAffiliateID=DE_HF_Desk_LP_Stocks_Netflix_05-08-21_Taboola_AFFID_45729&TargetURL=https://go.etoro.com/de/dynamic?symbol=nflx&utm_source=taboola&utm_medium=referral&tblci=GiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiCY_EgolsKI27_IiLrsAQ#tblciGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiCY_EgolsKI27_IiLrsAQ
Title: eToro

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/notmusa-tvnotas/log/3/click?pi=%2F&ri=4422b17622f4a8d6424508063d6617fc&sd=v2_051d10159277f89a9f40ad06eb41d656_67950498-1729-42c4-b9f4-c553a2000364-tuct883b500_1636446080_1636446080_CIi3jgYQ_I9EGJabpp7QLyABKAEwODib4wlAhIoQSPCs2QNQo-wQWABgAGjtxY_Nk8uW5EJwAA&ui=67950498-1729-42c4-b9f4-c553a2000364-tuct883b500&it=text&ii=~~V1~~-2062944265709400301~~0LCfxxEvs7JwGd1AeN9bYlsaWRTK8qetUapPLRVCeGXTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1l4BhVWu1Dsh65N_xRLXJJdCVePkSDvpXJ2CTyivM3XECBUvKq_n-d7w24kEDDMrNux_dK_AvuTh3eoenN-opN-feOneRcLvI4vRPKJ09QHXVyGo20ylIul5P8evoLMaTuRDI_8cES6gwefn34TqohiM2s-TiK-N3Kepb6prSWbVWUATlRQebU6RgLGD3Ot_2D&pt=home&li=rbox-h2m&sig=b6cfdb7414b254f98043a803311ff5c803b9df190791&redir=https%3A%2F%2Fpartners.etoro.com%2Faw.aspx%3FA%3D45729%26Task%3DClick%26SubAffiliateID%3DDE_HF_Desk_LP_Stocks_Netflix_05-08-21_Taboola_AFFID_45729%26TargetURL%3Dhttps%3A%2F%2Fgo.etoro.com%2Fde%2Fdynamic%3Fsymbol%3Dnflx%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiCY_EgolsKI27_IiLrsAQ%23tblciGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiCY_EgolsKI27_IiLrsAQ&vi=1636446080406&p=etoronew-sc&r=16&lti=deflated&ppb=CEk&cpb=EhIyMDIxMTEwOC0zLVJFTEVBU0UYx-aowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIJd2F0ZXI0MjQ4OICMz8cIQJvjCUiEihBQ8KzZA1ij7BBjCNcWENUfGCNkYwjc__________8BENz__________wEYJGRjCNwKEPsaGBZkYwjSAxDgBhgIZGMIlhQQmxwYGGRjCPsZEJwmGAlkYwj1__________8BEPX__________wEYC2RjCPQUEJ4dGB9keAGAAQKIAfSTl8QB&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://servedby.flashtalking.com/click/2/162258;6040638;369307;212;0/?ft_width=1&ft_height=1&gdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT_78%7D&url=32227154&utm_source=taboola&utm_medium=referral&tblci=GiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiC-3kgonq3z9rb2hoJT#tblciGiDfL-WWq8UL3Hj7NjQwxnw2dBgK_RLvrNLBXnMow4S4tiC-3kgonq3z9rb2hoJT
Title: HUK-COBURG

Search URL Search Domain Scan URL

URL: https://bit.ly/SetSerums

Search URL Search Domain Scan URL

URL: https://tvnotas.pressreader.com/tvnotas
Title: HAZ CLICK AQUÍ

Search URL Search Domain Scan URL

URL: https://www.record.com.mx/
Title: RÉCORD

Search URL Search Domain Scan URL

URL: https://www.record.com.mx/futbol-futbol-internacional-internacionales/manchester-united-cristiano-ronaldo-y-otros-jugadores-no
Title: - Manchester United: Cristiano Ronaldo y otros...

Search URL Search Domain Scan URL

URL: https://www.record.com.mx/futbol-futbol-internacional-internacionales/premier-league-incremento-en-mil-millones-de-euros-sus
Title: - Premier League: Incrementó en mil millones de...

Search URL Search Domain Scan URL

URL: https://www.record.com.mx/futbol-liga-mx-atlas-chivas/chivas-y-atlas-equipos-tapatios-podran-tener-hasta-90-por-ciento-de
Title: - Chivas y Atlas: Equipos tapatíos podrán tener...

Search URL Search Domain Scan URL

URL: https://www.pasala.com.mx/
Title: Pásala

Search URL Search Domain Scan URL

URL: https://www.pasala.com.mx/noticias/ciudad/vacunacion-en-cdmx-sera-permanente-segun-sheinbaum?utm_source=footer&utm_medium=link&utm_campaign=TvNotas
Title: - Vacunación en CDMX será permanente, según...

Search URL Search Domain Scan URL

URL: https://www.pasala.com.mx/famosos/vanda-nos-revela-que-le-entro-muy-duro-la-depresion?utm_source=footer&utm_medium=link&utm_campaign=TvNotas
Title: - Vanda nos revela que le entró muy duro la...

Search URL Search Domain Scan URL

URL: https://www.pasala.com.mx/futbol/nacional/asi-se-jugara-el-repechaje-en-la-liga-mx-con-tres-grandes-dentro?utm_source=footer&utm_medium=link&utm_campaign=TvNotas
Title: - Así se jugará el Repechaje en la Liga MX, con...

Search URL Search Domain Scan URL

URL: https://www.notmusa.com.mx/tvnotas
Title: Media Kit

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tvnotas.com.mx/ HTTP 301
https://tvnotas.com.mx/ HTTP 301
http://www.tvnotas.com.mx/ HTTP 301
https://www.tvnotas.com.mx/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://sb.scorecardresearch.com/b?c1=2&c2=7914328&ns__t=1636446079638&ns_c=UTF-8&c8=TVNotas%20%C2%A1Irresistible!&c7=https%3A%2F%2Fwww.tvnotas.com.mx%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=7914328&ns__t=1636446079638&ns_c=UTF-8&c8=TVNotas%20%C2%A1Irresistible!&c7=https%3A%2F%2Fwww.tvnotas.com.mx%2F&c9=

Request Chain 105

https://ads.us.e-planning.net/pbjs/1/1a969/1/www.tvnotas.com.mx/ROS?rnd=0.6500212635092641&e=728x90_0%3A728x90%2C970x250%2C970x90%2B160x600_0%3A160x600%2B160x600_1%3A160x600%2B300x250_0%3A300x250%2B300x250_1%3A300x250%2B300x250_2%3A300x250%2C728x90%2C970x250%2C970x90%2B300x250_3%3A300x250%2B300x250_4%3A300x250%2C728x90%2C970x90%2B300x250_5%3A300x250%2C728x90%2C970x90%2B300x250_6%3A300x250%2C728x90%2C970x90%2B300x250_7%3A300x250%2C728x90%2B300x250_8%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.tvnotas.com.mx%2F&pbv=5.10.0&ncb=1&vs=FFFFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.tvnotas.com.mx%2F HTTP 302
https://ads.us.e-planning.net/hb/1/1a969/1/www.tvnotas.com.mx/ROS?ct=1&r=pbjs&rnd=0.6500212635092641&e=728x90_0%3A728x90%2C970x250%2C970x90%2B160x600_0%3A160x600%2B160x600_1%3A160x600%2B300x250_0%3A300x250%2B300x250_1%3A300x250%2B300x250_2%3A300x250%2C728x90%2C970x250%2C970x90%2B300x250_3%3A300x250%2B300x250_4%3A300x250%2C728x90%2C970x90%2B300x250_5%3A300x250%2C728x90%2C970x90%2B300x250_6%3A300x250%2C728x90%2C970x90%2B300x250_7%3A300x250%2C728x90%2B300x250_8%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.tvnotas.com.mx%2F&pbv=5.10.0&ncb=1&vs=FFFFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.tvnotas.com.mx%2F

Request Chain 180

https://ad.doubleclick.net/ddm/trackimp/N280805.4306944BRITA_DE_TABOOLA/B26527206.316784214;dc_trk_aid=509586315;dc_trk_cid=157578517;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=tvnotas.com.mx HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N280805.4306944BRITA_DE_TABOOLA/B26527206.316784214;dc_pre=CJjW79rsivQCFTnFEQgdSO4NyA;dc_trk_aid=509586315;dc_trk_cid=157578517;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=tvnotas.com.mx

Request Chain 187

https://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent} HTTP 302
https://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent}&__user_check__=1&sync_id=0543bc89-4136-11ec-97fe-1fd522ee0306 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=1&gdpr_consent=${gdpr_consent}

Request Chain 188

https://sb.scorecardresearch.com/c2/7914328/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/7914328/cs.js

Request Chain 194

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c0cc217e-7cac-4922-9890-9d9a717be822&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c0cc217e-7cac-4922-9890-9d9a717be822&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f47c1eae-3417-4452-abb3-7c4af8cd03da&ttd_puid=c0cc217e-7cac-4922-9890-9d9a717be822

Request Chain 246

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 249

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 251

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 252

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 343

https://fksnk.com/cs/google?google_gid=CAESEFbUPvo7jJnpNnNmNiwwrzI&google_cver=1&google_push=AYg5qPKc60VKbUfRxN4PVAX1LrZ7EScV5rnoLRK1LtLGhTsEbvwoNP-3bRpaKejPmbGbE4fj5weuzbmSrv45xpnMp1SYvWwLgNw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjgzMDA2Nzc1MjU0NDgwQw==

Request Chain 344

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG7gyDlBY4mgz9zkBhsqDbY&google_cver=1&google_push=AYg5qPIMkQrK-RxeFuq2Cvczd6LtdbVVgz8YBuVdBa18OCnXSIVCFnoVEjIdi56kKSyqTiGc9ecPI6aNOt3VS49du-m4eqllXbc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODQ4MjQwMzg2NTcyMDk4Nw%3D%3D&google_push=AYg5qPIMkQrK-RxeFuq2Cvczd6LtdbVVgz8YBuVdBa18OCnXSIVCFnoVEjIdi56kKSyqTiGc9ecPI6aNOt3VS49du-m4eqllXbc

Request Chain 345

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJWrFR_ReU0Ds1YzieMEYUs&google_cver=1&google_push=AYg5qPLNntg2Lotk5LfWsnxJD16RFw84SzV0pH2CKsrjDcT2TjI7iJ4NhhQZ3mWvLR6CptSM9WhqlblRwpsr9qtj46y8J-c9JnM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=hh30nDBLSE9L03VQRnuUd4jzxlA&google_push=AYg5qPLNntg2Lotk5LfWsnxJD16RFw84SzV0pH2CKsrjDcT2TjI7iJ4NhhQZ3mWvLR6CptSM9WhqlblRwpsr9qtj46y8J-c9JnM

Request Chain 348

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELHCj1PJv7W6srjYlqU90w4&google_cver=1&google_push=AYg5qPLRXPAuBU_gmNi0EDrcUEQ9aUCgzWPGEdR8dAgRwxGixZX02KqMXOB2nQp2p6q58ySKLuhYSeBC1kp2RjzqX3o-u-EWmI2C HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDcwMDNiMTUtODRhOS00NGVmLWJmYzUtZjcxNTI0MzcwYTRi&google_push=AYg5qPLRXPAuBU_gmNi0EDrcUEQ9aUCgzWPGEdR8dAgRwxGixZX02KqMXOB2nQp2p6q58ySKLuhYSeBC1kp2RjzqX3o-u-EWmI2C

Request Chain 349

https://ads.avads.net/sync/ggl?google_gid=CAESEKM1p8PL6xWL-5V_cAWuMSk&google_cver=1&google_push=AYg5qPISRm-z-NsmhWRTeUtKbE-hN67VHWTz79BEg03Z-ZOmQYE3lSIPXQdJfcw9CXCtGtYpWg2OzqyoAcjJxjoyXF6UWIuRQV4 HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESEKM1p8PL6xWL-5V_cAWuMSk&google_cver=1&google_push=AYg5qPISRm-z-NsmhWRTeUtKbE-hN67VHWTz79BEg03Z-ZOmQYE3lSIPXQdJfcw9CXCtGtYpWg2OzqyoAcjJxjoyXF6UWIuRQV4&av_tc=True HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESEKM1p8PL6xWL-5V_cAWuMSk&google_cver=1&google_push=AYg5qPISRm-z-NsmhWRTeUtKbE-hN67VHWTz79BEg03Z-ZOmQYE3lSIPXQdJfcw9CXCtGtYpWg2OzqyoAcjJxjoyXF6UWIuRQV4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OGZmZTJjODEtMWMzYi00Y2Q1LWFiZjAtNDNhMWQ1ZmE1M2Zh&google_push=AYg5qPISRm-z-NsmhWRTeUtKbE-hN67VHWTz79BEg03Z-ZOmQYE3lSIPXQdJfcw9CXCtGtYpWg2OzqyoAcjJxjoyXF6UWIuRQV4

Request Chain 375

https://rr4---sn-4g5lznez.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYZOGEt3n1gKr9L9g&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&mh=zq&mm=31&mn=sn-4g5lznez&ms=au&mv=m&mvi=4&pl=22&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&mt=1636445831&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgXm3l9MWM_PvOtp3QjhgzDSlr5VSghC2QsoInIxl8QMwCIEBwav2usk1mqXRED5iTjDsnZ3Ghuvt38Tl0mS9z6H78&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgU7LNAtWxMgpzvC_jUxMHFYqQeMHz0qqZJ_JZS7VJCXACIBQcsZJmaHVLBMdtfINN47Pveb7irAikYaokcbUqr4QE&cpn=hEmXBUzr3C_noBS_ HTTP 302
https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYZOGEt3n1gKr9L9g&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgXm3l9MWM_PvOtp3QjhgzDSlr5VSghC2QsoInIxl8QMwCIEBwav2usk1mqXRED5iTjDsnZ3Ghuvt38Tl0mS9z6H78&cpn=hEmXBUzr3C_noBS_&redirect_counter=1&rm=sn-4g5ek77z&fexp=24052761&req_id=834758f7303736e2&cms_redirect=yes&ipbypass=yes&mh=zq&mip=2a01:4f8:212:78e:2a::1&mm=31&mn=sn-4g5ednsk&ms=au&mt=1636445312&mv=u&mvi=4&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIganTq1RvuHJFNGQo2yLYrlgg8ZGummPj_k3YjJqyNJWoCIQCpK4Hsmxx-xVJq1P16nOs7ja5g00MaC9q_3ARjYBtBRA%3D%3D

Request Chain 380

https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYd-PEofR1wKh3ZKYAQ&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&mh=zq&mm=31&mn=sn-4g5ednsk&ms=au&mv=m&mvi=4&pl=22&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&mt=1636445831&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAPvXrRf-UYec_WefG0mztvwgYnnMVCLyFstHgKNFf5iLAiEA53cr2BhEGTLWXvsN8UE14o6bkAK70IoTSXiVvrzQ47A=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgF-L5LAw4NU3fHtx3QpDOiL9cZ_Dm0McOGLMHc2vUixsCIQD-jjpaMlj7clJnGAwWFyUgHp2bKmMh56g9hvR7VZuqmg==&cpn=r8ysrdXHRlx0YpNd HTTP 302
https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYd-PEofR1wKh3ZKYAQ&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAPvXrRf-UYec_WefG0mztvwgYnnMVCLyFstHgKNFf5iLAiEA53cr2BhEGTLWXvsN8UE14o6bkAK70IoTSXiVvrzQ47A=&cpn=r8ysrdXHRlx0YpNd&redirect_counter=1&rm=sn-4g5e6y7z&req_id=17b99f5c121d36e2&cms_redirect=yes&ipbypass=yes&mh=zq&mip=2a01:4f8:212:78e:2a::1&mm=31&mn=sn-4g5ednsk&ms=au&mt=1636445312&mv=u&mvi=4&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMR5Oi6VtQiLJxSuWUEC_lN6eaivhSfHEJLsJGu11K09AiEAl6GbvTdDF2gKhRaAUne6zP1VRreqCgWMUDWuaQ6_APM%3D

Request Chain 384

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESELse1Z5oQ40FN7J-ZcwuKYI&google_cver=1&google_push=AYg5qPIpGB47scEp27EwU8skE813emYokoSuzYhmlKeoQ3Cu7YwyKDsQt5t3JcNHeWsZQ9jGlRwvrbp9ohCxCpUVHagFuvpQ-Xw HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESELse1Z5oQ40FN7J-ZcwuKYI&google_cver=1&google_push=AYg5qPIpGB47scEp27EwU8skE813emYokoSuzYhmlKeoQ3Cu7YwyKDsQt5t3JcNHeWsZQ9jGlRwvrbp9ohCxCpUVHagFuvpQ-Xw&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=qQR9XO_nhus1fmYZZuiq7w&google_push=AYg5qPIpGB47scEp27EwU8skE813emYokoSuzYhmlKeoQ3Cu7YwyKDsQt5t3JcNHeWsZQ9jGlRwvrbp9ohCxCpUVHagFuvpQ-Xw

Request Chain 385

https://px.adhigh.net/p/gm/rub?google_gid=CAESENwLOX7VKIhwFYlPzPhBOwg&google_cver=1&google_push=AYg5qPI-Q_qF3m_0r4NaVHYZQNt1zrs0qhSd54f40T-2Nmbqf4e1evLL6rrVjpLF3q_g13XoaCbQlboCP2CoBR-K-LvqKKQ5mQ HTTP 302
https://px.adhigh.net/p/gm/rub?google_gid=CAESENwLOX7VKIhwFYlPzPhBOwg&google_cver=1&google_push=AYg5qPI-Q_qF3m_0r4NaVHYZQNt1zrs0qhSd54f40T-2Nmbqf4e1evLL6rrVjpLF3q_g13XoaCbQlboCP2CoBR-K-LvqKKQ5mQ&bounced=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPI-Q_qF3m_0r4NaVHYZQNt1zrs0qhSd54f40T-2Nmbqf4e1evLL6rrVjpLF3q_g13XoaCbQlboCP2CoBR-K-LvqKKQ5mQ&google_hm=4T14YQ4iFokAAikABlF9A8mXBw%3D%3D

Request Chain 387

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAkvrik1DcfY5FXFc1gVdE8&google_cver=1&google_push=AYg5qPKUHOAI-rs0aCf5w6X6Nf9ChiFcHuGU-KdvYlNAJWpLdamMMddvYixbF61iHPqOCCZW-rXNfNKI3dRVdIM2g5q01fA56w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPKUHOAI-rs0aCf5w6X6Nf9ChiFcHuGU-KdvYlNAJWpLdamMMddvYixbF61iHPqOCCZW-rXNfNKI3dRVdIM2g5q01fA56w

Request Chain 390

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELHCj1PJv7W6srjYlqU90w4&google_cver=1&google_push=AYg5qPIrPVvu7AFZir_UqEDRP8I04EIoWD1r66tBj6uQgZATlpD8gveYnrsRWw_ghOxnbdmKk0Nl--65VUz8uyWllF09EdSBZ0nJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDcwMDNiMTUtODRhOS00NGVmLWJmYzUtZjcxNTI0MzcwYTRi&google_push=AYg5qPIrPVvu7AFZir_UqEDRP8I04EIoWD1r66tBj6uQgZATlpD8gveYnrsRWw_ghOxnbdmKk0Nl--65VUz8uyWllF09EdSBZ0nJ

Request Chain 392

https://rr4---sn-4g5lznez.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYfWjEuKyx_APzf-tCA&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&mh=zq&mm=31&mn=sn-4g5lznez&ms=au&mv=m&mvi=4&pl=22&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&mt=1636445585&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgYCo8gzjKYfKldjzmoqqrn_tkrZjtFYv0fJ9MZFf3UiMCIEXMudC9skt6MlpGIp-VWspCUf1avh7s1itL03vmjTB0&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgHNjH_weBCC5zC_Bc_veW7fr9eJAUu-0samd3JQoyff4CIDXR2YFlSBODXbOyb1qb1vnaU_6J19SFIzvIekdvb3ow&cpn=-untHMvhU-Q_RBTo HTTP 302
https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYfWjEuKyx_APzf-tCA&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgYCo8gzjKYfKldjzmoqqrn_tkrZjtFYv0fJ9MZFf3UiMCIEXMudC9skt6MlpGIp-VWspCUf1avh7s1itL03vmjTB0&cpn=-untHMvhU-Q_RBTo&redirect_counter=1&rm=sn-4g5ek77z&req_id=34342d8b553f36e2&cms_redirect=yes&ipbypass=yes&mh=zq&mip=2a01:4f8:212:78e:2a::1&mm=31&mn=sn-4g5ednsk&ms=au&mt=1636445312&mv=u&mvi=4&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPTnicsDKTC6FTtJ-inrD5V1q1PWVsSp-lciHI6IfheEAiEAut4HJ5Wtdyu7puDELwtgfrZxnLlki8DT1e6ayz8kREI%3D

Request Chain 396

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELvhPI3q5AZQaJvBaPtYTU8&google_cver=1&google_push=AYg5qPLWS7DbBuqvll5DtdWqD1H55VqD1geI3V1gWEJGqGbmUQQdCVapIk_DPOJ8aNgzKnTTN1sVwnifva1bk2imkBzbWMNA9jKZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELvhPI3q5AZQaJvBaPtYTU8&google_push=AYg5qPLWS7DbBuqvll5DtdWqD1H55VqD1geI3V1gWEJGqGbmUQQdCVapIk_DPOJ8aNgzKnTTN1sVwnifva1bk2imkBzbWMNA9jKZ

Request Chain 398

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEEu2idTvsNfV3KEsIPEn2uE&google_cver=1&google_push=AYg5qPJX-AQT_BCtOfhWtPTS2n1bhpXGQSFs9qSCYSQzQUVTVbTEnoavryXlGRJroEfYOvr5BqeH0Ci8d57n1i9OhK3LfTR4rlFT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPJX-AQT_BCtOfhWtPTS2n1bhpXGQSFs9qSCYSQzQUVTVbTEnoavryXlGRJroEfYOvr5BqeH0Ci8d57n1i9OhK3LfTR4rlFT

Request Chain 399

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIaidOEov8A5QneC4O_F7j8&google_cver=1&google_push=AYg5qPLG_6VVP5tAnzq1ZRKUzk6D9aPVN0EJwmjkuDjKcW_VErHJNOXzvdWz_pygqOCx9xee-5IkUTFPNpAukOCJmGXn2MElLBU HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIaidOEov8A5QneC4O_F7j8&google_cver=1&google_push=AYg5qPLG_6VVP5tAnzq1ZRKUzk6D9aPVN0EJwmjkuDjKcW_VErHJNOXzvdWz_pygqOCx9xee-5IkUTFPNpAukOCJmGXn2MElLBU&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=omt1Wah8QzWvvxuJ73XAlQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLG_6VVP5tAnzq1ZRKUzk6D9aPVN0EJwmjkuDjKcW_VErHJNOXzvdWz_pygqOCx9xee-5IkUTFPNpAukOCJmGXn2MElLBU

Request Chain 400

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAkvrik1DcfY5FXFc1gVdE8&google_cver=1&google_push=AYg5qPLesFzuB3qOFhcmWzbMOVIxjxEwWl39MS2b_xmSW9VmsCs-QVfQOm9dctqyC7A4OX1BJWya3fNGYehqQ_B_JV13mKeF4Do HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPLesFzuB3qOFhcmWzbMOVIxjxEwWl39MS2b_xmSW9VmsCs-QVfQOm9dctqyC7A4OX1BJWya3fNGYehqQ_B_JV13mKeF4Do

Request Chain 401

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDWUmXens0GzrBZzxLEHF3c&google_cver=1&google_push=AYg5qPLL67_YQ7nsXA1XMTvT0WkVRDvM-LUB2mlsvBOPnh5w0ceRMbJ_uMWa0Qx4O3aVH082jdjIGrNT0918ABygVQRzA4OaCCpvdw HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDWUmXens0GzrBZzxLEHF3c&google_cver=1&google_push=AYg5qPLL67_YQ7nsXA1XMTvT0WkVRDvM-LUB2mlsvBOPnh5w0ceRMbJ_uMWa0Qx4O3aVH082jdjIGrNT0918ABygVQRzA4OaCCpvdw&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kWWpoOEtSRTJ1SG01b2NRYlBMUV8wUDlpUU1YNE56an5B&google_push=AYg5qPLL67_YQ7nsXA1XMTvT0WkVRDvM-LUB2mlsvBOPnh5w0ceRMbJ_uMWa0Qx4O3aVH082jdjIGrNT0918ABygVQRzA4OaCCpvdw

Request Chain 429

https://a.c.appier.net/gcm?google_gid=CAESEK0dMiT2cKms3sreFl3ACh0&google_cver=1&google_push=AYg5qPJZByAiKiVF9BIVJHuf655Zx0uDol0l33xlFurdIFKUKZwLkMt4FQeUtEVhUAW7t-mbjokbuNjt5YiA_bK7DelF5FBLr0M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SGw4UTdtRXJDRE84cktqZWd5LUtZUQ%3D%3D&google_push=AYg5qPJZByAiKiVF9BIVJHuf655Zx0uDol0l33xlFurdIFKUKZwLkMt4FQeUtEVhUAW7t-mbjokbuNjt5YiA_bK7DelF5FBLr0M

Request Chain 431

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIyy_9ihNdVLdWHCBmBW958&google_cver=1&google_push=AYg5qPLj4hl0zLX2ccIfmkmqR_9YBatmxQLx9gMWGzE4mSOcN5YbwvC9GUHRBudNrl6ljSuk-dXiZjG1KiTaDXEFxXafWL2xzOU HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIyy_9ihNdVLdWHCBmBW958&google_cver=1&google_push=AYg5qPLj4hl0zLX2ccIfmkmqR_9YBatmxQLx9gMWGzE4mSOcN5YbwvC9GUHRBudNrl6ljSuk-dXiZjG1KiTaDXEFxXafWL2xzOU&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLj4hl0zLX2ccIfmkmqR_9YBatmxQLx9gMWGzE4mSOcN5YbwvC9GUHRBudNrl6ljSuk-dXiZjG1KiTaDXEFxXafWL2xzOU&google_hm=7e03891c2017d4ea83bd147f

Request Chain 432

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEC1-U7eW_Oih-WoI4VtN_ig&google_cver=1&google_push=AYg5qPIJrNTfxU4uzf0xWBL37CJw8oK4BOfo-EAIJc9P2NgZjuMLEe8RyC_DvfgnI2W2ZtUepbzQrXA-zLAl4pdqkQkwNgBLtiCG HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=12&google_push=AYg5qPIJrNTfxU4uzf0xWBL37CJw8oK4BOfo-EAIJc9P2NgZjuMLEe8RyC_DvfgnI2W2ZtUepbzQrXA-zLAl4pdqkQkwNgBLtiCG&exu=CAESEC1-U7eW_Oih-WoI4VtN_ig HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=3689b9bb-f0a6-4033-8e59-2771e32ef693&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D3689b9bb-f0a6-4033-8e59-2771e32ef693%26google_push%3DAYg5qPIJrNTfxU4uzf0xWBL37CJw8oK4BOfo-EAIJc9P2NgZjuMLEe8RyC_DvfgnI2W2ZtUepbzQrXA-zLAl4pdqkQkwNgBLtiCG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=3689b9bb-f0a6-4033-8e59-2771e32ef693&google_push=AYg5qPIJrNTfxU4uzf0xWBL37CJw8oK4BOfo-EAIJc9P2NgZjuMLEe8RyC_DvfgnI2W2ZtUepbzQrXA-zLAl4pdqkQkwNgBLtiCG

Request Chain 433

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECF92vJkgD1VEju4LIBomA0&google_cver=1&google_push=AYg5qPI_FmjTVU5vQtKHObfWaEiPSB_SMoMPI1xI-zZI3N_NjltZnyVHC-kKUEI68LhHwd5k3c-o7knNMGAWOKaVc0jJeMY29mmt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPI_FmjTVU5vQtKHObfWaEiPSB_SMoMPI1xI-zZI3N_NjltZnyVHC-kKUEI68LhHwd5k3c-o7knNMGAWOKaVc0jJeMY29mmt&google_hm=MjYyNzUzNTQxNDUyOTEwNDI3Mw==

Request Chain 436

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDMeTwVAd96Q2BbA14kqk0o&google_cver=1&google_push=AYg5qPJgL_9S88r3OY2UV5y-c-RHI4rdm4UvAtNkfBQheHP0QObRHQ3V_nnvJQXgLL1I--hV8byveXf5R7iYaQunllETFzXKcpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJgL_9S88r3OY2UV5y-c-RHI4rdm4UvAtNkfBQheHP0QObRHQ3V_nnvJQXgLL1I--hV8byveXf5R7iYaQunllETFzXKcpw

Request Chain 437

https://um.simpli.fi/gp_match?google_gid=CAESEKRiRcXJX5ry0GYG7CQrL6k&google_cver=1&google_push=AYg5qPKTf80HqeoyQPP7GxECEy-W7nGvke3szNayqFlXyljf_FhcgAwO7-oscmnF0GanuGQE4tdE_7y5vauWaPJKSV7byAqz2To HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC0DFEEAF9014937A1D3C4474FE7C607&google_push=AYg5qPKTf80HqeoyQPP7GxECEy-W7nGvke3szNayqFlXyljf_FhcgAwO7-oscmnF0GanuGQE4tdE_7y5vauWaPJKSV7byAqz2To

Request Chain 439

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIoUsrkAt-SNvCST3M56blk&google_cver=1&google_push=AYg5qPKn61BaLSPN3QF1UMawCoR7yXsolj-IVXfLY1bsMWqWa1No7IzJbMIp_pwFzKHmtEen0Nos8LAm3oS_JjcvLpSRNp-Prg HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIoUsrkAt-SNvCST3M56blk&google_push=AYg5qPKn61BaLSPN3QF1UMawCoR7yXsolj-IVXfLY1bsMWqWa1No7IzJbMIp_pwFzKHmtEen0Nos8LAm3oS_JjcvLpSRNp-Prg&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKn61BaLSPN3QF1UMawCoR7yXsolj-IVXfLY1bsMWqWa1No7IzJbMIp_pwFzKHmtEen0Nos8LAm3oS_JjcvLpSRNp-Prg&google_hm=OEJlZVU3SjBCR2hodlZfNG5tam4=

Request Chain 441

https://match.360yield.com/match/ebda?google_gid=CAESEInx5L25D2DgEnGOG4a7gH8&google_cver=1&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEInx5L25D2DgEnGOG4a7gH8&google_cver=1&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU

Request Chain 445

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAmyjjUQo2zKU2PhyEexX40&google_cver=1&google_push=AYg5qPLC5-oRpGIDUcijHOLj0kkZxs28Fhatze6CnMGWxWwIFKogQrtlBqWZwOnNLjdJb2_XeUSoOgOuytjBlMHabh9rOPOfnKM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLC5-oRpGIDUcijHOLj0kkZxs28Fhatze6CnMGWxWwIFKogQrtlBqWZwOnNLjdJb2_XeUSoOgOuytjBlMHabh9rOPOfnKM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAmyjjUQo2zKU2PhyEexX40&google_cver=1&google_push=AYg5qPLC5-oRpGIDUcijHOLj0kkZxs28Fhatze6CnMGWxWwIFKogQrtlBqWZwOnNLjdJb2_XeUSoOgOuytjBlMHabh9rOPOfnKM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLC5-oRpGIDUcijHOLj0kkZxs28Fhatze6CnMGWxWwIFKogQrtlBqWZwOnNLjdJb2_XeUSoOgOuytjBlMHabh9rOPOfnKM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 446

https://a.c.appier.net/gcm?google_gid=CAESEK0dMiT2cKms3sreFl3ACh0&google_cver=1&google_push=AYg5qPJN1IATy8iJv8KgxPsH3mQYNbt4xpTy6Hv5-1W0l8ZCrgk42Wy_drwB7XLbNX52bspQOObFfFZR-xqqjO9YFbxKqtYh2pNL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UGc1SENFNXNBM0t5RGVSdmd5LUtZUQ%3D%3D&google_push=AYg5qPJN1IATy8iJv8KgxPsH3mQYNbt4xpTy6Hv5-1W0l8ZCrgk42Wy_drwB7XLbNX52bspQOObFfFZR-xqqjO9YFbxKqtYh2pNL

Request Chain 447

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPO9O9WeFPRagKVQYODcH3Y&google_cver=1&google_push=AYg5qPKjgIXzwbZ7CWH61Zoj-7Dr3HX9FoCx_beC65o3V7l77RM7e0WchRQij2choUaJI49-EsXTWsk82I16vsNAKrRMcrVMZDhN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKjgIXzwbZ7CWH61Zoj-7Dr3HX9FoCx_beC65o3V7l77RM7e0WchRQij2choUaJI49-EsXTWsk82I16vsNAKrRMcrVMZDhN&google_hm=NjIxNjM0NzY1NTcwMzA1MjMwMQ%3D%3D

Request Chain 448

https://rtb.openx.net/sync/dds?google_gid=CAESEFtcxkI09c4N3wHQoujheLE&google_cver=1&google_push=AYg5qPJvDZ3JTfvnbRA8_lIJpEUThQ5LJ29usC-0Ns8UR0bTZoeQW6CrUucJZR8xVIEOHBuk_0XhBLtToNc_O0reAlAXqZPZ8pk HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFtcxkI09c4N3wHQoujheLE&google_cver=1&google_push=AYg5qPJvDZ3JTfvnbRA8_lIJpEUThQ5LJ29usC-0Ns8UR0bTZoeQW6CrUucJZR8xVIEOHBuk_0XhBLtToNc_O0reAlAXqZPZ8pk&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJvDZ3JTfvnbRA8_lIJpEUThQ5LJ29usC-0Ns8UR0bTZoeQW6CrUucJZR8xVIEOHBuk_0XhBLtToNc_O0reAlAXqZPZ8pk&google_hm=qeN20aRkzM0_FFsW_qiRUw==

Request Chain 449

https://match.360yield.com/match/ebda?google_gid=CAESEInx5L25D2DgEnGOG4a7gH8&google_cver=1&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEInx5L25D2DgEnGOG4a7gH8&google_cver=1&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO

Request Chain 450

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPJ-dPE2qkgTlS7xAy1Kvg-dicN8dzVm4u57F-cCeKuASI3lQEw-3zjw9gTJA6Hrm4R1rTb_GSsf6xoD1K0u9pmpds-la-LHkw HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPJ-dPE2qkgTlS7xAy1Kvg-dicN8dzVm4u57F-cCeKuASI3lQEw-3zjw9gTJA6Hrm4R1rTb_GSsf6xoD1K0u9pmpds-la-LHkw&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPJ-dPE2qkgTlS7xAy1Kvg-dicN8dzVm4u57F-cCeKuASI3lQEw-3zjw9gTJA6Hrm4R1rTb_GSsf6xoD1K0u9pmpds-la-LHkw&apid=UP06430e59-4136-11ec-9ce2-0228d03d97ac HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNjQzMGU1OS00MTM2LTExZWMtOWNlMi0wMjI4ZDAzZDk3YWM%3D&google_push=AYg5qPJ-dPE2qkgTlS7xAy1Kvg-dicN8dzVm4u57F-cCeKuASI3lQEw-3zjw9gTJA6Hrm4R1rTb_GSsf6xoD1K0u9pmpds-la-LHkw

Request Chain 452

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHgPGK6xpyWRwqbesU2nTlA&google_cver=1&google_push=AYg5qPI24GyzgJ0hVT_R9lYhxfqJMhLLqpJnLjf-s93UkWMvyDp3fSJhm7jNMmPu4C7kXWSLe9qvY9loMEgDbn2oCIb9rNy-gEaa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ0NzI0MjI0NTgwODYwMTEzNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHgPGK6xpyWRwqbesU2nTlA&google_cver=1

Request Chain 454

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEJcanytDQdwEIhUijr6SBM&google_cver=1&google_push=AYg5qPJ9h9aeHKBfiz_D3U2MnM6EdbUTmfRZNP9UHJSKPJ_ZlFJZGP_SS7DcBGVXmX2Jbd75NSYm6m_lwPcyshiVhtAsyTelbCVd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJ9h9aeHKBfiz_D3U2MnM6EdbUTmfRZNP9UHJSKPJ_ZlFJZGP_SS7DcBGVXmX2Jbd75NSYm6m_lwPcyshiVhtAsyTelbCVd&google_hm=b2HtQNc4RLOF6vjA89x3SFA

Request Chain 455

https://ads.travelaudience.com/google_pixel?google_gid=CAESECHApiOLjO4mwoUdtCMprYE&google_cver=1&google_push=AYg5qPLsHbZraT13K2qcBw8z3DUcNHBvaU6qafvd-8pE8lKX1_pPHRysLAAbLAmADlZmLGfDzxTKRpwxDfQlTUVSLiKil9z0KDuq HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Ei76DnPRR60rzsBdG22hg2&google_push=AYg5qPLsHbZraT13K2qcBw8z3DUcNHBvaU6qafvd-8pE8lKX1_pPHRysLAAbLAmADlZmLGfDzxTKRpwxDfQlTUVSLiKil9z0KDuq

Request Chain 457

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFjcHv80LKxg1foIDVidzBc&google_cver=1&google_push=AYg5qPL8G_rOZ6xJps-fOjcmiaqYaIx3cHENQkUpFTenCJO65mpSXApQWQqnXoc9ODmzqFxWoN5kAoG5MdX4FSuHD8BA_a9cXPsq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL8G_rOZ6xJps-fOjcmiaqYaIx3cHENQkUpFTenCJO65mpSXApQWQqnXoc9ODmzqFxWoN5kAoG5MdX4FSuHD8BA_a9cXPsq

Request Chain 458

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPmrR_SGLPMYdeIVC3xh3xA&google_cver=1&google_push=AYg5qPJjYX86CAuXfQM3TGEC5IA7Q5Ca_k9-TjhwN0kN_VGG38ImjzPcgp0G_zF0q9UjfYP2b09_0Uaz-C5-Vk-IJkRo9Q6cAoQ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJjYX86CAuXfQM3TGEC5IA7Q5Ca_k9-TjhwN0kN_VGG38ImjzPcgp0G_zF0q9UjfYP2b09_0Uaz-C5-Vk-IJkRo9Q6cAoQ&google_gid=CAESEPmrR_SGLPMYdeIVC3xh3xA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTQyMTkyODA0NjIyNTEzNzc1NQ%3D%3D&google_push=AYg5qPJjYX86CAuXfQM3TGEC5IA7Q5Ca_k9-TjhwN0kN_VGG38ImjzPcgp0G_zF0q9UjfYP2b09_0Uaz-C5-Vk-IJkRo9Q6cAoQ

Request Chain 460

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEEu2idTvsNfV3KEsIPEn2uE&google_cver=1&google_push=AYg5qPKEHqkTUaibUFJBw9Gyf5FYgbjmAeqxMtqLXDEGML9sjfItw53DI4gZlfklFw4UYOty_nWmsytGCrqcC27wuR3Y24Q3Mg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPKEHqkTUaibUFJBw9Gyf5FYgbjmAeqxMtqLXDEGML9sjfItw53DI4gZlfklFw4UYOty_nWmsytGCrqcC27wuR3Y24Q3Mg

Request Chain 461

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIaidOEov8A5QneC4O_F7j8&google_cver=1&google_push=AYg5qPIcwhflfs-e25GKx_nOyQ5kuWZNOWnqzq1OXUghaO3wNIJe9im2SjZMaWvOLdeUydYoLc4_RUmtBrjPC-jmBLI2p84wx_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=omt1Wah8QzWvvxuJ73XAlQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIcwhflfs-e25GKx_nOyQ5kuWZNOWnqzq1OXUghaO3wNIJe9im2SjZMaWvOLdeUydYoLc4_RUmtBrjPC-jmBLI2p84wx_s

Request Chain 462

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAkvrik1DcfY5FXFc1gVdE8&google_cver=1&google_push=AYg5qPK2gq3TmuIPxMqV9cjDfkJiBELPEhRC30XqePvhLEWQ3xbIxuxvPL5Cjhs3r-9pAqalFEZ6xNs-xdJG_blAvhSgtB59erw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPK2gq3TmuIPxMqV9cjDfkJiBELPEhRC30XqePvhLEWQ3xbIxuxvPL5Cjhs3r-9pAqalFEZ6xNs-xdJG_blAvhSgtB59erw

Request Chain 463

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIyy_9ihNdVLdWHCBmBW958&google_cver=1&google_push=AYg5qPLOLvOcN2MgP50_8aotPwKxF55Ipx_GyMNvoU3Q3tlufZWL1duOmPiRxqm9_ue6F0Q78IXwlp1XRa2L8IZFuq9ClHeYX6s HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIyy_9ihNdVLdWHCBmBW958&google_cver=1&google_push=AYg5qPLOLvOcN2MgP50_8aotPwKxF55Ipx_GyMNvoU3Q3tlufZWL1duOmPiRxqm9_ue6F0Q78IXwlp1XRa2L8IZFuq9ClHeYX6s&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLOLvOcN2MgP50_8aotPwKxF55Ipx_GyMNvoU3Q3tlufZWL1duOmPiRxqm9_ue6F0Q78IXwlp1XRa2L8IZFuq9ClHeYX6s&google_hm=7e03891c2017d4ea83bd147f

Request Chain 465

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPLBrMKdOUb6ZD4rlCZ5PJc57MnrrkdppmEdm_z0ym3jRA4jQ4sdxFoZkZCj2uNPktG7tRU0sfeSpjT-rMb91UHUHAEThXQF HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPLBrMKdOUb6ZD4rlCZ5PJc57MnrrkdppmEdm_z0ym3jRA4jQ4sdxFoZkZCj2uNPktG7tRU0sfeSpjT-rMb91UHUHAEThXQF&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPLBrMKdOUb6ZD4rlCZ5PJc57MnrrkdppmEdm_z0ym3jRA4jQ4sdxFoZkZCj2uNPktG7tRU0sfeSpjT-rMb91UHUHAEThXQF&apid=UP06430e59-4136-11ec-9ce2-0228d03d97ac HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNjQzMGU1OS00MTM2LTExZWMtOWNlMi0wMjI4ZDAzZDk3YWM%3D&google_push=AYg5qPLBrMKdOUb6ZD4rlCZ5PJc57MnrrkdppmEdm_z0ym3jRA4jQ4sdxFoZkZCj2uNPktG7tRU0sfeSpjT-rMb91UHUHAEThXQF

Request Chain 466

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECF92vJkgD1VEju4LIBomA0&google_cver=1&google_push=AYg5qPJ2IBEhLUZFfVHIOKt5eQaN4v2k2TkzHNgoOhty3qiZS6yPreyuuq17XfM9m3SQaoF2Eghwh35lrbiwi40KyM3E4KZ1AL0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJ2IBEhLUZFfVHIOKt5eQaN4v2k2TkzHNgoOhty3qiZS6yPreyuuq17XfM9m3SQaoF2Eghwh35lrbiwi40KyM3E4KZ1AL0&google_hm=MjYyNzUzNTQxNDUyOTEwNDI3Mw==

Request Chain 490

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPPq_tvsivQCFTyIOAodwuEEVg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1636446083_0690b8f0-4136-11ec-a755-22393e4be327

Request Chain 502

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021110909212358381023095X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021110909212358381023095X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110909212358381023095X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24

Request Chain 511

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021110909212358381023073X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021110909212358381023073X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110909212358381023073X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24

518 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tvnotas.com.mx/
Redirect Chain

http://tvnotas.com.mx/
https://tvnotas.com.mx/
http://www.tvnotas.com.mx/
https://www.tvnotas.com.mx/

223 KB
36 KB

36ms
19ms

Document
text/html

2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa975f0655492facb9cffacabc234cd303c83704b3a60799a8643964df081ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-type: text/html; charset=utf-8
x-drupal-cache: MISS
access-control-allow-origin: https://geoip-js.maxmind.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE
x-content-type-options: nosniff
x-frame-options: SameOrigin
content-language: es
permissions-policy: interest-cohort=()
link: <https://www.tvnotas.com.mx/>; rel="canonical",<https://www.tvnotas.com.mx/>; rel="shortlink",<https://www.tvnotas.com.mx/sites/default/files/favicon.ico>; rel="shortcut icon"
cache-control: public, max-age=300
last-modified: Tue, 09 Nov 2021 08:09:24 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
vary: Cookie,Accept-Encoding
x-request-id: v-5a3ec34a-4134-11ec-a913-97a9e9382683
x-ah-environment: prod
age: 109
via: varnish
x-cache: HIT
x-cache-hits: 8
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ab5a07dc8cf4aa3-FRA
content-encoding: gzip

Redirect headers

Date: Tue, 09 Nov 2021 08:21:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 09 Nov 2021 09:21:19 GMT
Location: https://www.tvnotas.com.mx/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ab5a07d7bad5c0e-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 56ms
20ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2e050b7f1da783cce5a7be35e632698dc49ca9013802a48414f080cc861b4574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1038 / 258 of 1000 / last-modified: 1636412772"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27060
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 08:21:19 GMT

GET
H2 200 prebid5.10.0.js Show response
www.tvnotas.com.mx/ 235 KB
73 KB 32ms
32ms Script
application/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/prebid5.10.0.js

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a643e1831e2eeae41225ac5eaefc0e4392eb9813687a2bab3c20140211e0b5b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1051138
x-cache: HIT
x-cache-hits: 78
x-ah-environment: prod
content-length: 74725
x-request-id: v-698c2c20-351d-11ec-8451-c76e3f4f975f
last-modified: Thu, 19 Aug 2021 18:48:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6ab5a07e09484aa3-FRA
expires: Sun, 07 Nov 2021 22:54:58 GMT

GET
H2 200 icomoon.woff
www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/icomoon/ 12 KB
12 KB 13ms
13ms Font
text/plain 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/icomoon/icomoon.woff?qw3si5

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f7f49fcc4a983c71ef7655177aa6284d3ab2d2602bec2523f95de2cc3f48b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnotas.com.mx/
Origin: https://www.tvnotas.com.mx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13874595
x-cache: HIT
x-cache-hits: 231
x-ah-environment: prod
content-length: 12404
x-request-id: v-408ea202-baee-11eb-a568-ff8fb09e9918
last-modified: Thu, 14 Jan 2021 12:42:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e194b4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 helveticaneuebold.woff
www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/helveticaneuebold/ 47 KB
47 KB 14ms
13ms Font
text/plain 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/helveticaneuebold/helveticaneuebold.woff

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afb58c8bdc1998c8ee55565638d73bfc69f9dde1f7c8c61bbfae3683f2be57f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnotas.com.mx/
Origin: https://www.tvnotas.com.mx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6676558
x-cache: HIT
x-cache-hits: 178
x-ah-environment: prod
content-length: 48112
x-request-id: v-179c85e6-0015-11ec-adc0-af49e2c28c9f
last-modified: Thu, 14 Jan 2021 12:43:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e194d4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 HelveticaNeueLight.woff
www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/helveticaneuelight/ 60 KB
60 KB 22ms
20ms Font
text/plain 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/helveticaneuelight/HelveticaNeueLight.woff

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddf930b10b42e5c71c3f755fbdb6493c310cb4a1fce6d7bd7717ec1d863675f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnotas.com.mx/
Origin: https://www.tvnotas.com.mx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13874595
x-cache: HIT
x-cache-hits: 222
x-ah-environment: prod
content-length: 61308
x-request-id: v-a986aa64-bb04-11eb-89b0-bf22ec491007
last-modified: Thu, 14 Jan 2021 14:36:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e194f4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
www.tvnotas.com.mx/sites/default/files/css/ 7 KB
2 KB 19ms
16ms Stylesheet
text/css 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4945928
x-cache: HIT
x-cache-hits: 212
x-ah-environment: prod
content-length: 2217
x-request-id: v-a1bfc756-0b0a-11ec-b493-2bb4babb9478
last-modified: Fri, 13 Aug 2021 17:57:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e19514aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 css_-TNq6F6EH1K3WcBMUMQP90OkyCq0Lyv1YnyoEj3kxiU.css
www.tvnotas.com.mx/sites/default/files/css/ 2 KB
859 B 20ms
17ms Stylesheet
text/css 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/css/css_-TNq6F6EH1K3WcBMUMQP90OkyCq0Lyv1YnyoEj3kxiU.css

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9336ae85e841f52b759c04c50c40ff743a4c82ab42f2bf5627ca8123de4c625

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1220800
x-cache: HIT
x-cache-hits: 7
x-ah-environment: prod
content-length: 735
x-request-id: v-da87ddb8-35bb-11ec-87a2-4be39919ce01
last-modified: Thu, 21 Oct 2021 23:24:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e19524aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 css_cfpPZc_bL8MF-9Ro0EtN4OZtKfrY4s6wDztFQA4SwKw.css
www.tvnotas.com.mx/sites/default/files/css/ 806 B
468 B 18ms
16ms Stylesheet
text/css 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/css/css_cfpPZc_bL8MF-9Ro0EtN4OZtKfrY4s6wDztFQA4SwKw.css

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71fa4f65cfdb2fc305fbd468d04b4de0e66d29fad8e2ceb00f3b45400e12c0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1220800
x-cache: HIT
x-cache-hits: 15
x-ah-environment: prod
content-length: 360
x-request-id: v-1a3bb0ae-3555-11ec-8f00-dba277900865
last-modified: Thu, 21 Oct 2021 23:24:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e19554aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 css_VWGhZkkR4B4tMJA7PC_wov8dAxaI-MS03BCM3K8jjJA.css
www.tvnotas.com.mx/sites/default/files/css/ 190 B
301 B 19ms
17ms Stylesheet
text/css 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/css/css_VWGhZkkR4B4tMJA7PC_wov8dAxaI-MS03BCM3K8jjJA.css

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5561a1664911e01e2d30903b3c2ff0a2ff1d031688f8c4b4dc108cdcaf238c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7696210
x-cache: HIT
x-cache-hits: 229
x-ah-environment: prod
content-length: 147
x-request-id: v-2f381b54-f4fb-11eb-94c4-2f5ccc05ca85
last-modified: Wed, 07 Jul 2021 22:05:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e19574aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 css_lDczCgaLxQGiwCfkTUSsVvCm1l_NJLezcaNRDVIxXpU.css
www.tvnotas.com.mx/sites/default/files/css/ 13 KB
3 KB 18ms
16ms Stylesheet
text/css 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/css/css_lDczCgaLxQGiwCfkTUSsVvCm1l_NJLezcaNRDVIxXpU.css

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9437330a068bc501a2c027e44d44ac56f0a6d65fcd24b7b371a3510d52315e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1175785
x-cache: HIT
x-cache-hits: 33
x-ah-environment: prod
content-length: 3129
x-request-id: v-585eea34-3548-11ec-9b56-43536fc667a4
last-modified: Thu, 21 Oct 2021 23:24:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e19584aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 css_RhPJYTTjVxfrYY_JfXv7UAJi2_nZfJ4j169YgxkeAQI.css
www.tvnotas.com.mx/sites/default/files/css/ 7 KB
2 KB 18ms
16ms Stylesheet
text/css 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/css/css_RhPJYTTjVxfrYY_JfXv7UAJi2_nZfJ4j169YgxkeAQI.css

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4613c96134e35717eb618fc97d7bfb500262dbf9d97c9e23d7af5883191e0102

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2525950
x-cache: HIT
x-cache-hits: 18
x-ah-environment: prod
content-length: 1583
x-request-id: v-78389ac2-28e5-11ec-9739-937862451b25
last-modified: Tue, 14 Sep 2021 00:31:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e19594aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 css_YZM2KAR93pSbO8MAKHhKdgk347-4GknCLou7PhiMtf4.css
www.tvnotas.com.mx/sites/default/files/css/ 15 KB
4 KB 21ms
19ms Stylesheet
text/css 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/css/css_YZM2KAR93pSbO8MAKHhKdgk347-4GknCLou7PhiMtf4.css

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61933628047dde949b3bc30028784a760937e3bfb81a49c22e8bbb3e188cb5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1220800
x-cache: HIT
x-cache-hits: 12
x-ah-environment: prod
content-length: 3551
x-request-id: v-1a3f6eec-3555-11ec-9d37-db5e8f05cca7
last-modified: Thu, 21 Oct 2021 23:24:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e195a4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 css_GeC2cTJ3Wiut6BM2vCee7wuUnoJKH7YaEy2fUK6vYP4.css
www.tvnotas.com.mx/sites/default/files/css/ 4 MB
177 KB 20ms
19ms Stylesheet
text/css 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/css/css_GeC2cTJ3Wiut6BM2vCee7wuUnoJKH7YaEy2fUK6vYP4.css

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e0b67132775a2bade81336bc279eef0b949e824a1fb61a132d9f50aeaf60fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1150028
x-cache: HIT
x-cache-hits: 28
x-ah-environment: prod
content-length: 181020
x-request-id: v-1a4bcdfe-3555-11ec-bedb-9f543efdfc36
last-modified: Thu, 21 Oct 2021 23:38:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e195b4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 js_PtDkX40YNWaoTtHqKK41INw1OeXIpv4LWBYn2rf1bSE.js Show response
www.tvnotas.com.mx/sites/default/files/js/ 103 KB
36 KB 21ms
19ms Script
text/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/js/js_PtDkX40YNWaoTtHqKK41INw1OeXIpv4LWBYn2rf1bSE.js

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ed0e45f8d183566a84ed1ea28ae3520dc3539e5c8a6fe0b581627dab7f56d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 975527
x-cache: HIT
x-cache-hits: 2
x-ah-environment: prod
content-length: 37074
x-request-id: v-fb5220a2-3832-11ec-b4cd-9773f9e726f0
last-modified: Thu, 21 Oct 2021 23:24:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e195c4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 js_ifwRGuL_oelyvge-AN2R7Ui6KVr9xiVDgYYVnQT7HPE.js Show response
www.tvnotas.com.mx/sites/default/files/js/ 64 KB
19 KB 19ms
18ms Script
text/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/js/js_ifwRGuL_oelyvge-AN2R7Ui6KVr9xiVDgYYVnQT7HPE.js

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fc111ae2ffa1e972be07be00dd91ed48ba295afdc625438186159d04fb1cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 975527
x-cache: HIT
x-cache-hits: 4
x-ah-environment: prod
content-length: 19393
x-request-id: v-59a964bc-381f-11ec-a9a0-6b1f5d8d25b5
last-modified: Thu, 21 Oct 2021 23:24:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e195e4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 js_iWzzNGSW7dSBiwxEFqdZBt_KPR_GS1N8Wr_-BSymR-4.js Show response
www.tvnotas.com.mx/sites/default/files/js/ 3 KB
1 KB 19ms
17ms Script
text/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/js/js_iWzzNGSW7dSBiwxEFqdZBt_KPR_GS1N8Wr_-BSymR-4.js

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

896cf3346496edd4818b0c4416a75906dfca3d1fc64b537c5abffe052ca647ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13682063
x-cache: HIT
x-cache-hits: 12
x-ah-environment: prod
content-length: 1265
x-request-id: v-cf78a41e-c4c5-11eb-8710-1ba2f82307af
last-modified: Thu, 03 Jun 2021 23:45:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e195f4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 js_OiWpNdbrCWqqf_zOLY0Tbv636BZVSrZndr2lTNaPZQk.js Show response
www.tvnotas.com.mx/sites/default/files/js/ 28 KB
9 KB 18ms
17ms Script
text/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/js/js_OiWpNdbrCWqqf_zOLY0Tbv636BZVSrZndr2lTNaPZQk.js

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a25a935d6eb096aaa7ffcce2d8d136efeb7e816554ab66776bda54cd68f6509

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9424109
x-cache: HIT
x-cache-hits: 116
x-ah-environment: prod
content-length: 8599
x-request-id: v-7d830970-e5e4-11eb-8b57-c79c09150505
last-modified: Wed, 07 Jul 2021 22:08:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e19614aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 js_pK_V_ufhq6KesEvx3OxA7W30deLB7QL-wO-Zv80aiZA.js Show response
www.tvnotas.com.mx/sites/default/files/js/ 1 KB
519 B 28ms
27ms Script
text/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/js/js_pK_V_ufhq6KesEvx3OxA7W30deLB7QL-wO-Zv80aiZA.js

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4afd5fee7e1aba29eb04bf1dcec40ed6df475e2c1ed02fec0ef99bfcd1a8990

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13682062
x-cache: HIT
x-cache-hits: 13
x-ah-environment: prod
content-length: 387
x-request-id: v-d5c11ebe-c4c5-11eb-a3f1-c3dbfa8cd716
last-modified: Thu, 03 Jun 2021 23:45:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e19634aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 js_qZ1jlGRtpg0_Z918er6_kmLUQ0RuqpQLWpwQ1Qigwos.js Show response
www.tvnotas.com.mx/sites/default/files/js/ 3 KB
926 B 28ms
27ms Script
text/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/js/js_qZ1jlGRtpg0_Z918er6_kmLUQ0RuqpQLWpwQ1Qigwos.js

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99d6394646da60d3f67dd7c7abebf9262d443446eaa940b5a9c10d508a0c28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13682062
x-cache: HIT
x-cache-hits: 11
x-ah-environment: prod
content-length: 800
x-request-id: v-da198276-c4c5-11eb-a624-ffebdb23bc3f
last-modified: Thu, 03 Jun 2021 23:45:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07e19644aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 logotipo_1485989027.png
www.tvnotas.com.mx/sites/default/files/logotipo/ 3 KB
3 KB 14ms
13ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/logotipo/logotipo_1485989027.png

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47d52142995562cb3ca7041f6f9655b9e27f1334cf6308ba4b7a1872d0b245cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4945928
x-cache: HIT
x-cache-hits: 263
x-ah-environment: prod
content-length: 2743
x-request-id: v-b141148e-0b30-11ec-ad22-cb2b9d55efc9
last-modified: Wed, 31 May 2017 17:37:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07f0ac74aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 158 KB
55 KB 48ms
22ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVBVNJQ

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33bcc4ae8ad427ca347e1e26a3c8f9840ba13f35f9ad0e47a0830a26409558de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56093
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Nov 2021 08:21:19 GMT

GET
H2 200 jquery.tinycarousel.js Show response
www.tvnotas.com.mx/sites/default/files/cklass/ 8 KB
2 KB 14ms
12ms Script
application/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/cklass/jquery.tinycarousel.js

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

457e03a28ddee72006bf009b56c2787c2d9114693fe108d75130f48d81f19e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1157829
x-cache: HIT
x-cache-hits: 35
x-ah-environment: prod
content-length: 2091
x-request-id: v-a501ccfc-3530-11ec-b168-8742f79c476e
last-modified: Sat, 01 May 2021 04:08:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07f0ac94aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 fondo_300x250.jpg
www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-3/ 470 KB
470 KB 16ms
14ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-3/fondo_300x250.jpg

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b905788fcdcfdf44675d26d55de9ce8f23e0e0768433c7e67693ff78101c8afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 703648
x-cache: HIT
last-modified: Wed, 20 Oct 2021 14:44:52 GMT
x-cache-hits: 22
x-ah-environment: prod
content-length: 480923
x-request-id: v-03e25938-3ace-11ec-9d0f-e3861fdffd81
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07f0aca4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 giphy.gif
media.giphy.com/media/nQR1eKor5Fcpq/ 882 KB
882 KB 36ms
7ms Image
image/gif 199.232.194.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.giphy.com/media/nQR1eKor5Fcpq/giphy.gif

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7d49abbf71fb284004d438dc67735e7458f3d7c7fd9ae65e324ddc17413d86e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 328359
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 902753
x-served-by: cache-bwi5152-BWI, cache-fra19163-FRA
last-modified: Tue, 23 Jul 2019 03:58:30 GMT
x-timer: S1636446080.874885,VS0,VE1
etag: "5795c3c20180f55d9c4876f4e6671fbb"
strict-transport-security: max-age=15465600
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 js_KRtkuDODhXI6VkjWk4uxDuVS1FOoG8em6IZryVYKAYc.js Show response
www.tvnotas.com.mx/sites/default/files/js/ 8 KB
4 KB 13ms
13ms Script
text/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/default/files/js/js_KRtkuDODhXI6VkjWk4uxDuVS1FOoG8em6IZryVYKAYc.js

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

291b64b8338385723a5648d6938bb10ee552d453a81bc7a6e8866bc9560a0187

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13682061
x-cache: HIT
x-cache-hits: 12
x-ah-environment: prod
content-length: 3490
x-request-id: v-dee0eb96-c4c5-11eb-b0d0-6f46fcdc0d8e
last-modified: Thu, 03 Jun 2021 23:46:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07eea9c4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 63ms
45ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6ab5a07f2c465b50-FRA

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/notmusa-tvnotas/ 399 KB
36 KB 33ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/notmusa-tvnotas/loader.js
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4261830bfb35520d06bb9377708fbe2c09d6c9f02a795a4527f9c7127561377c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: MyfiYcDGkWPcKERVZV.ZR1VolpWrj2HB
content-encoding: gzip
etag: "2de0ee85e286475918087e397dadaeac"
age: 47
x-cache: HIT
content-length: 36412
x-amz-id-2: UIkCOEh2TCIb9eXMhez8hBLQ+ra/9LyN/CKay3TWJRvcSG7YGhEOmRBEwvnYgSouyrHZ9CatDS0=
x-served-by: cache-fra19177-FRA
last-modified: Mon, 08 Nov 2021 10:05:47 GMT
server: AmazonS3
x-timer: S1636446080.872019,VS0,VE1
date: Tue, 09 Nov 2021 08:21:19 GMT
vary: Accept-Encoding
x-amz-request-id: 575WBTC5PPDJA7MH
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 46
x-cache-hits: 1

GET
H2 200 menu-expanded.png
www.tvnotas.com.mx/misc/ 106 B
235 B 17ms
16ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/misc/menu-expanded.png

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71044970e802b0cf12ff5cb2e20a5910192e473a2968385f99c2987d3a4d0231

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6674004
x-cache: HIT
x-cache-hits: 95
x-ah-environment: prod
content-length: 106
x-request-id: v-13a5f52c-0028-11ec-bf84-23b637668ad3
last-modified: Mon, 09 Aug 2021 11:19:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07f2b0b4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 menu-leaf.png
www.tvnotas.com.mx/misc/ 126 B
255 B 16ms
14ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/misc/menu-leaf.png

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e457a1f5c855a40b853c0f8f6421db58c3e7b443444389e3ac1cb128bb02fc97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1219055
x-cache: HIT
x-cache-hits: 250
x-ah-environment: prod
content-length: 126
x-request-id: v-5380f886-9ba1-11eb-9f06-2fe80a711cee
last-modified: Thu, 14 Jan 2021 15:17:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07f2b114aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 HelveticaNeueLight.woff2
www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/helveticaneuelight/ 40 KB
40 KB 15ms
13ms Font
text/plain 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/helveticaneuelight/HelveticaNeueLight.woff2

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/css/css_YZM2KAR93pSbO8MAKHhKdgk347-4GknCLou7PhiMtf4.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c72549f71592898dea7e587d9774c5f35bd4e3acd80916b8f9a2c71019a7db4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnotas.com.mx/sites/default/files/css/css_YZM2KAR93pSbO8MAKHhKdgk347-4GknCLou7PhiMtf4.css
Origin: https://www.tvnotas.com.mx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6676558
x-cache: HIT
x-cache-hits: 175
x-ah-environment: prod
content-length: 40460
x-request-id: v-17b85870-0015-11ec-92f6-0b2913e8eeb5
last-modified: Thu, 14 Jan 2021 12:43:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07f2b0d4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 icomoon.ttf
www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/icomoon/ 12 KB
12 KB 13ms
12ms Font
text/plain 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/icomoon/icomoon.ttf?qw3si5

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/css/css_YZM2KAR93pSbO8MAKHhKdgk347-4GknCLou7PhiMtf4.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ca02fac72990e728f0e9e35a31827150217c346157e5eb8cbcef15e2ebcc6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnotas.com.mx/sites/default/files/css/css_YZM2KAR93pSbO8MAKHhKdgk347-4GknCLou7PhiMtf4.css
Origin: https://www.tvnotas.com.mx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6676558
x-cache: HIT
x-cache-hits: 216
x-ah-environment: prod
content-length: 12328
x-request-id: v-0aec5ce4-0007-11ec-a14a-abf3e0b42408
last-modified: Thu, 14 Jan 2021 12:43:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07f2b0e4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 76ms
41ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=001546754850981606808:rutwf0smbt0

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

1c8c3b357098a8321f15fe466f8c4780c66b16d4a89a94c51848da70a8c9ed7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3501
x-xss-protection: 0
expires: Tue, 09 Nov 2021 08:21:19 GMT

GET
H2 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 22ms
21ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 08:21:19 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 229 B
154 B 31ms
17ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tvnotas.com.mx

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

51d050f01300287d2fef16479c54235fc7cbb547bb6f7bfb860d92ba5cc37532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129
x-xss-protection: 0
expires: Tue, 09 Nov 2021 08:21:19 GMT

GET
H2 200 helveticaneuebold.woff2
www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/helveticaneuebold/ 34 KB
35 KB 16ms
16ms Font
text/plain 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/sites/all/themes/themetvnotas/fonts/helveticaneuebold/helveticaneuebold.woff2

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/css/css_YZM2KAR93pSbO8MAKHhKdgk347-4GknCLou7PhiMtf4.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5875e3f31b21546abc711253279a237138e042a6fc8d37189afc6166e10e2ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnotas.com.mx/sites/default/files/css/css_YZM2KAR93pSbO8MAKHhKdgk347-4GknCLou7PhiMtf4.css
Origin: https://www.tvnotas.com.mx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1220497
x-cache: HIT
x-cache-hits: 33
x-ah-environment: prod
content-length: 35264
x-request-id: v-d8ff26bc-3526-11ec-85e4-2b93e4d3eb48
last-modified: Sat, 06 Mar 2021 07:39:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07fbc2b4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 inesgomezmontbuscadejarlesushijosasufamilia.jpg
www.tvnotas.com.mx/sites/default/files/styles/imagenprincipalhome/public/articulos/2021/11/08/ 44 KB
44 KB 17ms
17ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imagenprincipalhome/public/articulos/2021/11/08/inesgomezmontbuscadejarlesushijosasufamilia.jpg?itok=hYpsBdBf

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89606a78230b37d48cc989c3ed2e95538c259559c409db625d76a13267507d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7935
x-cache: HIT
last-modified: Tue, 09 Nov 2021 05:54:25 GMT
x-cache-hits: 4
x-ah-environment: prod
content-length: 44835
x-request-id: v-4efabc34-4123-11ec-85fd-03c7a9c97f8f
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07fcc4b4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 image_placeholder.gif
www.tvnotas.com.mx/sites/all/modules/lazyloader/ 2 KB
2 KB 14ms
14ms Image
image/gif 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/all/modules/lazyloader/image_placeholder.gif

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64755916bfcc7b6b2d39982af788b37ee5ea30c6763fac8f3248e9bb79184c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 421057
x-cache: HIT
x-cache-hits: 25
x-ah-environment: prod
content-length: 1887
x-request-id: v-50980014-3ca1-11ec-b307-435dfd2a8ab8
last-modified: Sat, 06 Mar 2021 07:39:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07fcc4d4aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 portada-1.png
www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/ 11 KB
11 KB 16ms
16ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/portada-1.png?1

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a791a1b6056a6f28fe7db5641b4cfcf962c025a5abe553cbae468b6b1aa08f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10638425
x-cache: HIT
x-cache-hits: 18
x-ah-environment: prod
content-length: 10908
x-request-id: v-d900040e-e073-11eb-a1cf-eb9ed9945c26
last-modified: Thu, 08 Jul 2021 22:20:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07fec754aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 fondo_1024x250.jpg
www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-3/ 170 KB
171 KB 22ms
19ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-3/fondo_1024x250.jpg?1

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b52e648cc1409fa9366dc3dcd7a5a18ea6f51222b1af64a7ac17c79cf25ab6a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 703501
x-cache: HIT
last-modified: Wed, 20 Oct 2021 14:12:18 GMT
x-cache-hits: 6
x-ah-environment: prod
content-length: 174517
x-request-id: v-0d592e56-3ace-11ec-b5a9-1bb86c024f85
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a07fec834aa3-FRA
expires: Sat, 14 May 2022 08:21:19 GMT

GET
H2 200 puente-1.jpg
www.tvnotas.com.mx/sites/default/files/articulos/2021/11/08/ 37 KB
37 KB 17ms
16ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/articulos/2021/11/08/puente-1.jpg

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c01e873e5b1680e54cbfd57dcfb5df97a056c8d2bb5f3ef17cd0ff40f60b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11774
x-cache: HIT
last-modified: Tue, 09 Nov 2021 05:01:01 GMT
x-cache-hits: 6
x-ah-environment: prod
content-length: 37385
x-request-id: v-6bc8c922-411a-11ec-95da-93221b0e05de
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0800cae4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 actor-1.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 14 KB
14 KB 13ms
12ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/actor-1.jpg?itok=g1SW0_TV

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13b372e2b0863964dd9db5375f4d591e07b213bc2cdb3c2730f4b7531e37a104

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11774
x-cache: HIT
last-modified: Tue, 09 Nov 2021 05:03:47 GMT
x-cache-hits: 5
x-ah-environment: prod
content-length: 14139
x-request-id: v-85e7dc94-411a-11ec-a4df-8754d86822f3
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0800cb04aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 ethernals-1.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 19 KB
19 KB 18ms
17ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ethernals-1.jpg?itok=ua25_msO

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3099b61be93b3feba3b52f2c1e0eeba8bee41448dded7b52b0e37721528ec43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14471
x-cache: HIT
last-modified: Tue, 09 Nov 2021 04:07:32 GMT
x-cache-hits: 22
x-ah-environment: prod
content-length: 19050
x-request-id: v-1e732098-4113-11ec-ab05-27853b26e907
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0800cb14aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVBVNJQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1246
date: Tue, 09 Nov 2021 08:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Nov 2021 10:00:34 GMT

GET
H2 200 1083.js Show response
script.crazyegg.com/pages/scripts/0017/ 5 KB
2 KB 32ms
15ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0017/1083.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVBVNJQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 704da48d5b3f4bfee21c81011f872b25b103573eb084649e7f7a0fae626cf91b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 72236
cf-polished: origSize=4899
cf-ray: 6ab5a0803e784aa9-FRA
ce-version: 11.1.358
last-modified: Mon, 08 Nov 2021 12:17:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=7914328&ns__t=1636446079638&ns_c=UTF-8&c8=TVNotas%20%C2%A1Irresistible!&c7=https%3A%2F%2Fwww.tvnotas.com.mx%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=7914328&ns__t=1636446079638&ns_c=UTF-8&c8=TVNotas%20%C2%A1Irresistible!&c7=https%3A%2F%2Fwww.tvnotas.com.mx%2F&c9=

64 B
329 B

11ms
11ms

Image
image/gif

13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=7914328&ns__t=1636446079638&ns_c=UTF-8&c8=TVNotas%20%C2%A1Irresistible!&c7=https%3A%2F%2Fwww.tvnotas.com.mx%2F&c9=
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 67mFqz_tdjogSAx5b2nGj4xlA8CbJEFz2k3un6xGkdpCR6nVcjcaSQ==

Redirect headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=7914328&ns__t=1636446079638&ns_c=UTF-8&c8=TVNotas%20%C2%A1Irresistible!&c7=https%3A%2F%2Fwww.tvnotas.com.mx%2F&c9=
content-length: 180
x-amz-cf-id: hJuyvSGYJcz4zNacszJSGYuKi6R7kBK33tkrN2cnPAixbmQVteeaQA==

GET
H2 200 impl.20211108-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 600 KB
123 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/notmusa-tvnotas/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 93cf91407923a2c77bdf11879b36b1c7507ae277f5538fd727b4114b15948c70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pSs4V5wwwBslTAiAmtyDyStpXBHERge3
content-encoding: br
etag: "c7eaca2685fe1eb52effc747a47c638a"
age: 23564
x-cache: HIT
content-length: 125310
x-amz-id-2: 4CSAbG2T/QbobglmqWdPNH+RJj5rs/TBQtEvW5SS0bw8EEoRa+O6g6uP4RwSqKv0ax/CAfsmv4s=
x-served-by: cache-fra19177-FRA
last-modified: Mon, 08 Nov 2021 09:47:33 GMT
server: AmazonS3-br
x-timer: S1636446080.044635,VS0,VE0
date: Tue, 09 Nov 2021 08:21:20 GMT
vary: Accept-Encoding
x-amz-request-id: SMG345F3QV5JJZ83
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 46
x-cache-hits: 39921

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 14ms
10ms Script
application/javascript 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/notmusa-tvnotas/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 02:26:01 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 107681
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: dT1QObRs5_0OZdcglq2OVcutpEsSONBTtObgwpxR8Wg8icUiP2AcbA==

POST
H2 200 home_1 Show response
www.tvnotas.com.mx/kuxtal_pub/ 323 B
875 B 808ms
807ms XHR
application/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/kuxtal_pub/home_1

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/js/js_PtDkX40YNWaoTtHqKK41INw1OeXIpv4LWBYn2rf1bSE.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61938731203d2e6048637f46c8e1fc963c2b4250aa48bf87d6c697d0a158c9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tvnotas.com.mx/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0
x-cache: MISS
content-type: application/javascript; utf-8
link: <https://www.tvnotas.com.mx/kuxtal_pub/home_1>; rel="canonical",<https://www.tvnotas.com.mx/sites/default/files/favicon.ico>; rel="shortcut icon"
x-ah-environment: prod
vary: Accept-Encoding
content-length: 220
x-request-id: v-04d6bb7c-4136-11ec-a857-17f13e5fcf3f
access-control-allow-origin: *
server: cloudflare
x-frame-options: SameOrigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
content-language: es
via: varnish
cache-control: s-maxage=600, max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 6ab5a0806d314aa3-FRA
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method
x-drupal-cache: MISS
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 viral-saltan-de-edificio.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/08/ 14 KB
14 KB 26ms
24ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/08/viral-saltan-de-edificio.jpg?itok=VFjCYBVj

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91898cafbfceb433dc0d470a5dd7879612e49af30aacd467986b5aa72130239

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36922
x-cache: HIT
last-modified: Mon, 08 Nov 2021 21:48:28 GMT
x-cache-hits: 16
x-ah-environment: prod
content-length: 14129
x-request-id: v-702d0748-40df-11ec-a5aa-47f7acd75c15
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0807d594aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 portada_rifa.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/05/ 17 KB
17 KB 16ms
14ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/05/portada_rifa.jpg?itok=7mjY4oRX

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

084af254855b572ff9e0a9dabdf939965d0fce14c35bc59ec3bbf669f46db57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 144791
x-cache: HIT
last-modified: Sun, 07 Nov 2021 16:07:39 GMT
x-cache-hits: 1
x-ah-environment: prod
content-length: 17196
x-request-id: v-d844693a-3fe4-11ec-aecc-9f7105a17f8a
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0807d5c4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 perrito-viral.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/05/ 14 KB
14 KB 21ms
19ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/05/perrito-viral.jpg?itok=VkzGIfgC

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da8a860ba8620ad47b5700943e6d4a99a01c033b8b59aa4684b31f2f0ee98104

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 298091
x-cache: HIT
last-modified: Fri, 05 Nov 2021 21:32:19 GMT
x-cache-hits: 3
x-ah-environment: prod
content-length: 14443
x-request-id: v-e6b2272a-3e7f-11ec-a117-af00e50f523a
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0807d5d4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 viral-perrito-temperatura.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/04/ 14 KB
14 KB 16ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/04/viral-perrito-temperatura.jpg?itok=WKPkhJAP

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c921d597ce0bdc38edf3a39e4a49064b50ebb188aec23d078ff8950ab8de37d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 384653
x-cache: HIT
last-modified: Thu, 04 Nov 2021 21:15:00 GMT
x-cache-hits: 27
x-ah-environment: prod
content-length: 14362
x-request-id: v-c12f7618-3db4-11ec-969f-8fc9a4ec2461
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0807d5e4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 trump-1.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/03/ 11 KB
12 KB 28ms
26ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/03/trump-1.jpg?itok=F3E4CX8x

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53ce85d473549ff2e78cb85f4dacdbeee008dfc755c8c50eb92735a92405753

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 463981
x-cache: HIT
last-modified: Wed, 03 Nov 2021 23:27:03 GMT
x-cache-hits: 2
x-ah-environment: prod
content-length: 11682
x-request-id: v-977cfec4-3cfd-11ec-aba1-a32fbc96d538
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0807d5f4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 vira-defenza.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/03/ 14 KB
14 KB 16ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/03/vira-defenza.jpg?itok=OQa5RvM8

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1242e277f47a2a995145bb8e7833540318a9e39583a46fd13c1f86ec3a455a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 470704
x-cache: HIT
last-modified: Wed, 03 Nov 2021 21:32:35 GMT
x-cache-hits: 9
x-ah-environment: prod
content-length: 14379
x-request-id: v-937462c8-3ced-11ec-b932-77a9e8055968
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d604aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 pintura-benito.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/03/ 22 KB
22 KB 15ms
14ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/03/pintura-benito.jpg?itok=ZT5EjtPU

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49090c57c6ae2ee7b23a3a774bd2e8a36234907d259afb693adc74ac4e7a8855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 481494
x-cache: HIT
last-modified: Wed, 03 Nov 2021 18:29:29 GMT
x-cache-hits: 18
x-ah-environment: prod
content-length: 22359
x-request-id: v-fb474088-3cd3-11ec-b854-cb3a3f7ec099
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d624aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 poncho-de-nigris.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/02/ 13 KB
13 KB 21ms
19ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/02/poncho-de-nigris.jpg?itok=X3DnL0dv

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f884a9e28b795c31f1ee006fb65236f6db89c36be4b8f2e80171925df7c250a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 549657
x-cache: HIT
last-modified: Tue, 02 Nov 2021 23:37:07 GMT
x-cache-hits: 12
x-ah-environment: prod
content-length: 12816
x-request-id: v-d3612460-3c35-11ec-8ff8-ff22c3582473
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d634aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 pasaporte-comido.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/02/ 17 KB
17 KB 25ms
23ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/02/pasaporte-comido.jpg?itok=aXywmQQz

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1787ab8d40da449efdbdf1f7b345f0b0371b1a63487e860a61454ee04881832

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 555787
x-cache: HIT
last-modified: Tue, 02 Nov 2021 21:53:15 GMT
x-cache-hits: 16
x-ah-environment: prod
content-length: 17256
x-request-id: v-5046e316-3c27-11ec-ae4e-27df89d44dbc
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d654aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 joker-metro-halloween_0.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/02/ 14 KB
14 KB 17ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/02/joker-metro-halloween_0.jpg?itok=kWjcjak6

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81f128557c130233e4a323d6e6a8db5695406de666c6e552510dffa23a4bbc24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 577991
x-cache: HIT
last-modified: Tue, 02 Nov 2021 15:44:07 GMT
x-cache-hits: 11
x-ah-environment: prod
content-length: 14250
x-request-id: v-bb0e4236-3bf3-11ec-a3fe-6371bff6e7a7
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d664aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 el-juego-del-calamar.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/01/ 18 KB
18 KB 16ms
14ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/11/01/el-juego-del-calamar.jpg?itok=hcgFCzNc

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27607ce059833d89e33757f9c609eddd6e16b2571f451c8e58eebaa6fca28a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 642311
x-cache: HIT
last-modified: Mon, 01 Nov 2021 21:52:17 GMT
x-cache-hits: 17
x-ah-environment: prod
content-length: 18636
x-request-id: v-057e73ea-3b5e-11ec-853b-0b5acba4100f
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d674aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 stark.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/29/ 19 KB
19 KB 23ms
21ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/29/stark.jpg?itok=Y_oh520L

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41fda325ddb8facb9047eb62577313cd8a2c40e2362ed7d4b4e74528fdfc933f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 900640
x-cache: HIT
last-modified: Fri, 29 Oct 2021 22:09:43 GMT
x-cache-hits: 2
x-ah-environment: prod
content-length: 19379
x-request-id: v-fed30d4a-3904-11ec-8a1e-0b5c382c4842
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d684aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 embarazada.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/28/ 16 KB
17 KB 15ms
14ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/28/embarazada.jpg?itok=xC6oVEKD

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb2f5127deeb5be506aa1180377eb2070ce9aa2ae81da178a1be9e3811c2aafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 983630
x-cache: HIT
last-modified: Thu, 28 Oct 2021 23:04:34 GMT
x-cache-hits: 6
x-ah-environment: prod
content-length: 16860
x-request-id: v-6e69cfbc-3843-11ec-8873-83235829c937
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d694aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 cenizas.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/26/ 15 KB
16 KB 21ms
19ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/26/cenizas.jpg?itok=DTUVJHk5

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a0b832427239eb43b492a22a969e4c892593eb19d85504c5713a413ed48452

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1161136
x-cache: HIT
last-modified: Tue, 26 Oct 2021 21:40:32 GMT
x-cache-hits: 17
x-ah-environment: prod
content-length: 15845
x-request-id: v-685e4aac-36a5-11ec-b4b1-b32d3b982b77
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d6a4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 oso_portada.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/22/ 18 KB
18 KB 20ms
19ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/22/oso_portada.jpg?itok=ehM78F1Y

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71cf1c852a3b6f41e35c3c13e0ced73d2c1d8fdf5026f36b6b5ccfe012ded75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1361039
x-cache: HIT
last-modified: Sun, 24 Oct 2021 14:06:09 GMT
x-cache-hits: 18
x-ah-environment: prod
content-length: 18396
x-request-id: v-8b910d1c-34d3-11ec-9775-fb5fa9f74fd1
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d6b4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 trend_cerillos_tiktok_viral_tvnotas.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/23/ 15 KB
15 KB 21ms
20ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/23/trend_cerillos_tiktok_viral_tvnotas.jpg?itok=ji4Lnuu5

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d21caa1f2d673d9c4c9fd5b9135a25482e2d43510825f5eb9e01f46eb882eb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1361039
x-cache: HIT
last-modified: Sun, 24 Oct 2021 14:06:09 GMT
x-cache-hits: 18
x-ah-environment: prod
content-length: 14944
x-request-id: v-8b8eb9c2-34d3-11ec-abd5-eb9777bc3cb6
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d6f4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 turistainfluencer-victima-tulum.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/23/ 11 KB
12 KB 17ms
16ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/23/turistainfluencer-victima-tulum.jpg?itok=FxQeLCUr

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4890e5b7eb989f05cc1d732c5234a5262b834a7346032609aee3342fa4481f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 975527
x-cache: HIT
last-modified: Sat, 23 Oct 2021 22:50:26 GMT
x-cache-hits: 57
x-ah-environment: prod
content-length: 11702
x-request-id: v-89d68b3a-3548-11ec-a0dd-0bb588348f2e
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d704aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 ancianita-1.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/22/ 10 KB
10 KB 18ms
18ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/22/ancianita-1.jpg?itok=x0lrj0oC

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78aa3aa1f9c6d18b973eef072a1aea8791fc49cedb3e3c9a925773d819a4781e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1500493
x-cache: HIT
last-modified: Fri, 22 Oct 2021 23:20:54 GMT
x-cache-hits: 22
x-ah-environment: prod
content-length: 10589
x-request-id: v-b891abdc-338e-11ec-a63f-97d735427acd
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d714aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 chayanne-1.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/21/ 16 KB
16 KB 18ms
17ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/21/chayanne-1.jpg?itok=xXr_XXOL

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb3b2320d479040eaa88bae6c01bbe1f14d3976128b154163bcd7f79a9a7336a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1589808
x-cache: HIT
last-modified: Thu, 21 Oct 2021 22:42:11 GMT
x-cache-hits: 7
x-ah-environment: prod
content-length: 16420
x-request-id: v-31132010-32c0-11ec-bcee-0bd2ae9dbab8
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d734aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 juego-del-calamar.jpg
www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/21/ 18 KB
18 KB 15ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/slidebarhome/public/articulos/2021/10/21/juego-del-calamar.jpg?itok=5iFk0X67

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5edccb0da5837f7f09fd780c4153631276e054592641ff5a7fd1f856fb8bdac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1596294
x-cache: HIT
last-modified: Thu, 21 Oct 2021 20:52:57 GMT
x-cache-hits: 16
x-ah-environment: prod
content-length: 18116
x-request-id: v-e6342210-32b0-11ec-af77-2f6cf87da1dd
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0808d744aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 cse_element__es.js Show response
www.google.com/cse/static/element/cc267ab8871224bd/ 290 KB
96 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/cc267ab8871224bd/cse_element__es.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=001546754850981606808:rutwf0smbt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

505da6cc307a0d76869801bae0138a8094463314cc92863a153920136a57de45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97679
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 21:05:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 09 Nov 2022 05:32:27 GMT

GET
H2 200 default+es.css
www.google.com/cse/static/element/cc267ab8871224bd/ 41 KB
9 KB 29ms
8ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/cc267ab8871224bd/default+es.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=001546754850981606808:rutwf0smbt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 21:05:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 09 Nov 2022 05:32:27 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 28ms
7ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=001546754850981606808:rutwf0smbt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 09 Nov 2021 08:32:37 GMT

GET
H2 200 parker-1.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 13 KB
13 KB 21ms
20ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/parker-1.jpg?itok=EFQ_Dlrg

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84907bb5ce5a7dd0c2c4589145cca44742c19b311d656755810517f0f138c6cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24122
x-cache: HIT
last-modified: Tue, 09 Nov 2021 01:31:01 GMT
x-cache-hits: 24
x-ah-environment: prod
content-length: 13331
x-request-id: v-b2a5c912-40fc-11ec-ba52-d75264c2bad6
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a080bdca4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 juanpa-zurita-boda-macarena.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 17 KB
17 KB 15ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/juanpa-zurita-boda-macarena.jpg?itok=UQSiiV8O

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea561643a794c538c2cdc9c7388c70e1b6320c1a47f6f97eb7186406b4628346

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26011
x-cache: HIT
last-modified: Tue, 09 Nov 2021 01:03:52 GMT
x-cache-hits: 13
x-ah-environment: prod
content-length: 16970
x-request-id: v-eed06180-40f8-11ec-a803-0f6522d1c9b4
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a080bdcb4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 michelle-1.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 15 KB
16 KB 16ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/michelle-1.jpg?itok=OzkmoDKr

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69ce34da3624469b20eda77ac3a70edbb70eb673eaad906f0eb4def0cf660a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27019
x-cache: HIT
last-modified: Tue, 09 Nov 2021 00:48:34 GMT
x-cache-hits: 9
x-ah-environment: prod
content-length: 15811
x-request-id: v-df53e4f4-40f6-11ec-b8b9-e3a2c08ec7f3
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a080bdcd4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 14ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=912629741&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tvnotas.com.mx%2F&ul=en-us&de=UTF-8&dt=TVNotas%20%C2%A1Irresistible!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1381596963&gjid=401145063&cid=163100912.1636446080&tid=UA-4955940-4&_gid=2137527990.1636446080&_r=1&gtm=2wgb80PVBVNJQ&z=24689783

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
337 B 10ms
9ms Image
text/plain 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1636446079789&ns_c=UTF-8&cv=3.5&c8=TVNotas%20%C2%A1Irresistible!&c7=https%3A%2F%2Fwww.tvnotas.com.mx%2F&c9=
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: Z7LkTBA8R8X2zWtvPcf_KU1PIKUEYuBqdAurMMdUeYS7owpPsCcrrQ==
x-cache: Miss from cloudfront

POST
H2 200 home_2 Show response
www.tvnotas.com.mx/kuxtal_pub/ 7 KB
775 B 917ms
917ms XHR
application/javascript 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/kuxtal_pub/home_2

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/js/js_PtDkX40YNWaoTtHqKK41INw1OeXIpv4LWBYn2rf1bSE.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

100e91777465230ff0bb4bc3bc77919bca7fbad1ef3db6e2b120444eecccaf56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tvnotas.com.mx/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 08:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0
x-cache: MISS
content-type: application/javascript; utf-8
link: <https://www.tvnotas.com.mx/kuxtal_pub/home_2>; rel="canonical",<https://www.tvnotas.com.mx/sites/default/files/favicon.ico>; rel="shortcut icon"
x-ah-environment: prod
vary: Accept-Encoding
content-length: 531
x-request-id: v-04e4cafa-4136-11ec-882c-1369ef8470c0
access-control-allow-origin: *
server: cloudflare
x-frame-options: SameOrigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
content-language: es
via: varnish
cache-control: s-maxage=600, max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 6ab5a0811e684aa3-FRA
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method
x-drupal-cache: MISS
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 1083.json Show response
script.crazyegg.com/pages/data-scripts/0017/ 12 KB
2 KB 31ms
15ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0017/1083.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0017/1083.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 479dee5a43f5b229e97220566d7794ae9851b20e5fe336443e5474e2d68280bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 72236
ce-version: 11.1.358
content-length: 1668
timing-allow-origin: *
last-modified: Mon, 08 Nov 2021 12:17:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6ab5a081293b2bd6-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 48ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4955940-4&cid=163100912.1636446080&jid=1381596963&gjid=401145063&_gid=2137527990.1636446080&_u=YEBAAEAAAAAAAC~&z=1761630297

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 09 Nov 2021 08:21:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.358.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 69 KB
22 KB 13ms
13ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0017/1083.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262fd74571b20241b0506bdb49bccddce8305437ce67b136556cca4694bc2a58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Nov 2021 19:35:50 GMT
server: cloudflare
age: 72417
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6ab5a08158ae4aa9-FRA
content-length: 22857

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 20ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4955940-4&cid=163100912.1636446080&jid=1381596963&_u=YEBAAEAAAAAAAC~&z=977277833

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 41ms
19ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4955940-4&cid=163100912.1636446080&jid=1381596963&_u=YEBAAEAAAAAAAC~&z=977277833

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bgrecetas4.jpg
www.tvnotas.com.mx/sites/all/themes/themetvnotas/images/ 66 KB
66 KB 14ms
14ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/all/themes/themetvnotas/images/bgrecetas4.jpg

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/css/css_GeC2cTJ3Wiut6BM2vCee7wuUnoJKH7YaEy2fUK6vYP4.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5324d408309ab64919f322e40a8eca21afa787f42cbfca58494bb8741f91e964

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/sites/default/files/css/css_GeC2cTJ3Wiut6BM2vCee7wuUnoJKH7YaEy2fUK6vYP4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13874855
x-cache: HIT
last-modified: Fri, 28 May 2021 00:26:16 GMT
x-cache-hits: 29
x-ah-environment: prod
content-length: 67456
x-request-id: v-249f6ec8-c304-11eb-9cbf-bf99303c94a0
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0819f3f4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
336 B 12ms
9ms Image
text/plain 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=7914328&ns__t=1636446079923&ns_c=UTF-8&cv=3.5&c8=TVNotas%20%C2%A1Irresistible!&c7=https%3A%2F%2Fwww.tvnotas.com.mx%2F&c9=
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: g2fD8wuxIiqrARH4b9e4f_2SmPbX-iJitqFqLNNA26TyCHznOiIocA==
x-cache: Miss from cloudfront

GET
H2 200 ipad_footer.png
www.tvnotas.com.mx/sites/default/files/logo-footer/ 2 KB
3 KB 18ms
16ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/logo-footer/ipad_footer.png

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/css/css_GeC2cTJ3Wiut6BM2vCee7wuUnoJKH7YaEy2fUK6vYP4.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d665ea8eeb59da66764a223dd0b1c51cefd2ea19602b92f372b46b81591a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/sites/default/files/css/css_GeC2cTJ3Wiut6BM2vCee7wuUnoJKH7YaEy2fUK6vYP4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9424109
x-cache: HIT
x-cache-hits: 105
x-ah-environment: prod
content-length: 2476
x-request-id: v-77024dde-dbf0-11eb-aec5-3fc706f9c5e2
last-modified: Wed, 31 May 2017 17:35:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a081ffe54aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 bg_feedrss.png
www.tvnotas.com.mx/sites/default/files/logo-footer/ 5 KB
5 KB 21ms
21ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/logo-footer/bg_feedrss.png?4565756

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/css/css_GeC2cTJ3Wiut6BM2vCee7wuUnoJKH7YaEy2fUK6vYP4.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd42bd6edf633812dfe233f63c11f2edfbf216e6e70d3aaadc4e0046d6352b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/sites/default/files/css/css_GeC2cTJ3Wiut6BM2vCee7wuUnoJKH7YaEy2fUK6vYP4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1504852
x-cache: HIT
x-cache-hits: 169
x-ah-environment: prod
content-length: 5295
x-request-id: v-545378ec-9ba1-11eb-9b4d-fb3339f20ee3
last-modified: Tue, 08 Dec 2020 20:39:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a081ffea4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tvnotas.com.mx

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tvnotas.com.mx

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 479 B
294 B 53ms
50ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=581957119321683&correlator=4095382076238694&output=ldjh&impl=fifs&eid=31063205%2C31063405%2C31063683%2C31062930&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=50466933%2CGEN_TV_NOTAS%2CGenericos%2CFlotante_HOME_1x1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&prev_scp=seccion%3Dhome&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636445364&dt=1636446079950&dlt=1636446079284&idt=426&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=11738&adks=352381846&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tvnotas.com.mx%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x11738&msz=0x-1&ga_vid=163100912.1636446080&ga_sid=1636446080&ga_hid=912629741&ga_fc=true&fws=128&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

813fa733b750e2c72ac80fbea1deaa1ef56e6fa35e4b1ae53a79b97f057b3910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A97 6 KB
4 KB 74ms
18ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:21:20 GMT
expires: Wed, 09 Nov 2022 08:21:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 47ms
46ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=581957119321683&correlator=1879117165933388&output=ldjh&impl=fifs&eid=31063205%2C31063405%2C31063683%2C31062930&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=50466933%2CGEN_TV_NOTAS%2CGenericos%2CFlotante_HOME_OOP&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&prev_scp=seccion%3Dhome&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636445364&dt=1636446079969&dlt=1636446079284&idt=426&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=11738&adks=3984289840&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tvnotas.com.mx%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x11738&msz=0x-1&ga_vid=163100912.1636446080&ga_sid=1636446080&ga_hid=912629741&ga_fc=true&fws=128&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6701b217489fd9cd7664822a0a08a93f60b4eacb89b04f72232b83913429bc13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2346
x-xss-protection: 0
google-lineitem-id: 5427264168
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138318009427
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1083.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0017/ 754 B
356 B 54ms
54ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0017/1083.json?t=454568
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b954896bf8b9d1bf0261f148e0936a333af7484a5e14a124999c0df63cfdc88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 72236
ce-version: 11.1.358
content-length: 291
timing-allow-origin: *
last-modified: Mon, 08 Nov 2021 12:17:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6ab5a0823b1c2bd6-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 69 KB
10 KB 321ms
299ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

81cb17391f926236e3ec7b1265a405e29be35d8fe932905149488402cd93cd5c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 09 Nov 2021 08:21:20 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 136.243.198.80; 136.243.198.80; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3e6e4b40-a75c-4358-bfe2-d8c9a30168a5
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
568 B 95ms
22ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b5%3b62
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
568 B 98ms
25ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b1%3b81
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
569 B 98ms
25ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b30%3b76
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
569 B 96ms
23ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b26%3b82
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
569 B 161ms
88ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b30%3b84
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
569 B 100ms
27ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b29%3b79
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
568 B 118ms
23ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b2%3b96
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
568 B 121ms
25ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b2%3b68
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
570 B 118ms
21ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b26%3b120
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
569 B 118ms
20ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b1%3b110
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
569 B 123ms
23ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b24%3b85
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
574 B 139ms
21ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b4%3b101
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/1a969/1/www.tvnotas.com.mx/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/1a969/1/www.tvnotas.com.mx/ROS?rnd=0.6500212635092641&e=728x90_0%3A728x90%2C970x250%2C970x90%2B160x600_0%3A160x600%2B160x600_1%3A160x600%2B300x250_0%3A300x250%2...
https://ads.us.e-planning.net/hb/1/1a969/1/www.tvnotas.com.mx/ROS?ct=1&r=pbjs&rnd=0.6500212635092641&e=728x90_0%3A728x90%2C970x250%2C970x90%2B160x600_0%3A160x600%2B160x600_1%3A160x600%2B300x250_0%3...

272 B
595 B

14ms
13ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/1a969/1/www.tvnotas.com.mx/ROS?ct=1&r=pbjs&rnd=0.6500212635092641&e=728x90_0%3A728x90%2C970x250%2C970x90%2B160x600_0%3A160x600%2B160x600_1%3A160x600%2B300x250_0%3A300x250%2B300x250_1%3A300x250%2B300x250_2%3A300x250%2C728x90%2C970x250%2C970x90%2B300x250_3%3A300x250%2B300x250_4%3A300x250%2C728x90%2C970x90%2B300x250_5%3A300x250%2C728x90%2C970x90%2B300x250_6%3A300x250%2C728x90%2C970x90%2B300x250_7%3A300x250%2C728x90%2B300x250_8%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.tvnotas.com.mx%2F&pbv=5.10.0&ncb=1&vs=FFFFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.tvnotas.com.mx%2F
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Server: 46.249.52.249 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: f82689b2e3f582299f166f06fd184549ac2ad49d9ef9fd9353570d114054085a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.tvnotas.com.mx
expires: Tue, 09 Nov 2021 08:21:20 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 272
x-sid: AMS-738

Redirect headers

date: Tue, 09 Nov 2021 08:21:20 GMT
server: openresty
access-control-allow-origin: https://www.tvnotas.com.mx
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/1a969/1/www.tvnotas.com.mx/ROS?ct=1&r=pbjs&rnd=0.6500212635092641&e=728x90_0%3A728x90%2C970x250%2C970x90%2B160x600_0%3A160x600%2B160x600_1%3A160x600%2B300x250_0%3A300x250%2B300x250_1%3A300x250%2B300x250_2%3A300x250%2C728x90%2C970x250%2C970x90%2B300x250_3%3A300x250%2B300x250_4%3A300x250%2C728x90%2C970x90%2B300x250_5%3A300x250%2C728x90%2C970x90%2B300x250_6%3A300x250%2C728x90%2C970x90%2B300x250_7%3A300x250%2C728x90%2B300x250_8%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.tvnotas.com.mx%2F&pbv=5.10.0&ncb=1&vs=FFFFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.tvnotas.com.mx%2F
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-738

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
1 KB 179ms
76ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740790&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=111e3c69-39e6-4be0-a053-88b45a1e84a3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6587702346404145
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 880b0d5c6cc140c8340ac0a5ec769abcedd36a40a54f307ff213c42b8e0df99b

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 134ms
28ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740778&size_id=9&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=5c2d0edf-8aef-4122-ae70-84984f451e5c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04454668051214328
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c896b3c3ed1eac859c4cb0f8ec3c8ce899dad6056dc4eae46901966af0fa51e3

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 129ms
23ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740514&size_id=9&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=0328a8cc-636f-4fe3-8ba5-bbe9c78346a3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.16886419475620462
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 882abb0d23f884ba343ce89cf0aed22164916345537120a5afdf53a3ef9fbb67

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 142ms
32ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740784&size_id=15&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=e8405333-63f9-4c1e-95cb-446837c64455&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06389357895842851
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 385a1f1f3189cd58add920c45fd141dbc95ec5badf58d98dd14464100cce303b

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 138ms
28ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740780&size_id=15&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=9cfa8f81-4a49-4489-9dc5-a41cc8952795&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17781079881550643
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0fed71387540e635122ec14d3388e7042bc3d9e2323b884f9e3c3dff3a91a49b

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 266 B
1 KB 199ms
88ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740792&size_id=15&alt_size_ids=2%2C55%2C57&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=8265187a-ea84-4622-922b-02323005590a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.025469092352841782
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5c0d311aac850dfee3af744c1fc77002ae4299d8fd1aed6d45961cf0e7dfe3d7

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 266
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 165ms
28ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740786&size_id=15&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=f39d4be3-c1b7-4b63-bdf8-3427d1dfbaae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.758020986361956
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a52995d1eb5aea06a7b76d2c6aa8d4a8d7dceba3d112ae8a406543512232fc96

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
1 KB 378ms
241ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740794&size_id=15&alt_size_ids=2%2C55&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=2e108d72-75a3-40fc-9af7-9ac5aba72d3b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8178382021528134
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7ab45c56aae1128da7fce45215deefa926ab040adbbbe2c7cc38450bc17ce7d8

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
1 KB 229ms
84ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740800&size_id=15&alt_size_ids=2%2C55&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=ad831e74-b840-483b-8d08-13ab32226c87&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.882140630164141
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e53f4dbacd00d4b932dfc1492ba4a4aa4fe0fdf21a36247d8495b6c152cd6e22

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
1 KB 222ms
77ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740800&size_id=15&alt_size_ids=2%2C55&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=eb0054c6-8921-49e4-b1a5-a30cfeae5f5b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5776804254508856
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9e2dd137dd89ec831ca44d2d1a640f2c681700edb6c7fa4d638e6d0f52bb1e61

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 317ms
148ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740782&size_id=15&alt_size_ids=2&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=0346f504-7768-426f-911b-e588180b2be3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15475908931575466
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 62dbb0b4a976523372beedd3a017314028239b6ee73eae6b8c59003d4ae0458d

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
1 KB 228ms
47ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17360&site_id=332086&zone_id=1740806&size_id=15&alt_size_ids=2%2C55&rf=https%3A%2F%2Fwww.tvnotas.com.mx%2F&tk_flint=pbjs_lite_v5.10.0&x_source.tid=f074c96d-0ea8-4d02-93ac-c77fef5eaf73&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.32416163687693755
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/prebid5.10.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ede2d6dce91de3e1e3327757caaed43e9fb2d4729f07c9b2449a697b7e6ad341

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnotas.com.mx
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arrowhgm-4.png
www.tvnotas.com.mx/sites/default/files/arrows/ 634 B
795 B 16ms
14ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/arrows/arrowhgm-4.png

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/sites/default/files/css/css_GeC2cTJ3Wiut6BM2vCee7wuUnoJKH7YaEy2fUK6vYP4.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c36a1740bc1d43a47b89cb8f462ddcf28c6d8c05060b14d2eeed79850401b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/sites/default/files/css/css_GeC2cTJ3Wiut6BM2vCee7wuUnoJKH7YaEy2fUK6vYP4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9424108
x-cache: HIT
x-cache-hits: 102
x-ah-environment: prod
content-length: 634
x-request-id: v-6e2b1d5a-e58f-11eb-8f86-571b5f79b803
last-modified: Mon, 15 Jan 2018 21:54:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0833a064aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 loader-t.gif
www.tvnotas.com.mx/sites/all/modules/lazyloader/loader/ 18 KB
19 KB 13ms
13ms Image
image/gif 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/all/modules/lazyloader/loader/loader-t.gif

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06fcec6e4efcad104fa5c203db8222811f0ccec5f5e00691931857032e5c7efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 421058
x-cache: HIT
x-cache-hits: 21
x-ah-environment: prod
content-length: 18815
x-request-id: v-5097f81c-3ca1-11ec-a2ff-bb752c7506a0
last-modified: Thu, 14 Jan 2021 14:36:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0836a404aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 logo-recetario.png
www.tvnotas.com.mx/sites/all/themes/themetvnotas/images/ 9 KB
10 KB 14ms
14ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/all/themes/themetvnotas/images/logo-recetario.png

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24631c39c0daf31d1af47e59c21461b617dffde481c0196213934ead19179ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 975526
x-cache: HIT
x-cache-hits: 21
x-ah-environment: prod
content-length: 9611
x-request-id: v-b5ca903a-36bd-11ec-8f27-5f2514622e25
last-modified: Thu, 14 Jan 2021 12:43:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0836a424aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 146 KB
53 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/cc267ab8871224bd/cse_element__es.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a8ca5410056865c939c9a2e387de0e5bf6caefe11b952fae8f278d435a1c14d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "12102021743342016825"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Tue, 09 Nov 2021 08:21:20 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/es/ 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/es/branding.png

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6034e5ee0510f90b538cb59205702151396dda15fc431432b7fc95e4ecde8886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:33:01 GMT
x-content-type-options: nosniff
age: 10099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1404
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 09 Nov 2022 05:33:01 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
39 B 26ms
6ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 portada-3.png
www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/ 10 KB
10 KB 17ms
16ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/portada-3.png?1

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076a495c35dd0459bc89ca7c0e41e3df926dcf1b6417c4746db91661fc78da83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4945929
x-cache: HIT
x-cache-hits: 20
x-ah-environment: prod
content-length: 9827
x-request-id: v-e271fa30-12ad-11ec-8530-1fbaa6a06bce
last-modified: Thu, 08 Jul 2021 22:20:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083aaaf4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 portada-4.png
www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/ 10 KB
10 KB 19ms
17ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/portada-4.png?1

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5427d66ff82e5d0deedccb5f7f701aeed58df68ab3298e872f1200e4dd96cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10638426
x-cache: HIT
x-cache-hits: 15
x-ah-environment: prod
content-length: 10173
x-request-id: v-d9008596-e073-11eb-bbae-e3fc0b7be5a4
last-modified: Thu, 08 Jul 2021 22:18:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083aab24aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 portada-5.png
www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/ 10 KB
10 KB 16ms
14ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/portada-5.png?1

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e5281574e6e5ba28b107dec9fa7c070dcce1a426efe96a2f4bf584bf49914c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10638426
x-cache: HIT
x-cache-hits: 15
x-ah-environment: prod
content-length: 10377
x-request-id: v-d9019f44-e073-11eb-b1f7-ff3d0f96782e
last-modified: Thu, 08 Jul 2021 22:18:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083aab34aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 portada-6.png
www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/ 11 KB
11 KB 34ms
29ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/portada-6.png

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f475b9e03b95b703495be8b6349d6673d2d954b57c51bbe5727fa2d35482ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6676453
x-cache: HIT
x-cache-hits: 78
x-ah-environment: prod
content-length: 11473
x-request-id: v-ad1d7324-0023-11ec-8d62-a7aae44a33d7
last-modified: Thu, 08 Jul 2021 22:18:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083aabd4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 portada_1293_tapada.jpg
www.tvnotas.com.mx/sites/default/files/styles/480xy/public/portada/2021-11/ 91 KB
91 KB 19ms
14ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/480xy/public/portada/2021-11/portada_1293_tapada.jpg?itok=Lg8oy5WU

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5033c550a9e9f128815eb9546e4ebb571284f53cebc6e12bc568777efdd8953

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7932
x-cache: HIT
last-modified: Tue, 09 Nov 2021 06:06:55 GMT
x-cache-hits: 7
x-ah-environment: prod
content-length: 93429
x-request-id: v-492b2faa-4123-11ec-85da-e34c3cc8e89c
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083aac44aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 superalimentos.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/11/06/ 15 KB
15 KB 20ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/11/06/superalimentos.jpg?itok=5fjtMtwD

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0f747495aabad9af0b329dc544f039e4fdc85c4236df97f236e03cb7c2695b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 262933
x-cache: HIT
last-modified: Sat, 06 Nov 2021 07:01:47 GMT
x-cache-hits: 2
x-ah-environment: prod
content-length: 15440
x-request-id: v-c2a9f8d8-3ed1-11ec-ad4f-3f4ad9ff46db
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083aac54aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 simplifica-tu-salud.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/11/05/ 6 KB
6 KB 20ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/11/05/simplifica-tu-salud.jpg?itok=qMiMHPNH

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b3330e882d2801191a7e880030830a551633f8334e0e819d064eae2a41dc1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 270608
x-cache: HIT
last-modified: Sat, 06 Nov 2021 05:06:50 GMT
x-cache-hits: 9
x-ah-environment: prod
content-length: 6508
x-request-id: v-673d3256-3ebf-11ec-b860-9bab4a2ed4be
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083aac64aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 dr1.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/11/04/ 11 KB
11 KB 30ms
26ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/11/04/dr1.jpg?itok=4pxCJEWd

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f08e97da466fd47c68bc8697ad4d55cb9d90b5cdcfb52f0821f7b3a318169e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 376963
x-cache: HIT
last-modified: Thu, 04 Nov 2021 23:37:33 GMT
x-cache-hits: 6
x-ah-environment: prod
content-length: 11305
x-request-id: v-384cb27a-3dc8-11ec-939a-6f0aaed93df4
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083aac74aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 cempasuchil_1.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/10/31/ 12 KB
12 KB 33ms
28ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/10/31/cempasuchil_1.jpg?itok=085GNtcf

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

096530f6ea0a009a1176b10da6aef453bafe74262168bf70b253f92fa54c8cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 756484
x-cache: HIT
last-modified: Sun, 31 Oct 2021 14:10:36 GMT
x-cache-hits: 3
x-ah-environment: prod
content-length: 12388
x-request-id: v-6ed41fb2-3a54-11ec-a897-2fef6d1048c8
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bac94aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 charro.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/11/03/ 12 KB
12 KB 30ms
26ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/11/03/charro.jpg?itok=ozkfd6R3

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c118a310fc1d51f3d625dfcafe48532dac304dbc14b1a33572e7d15706a9118

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 441363
x-cache: HIT
last-modified: Thu, 04 Nov 2021 05:38:24 GMT
x-cache-hits: 12
x-ah-environment: prod
content-length: 12148
x-request-id: v-8a500208-3d31-11ec-87fe-fbfb628e1b6c
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083baca4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 joven_paviemnto.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/10/08/ 8 KB
8 KB 24ms
20ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/10/08/joven_paviemnto.jpg?itok=e_AWNQPa

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b48107b94a47d728c596c027a3b8cddac923523892124095b7089142976e185f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2750579
x-cache: HIT
last-modified: Fri, 08 Oct 2021 12:07:45 GMT
x-cache-hits: 24
x-ah-environment: prod
content-length: 8218
x-request-id: v-63f67300-2830-11ec-9f81-77e27daac218
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bacb4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 unam.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/09/30/ 13 KB
13 KB 20ms
17ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/09/30/unam.jpg?itok=ZqEHZtXe

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc476b6a43cab31464290eed24e58b2eeabc86b08c6f136298c8ae8aa3a13b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3405943
x-cache: HIT
last-modified: Thu, 30 Sep 2021 21:58:53 GMT
x-cache-hits: 26
x-ah-environment: prod
content-length: 13128
x-request-id: v-a19ec240-2239-11ec-89f7-fbbada527818
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bacc4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 ipn-1.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/09/17/ 11 KB
11 KB 31ms
28ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/09/17/ipn-1.jpg?itok=rUngVOsZ

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e03e2a17b3a13f4d92f645d5a352973db7d8f430e27097a1f776cbe4be9742a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4527732
x-cache: MISS
x-ah-environment: prod
content-length: 11474
x-request-id: v-11daf84e-1808-11ec-bd4e-eb9dae422afb
last-modified: Fri, 17 Sep 2021 22:39:08 GMT
server: cloudflare
x-frame-options: SameOrigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sat, 14 May 2022 08:21:20 GMT
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bacd4aa3-FRA
x-drupal-cache: MISS
cf-bgj: h2pri

GET
H2 200 octavio1.jpg
www.tvnotas.com.mx/sites/default/files/styles/hometvnotastv/public/videos/2021/11/06/ 39 KB
39 KB 24ms
21ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/hometvnotastv/public/videos/2021/11/06/octavio1.jpg?itok=fcUXQKhf

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77bcfc717ce521c6cbad20e6024ceef0ec185ec46649be1712d1b623adf03880

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 208454
x-cache: HIT
last-modified: Sat, 06 Nov 2021 22:16:42 GMT
x-cache-hits: 12
x-ah-environment: prod
content-length: 39958
x-request-id: v-4996b87c-3f4f-11ec-974e-5bc3f7b511f4
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bace4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 base_1_22.jpg
www.tvnotas.com.mx/sites/default/files/styles/homevideo340x266/public/videos/2021/11/05/ 14 KB
14 KB 20ms
17ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/homevideo340x266/public/videos/2021/11/05/base_1_22.jpg?itok=U1RO0otb

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40848c6a73d95d40e4e72a6cc045cdb17fc2f0597fa0b4e66644ef1561f916ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 208454
x-cache: HIT
last-modified: Sat, 06 Nov 2021 22:16:42 GMT
x-cache-hits: 13
x-ah-environment: prod
content-length: 14555
x-request-id: v-499b18d6-3f4f-11ec-bfc5-df44b64295c9
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bad04aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 base_1_24.jpg
www.tvnotas.com.mx/sites/default/files/styles/homevideo340x266/public/videos/2021/11/05/ 20 KB
20 KB 18ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/homevideo340x266/public/videos/2021/11/05/base_1_24.jpg?itok=tnZ58R53

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6a813c482532a65dcf60f04ced05766145b33a2b90063bca32cff6548f5778

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 282239
x-cache: HIT
last-modified: Sat, 06 Nov 2021 01:56:36 GMT
x-cache-hits: 1
x-ah-environment: prod
content-length: 20453
x-request-id: v-db025b5a-3ea4-11ec-9224-0fc22028bbc2
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bad14aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 eternals-gay.jpg
www.tvnotas.com.mx/sites/default/files/styles/home516x290/public/articulos/2021/11/06/ 29 KB
29 KB 17ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home516x290/public/articulos/2021/11/06/eternals-gay.jpg?itok=eZXN2X94

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

532cb27bb136f201aa1a2f5078f6420b8a56745002cead186510c7d9c0ef2b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 199555
x-cache: HIT
last-modified: Sun, 07 Nov 2021 00:45:37 GMT
x-cache-hits: 22
x-ah-environment: prod
content-length: 29512
x-request-id: v-18038258-3f64-11ec-98a8-e7504030c86b
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bad34aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 harry_potter_anos_despues_1.jpg
www.tvnotas.com.mx/sites/default/files/styles/home516x290/public/articulos/2021/11/06/ 21 KB
22 KB 25ms
23ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home516x290/public/articulos/2021/11/06/harry_potter_anos_despues_1.jpg?itok=Xg6goutA

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e326a55ab976f779958c7322915a65a56bf73c14b0924b8545b07abc562c5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 224468
x-cache: HIT
last-modified: Sat, 06 Nov 2021 17:54:51 GMT
x-cache-hits: 10
x-ah-environment: prod
content-length: 21844
x-request-id: v-ae0a9e38-3f2a-11ec-af83-7b53c1527ea9
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bad44aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 gael-garcia.jpg
www.tvnotas.com.mx/sites/default/files/styles/home516x290/public/articulos/2021/11/04/ 14 KB
14 KB 19ms
17ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home516x290/public/articulos/2021/11/04/gael-garcia.jpg?itok=KeyslFZw

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94daffa6d63f891fd4b7bb558e8438b8e15d0019801d0e2a442e36db48153cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 347952
x-cache: HIT
last-modified: Fri, 05 Nov 2021 02:21:36 GMT
x-cache-hits: 57
x-ah-environment: prod
content-length: 13923
x-request-id: v-25e98484-3ddf-11ec-89e9-4f65a810091e
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bad64aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 eden-munoz-edad.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome305x170/public/articulos/2021/11/08/ 7 KB
7 KB 23ms
21ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome305x170/public/articulos/2021/11/08/eden-munoz-edad.jpg?itok=rx_2sPGK

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

696dbebe21edbe3c98e74ff84939b241da4b6235f64cf3ee3dedc8062b1583b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7932
x-cache: HIT
last-modified: Tue, 09 Nov 2021 05:54:31 GMT
x-cache-hits: 7
x-ah-environment: prod
content-length: 7053
x-request-id: v-3d5bd94a-4123-11ec-9809-d77824ca9114
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bad84aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 eugenio-octavio.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome305x170/public/articulos/2021/11/08/ 10 KB
10 KB 28ms
26ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome305x170/public/articulos/2021/11/08/eugenio-octavio.jpg?itok=tibxaNtW

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f52e9bc44b650b2e7dcfde527f74f7ec62b85876164333239d586b817020c370

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11773
x-cache: HIT
last-modified: Tue, 09 Nov 2021 05:04:47 GMT
x-cache-hits: 2
x-ah-environment: prod
content-length: 9764
x-request-id: v-98874d08-411a-11ec-a57e-bbe59999b50f
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083bada4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 octavio-ocana-enrique-rocha.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome305x170/public/articulos/2021/11/08/ 10 KB
10 KB 26ms
25ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome305x170/public/articulos/2021/11/08/octavio-ocana-enrique-rocha.jpg?itok=S4vRFTKs

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07078e1d217db7542348cd323f33a5086dc04400f50873614ab2011f85a431c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7932
x-cache: HIT
last-modified: Tue, 09 Nov 2021 05:54:31 GMT
x-cache-hits: 7
x-ah-environment: prod
content-length: 10035
x-request-id: v-3d5f2960-4123-11ec-b42d-9b2cba401d5c
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083badb4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 chuponcito_audiencia.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome305x170/public/articulos/2021/11/08/ 8 KB
8 KB 20ms
20ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome305x170/public/articulos/2021/11/08/chuponcito_audiencia.jpg?itok=04QjF3M-

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5560bd8499ddb4360addde9e482174031a640e62c9d2f2c88cd065a57dfa5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14471
x-cache: HIT
last-modified: Tue, 09 Nov 2021 04:11:46 GMT
x-cache-hits: 20
x-ah-environment: prod
content-length: 7787
x-request-id: v-50fd54ac-4113-11ec-93e3-7bbc743fa6c1
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a083badc4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 octavio_ocana_portada.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 20 KB
20 KB 20ms
18ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/octavio_ocana_portada.jpg?itok=uzYw9Pnj

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93d81838023c62940eac4372f27459bdfadb1b2dee20ba67a4ee6962e69dade4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7922
x-cache: HIT
last-modified: Tue, 09 Nov 2021 05:54:26 GMT
x-cache-hits: 7
x-ah-environment: prod
content-length: 20164
x-request-id: v-3da83eb6-4123-11ec-8491-4f4580bbb974
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c154aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 bella1.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 15 KB
15 KB 15ms
13ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/bella1.jpg?itok=jhLEhe3K

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da07037d6ee41cb7085b2278066dbace51b9922c562069b100ec72c1c1df840a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7922
x-cache: HIT
last-modified: Tue, 09 Nov 2021 06:06:55 GMT
x-cache-hits: 6
x-ah-environment: prod
content-length: 15198
x-request-id: v-4a267310-4123-11ec-a9f5-17555914efb4
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c194aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 jorge_medina_1.jpg
www.tvnotas.com.mx/sites/default/files/styles/home516x290/public/articulos/2021/11/08/ 22 KB
22 KB 23ms
21ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home516x290/public/articulos/2021/11/08/jorge_medina_1.jpg?itok=cWerHg4O

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

823a0e0f5431b532cd44cc7f37ba79667d89c7ab4bb7360847a6b77dd6bcdcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7922
x-cache: HIT
last-modified: Tue, 09 Nov 2021 05:54:26 GMT
x-cache-hits: 7
x-ah-environment: prod
content-length: 22303
x-request-id: v-3daf31ee-4123-11ec-b23b-4393ccdc1f35
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c1b4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 pedro-sola-alicia-villarreal.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 16 KB
16 KB 44ms
42ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/pedro-sola-alicia-villarreal.jpg?itok=18KoKZZi

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7df31e4733b865c23a80d130d486123997faeba4e02be8a1853b9e6bf6304ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13214
x-cache: HIT
last-modified: Tue, 09 Nov 2021 04:17:24 GMT
x-cache-hits: 34
x-ah-environment: prod
content-length: 16364
x-request-id: v-9047b35e-4114-11ec-acf3-c3df60a3fc7a
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c1c4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 octavio-1.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 18 KB
18 KB 14ms
12ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/octavio-1.jpg?itok=rRBzLH96

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d7f9743fa348b074c0b3c174bb7c816e967d0cced94d8706f339685889baac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16519
x-cache: HIT
last-modified: Tue, 09 Nov 2021 03:30:47 GMT
x-cache-hits: 19
x-ah-environment: prod
content-length: 18580
x-request-id: v-c55a726c-410e-11ec-92e2-a3972b595794
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c1f4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 los-horoscopos-de-durango.jpg
www.tvnotas.com.mx/sites/default/files/styles/imagenprincipalhome/public/articulos/2021/11/08/ 52 KB
53 KB 17ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imagenprincipalhome/public/articulos/2021/11/08/los-horoscopos-de-durango.jpg?itok=hoZRSohT

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2c961f9ca5a5911105bbeaba9857838c6a061764c0c4d3b9ead322842d540fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11760
x-cache: HIT
last-modified: Tue, 09 Nov 2021 05:03:49 GMT
x-cache-hits: 5
x-ah-environment: prod
content-length: 53565
x-request-id: v-8650c6d2-411a-11ec-a88a-23736fa74c61
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c204aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 oswaldo3.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 16 KB
16 KB 20ms
18ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/oswaldo3.jpg?itok=St7IPEKy

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa12553670d364ca41d3b6208081aeb622080fad742d3f492379630a8c3f6688

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24122
x-cache: HIT
last-modified: Tue, 09 Nov 2021 01:35:49 GMT
x-cache-hits: 11
x-ah-environment: prod
content-length: 16639
x-request-id: v-72b17b48-40fd-11ec-b67e-a7fb5f2cc9f5
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c214aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 foto-nota.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 18 KB
18 KB 21ms
19ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/foto-nota.jpg?itok=fHfZuy_l

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

413ba49bacb91bd3138d6dc09319eede0c983fc45e25915fb62c26f58d87f9b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19665
x-cache: HIT
last-modified: Tue, 09 Nov 2021 02:37:40 GMT
x-cache-hits: 12
x-ah-environment: prod
content-length: 18763
x-request-id: v-99a0123c-4107-11ec-80ad-673d38a73a47
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c234aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 octavioocana-policia.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 15 KB
15 KB 15ms
13ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/octavioocana-policia.jpg?itok=xdFY2TjT

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c8b9c9d93c9c1fbb0228d3ce1161dc18b9439b85b8d8320bd435d585ca65250

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41070
x-cache: HIT
last-modified: Mon, 08 Nov 2021 20:54:51 GMT
x-cache-hits: 9
x-ah-environment: prod
content-length: 15179
x-request-id: v-31ecef38-40d6-11ec-83d5-2b9cb7631e7e
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c254aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 familia_de_octavio.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 17 KB
17 KB 19ms
17ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/familia_de_octavio.jpg?itok=CEoXIsyF

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c68f11353b82b40fce102891589900c36c6b1e7dcfd7eaed59d329655d0b0b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 43887
x-cache: HIT
last-modified: Mon, 08 Nov 2021 20:08:34 GMT
x-cache-hits: 6
x-ah-environment: prod
content-length: 17642
x-request-id: v-aa25e204-40cf-11ec-9713-079708d0af0b
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c264aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 mhonividente-octavioocana.jpg
www.tvnotas.com.mx/sites/default/files/styles/imagenprincipalhome/public/articulos/2021/11/08/ 35 KB
36 KB 15ms
14ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imagenprincipalhome/public/articulos/2021/11/08/mhonividente-octavioocana.jpg?itok=XFxLO-wf

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af99bd04fa76e903683f0c2ad030cf2bcde3a17e19113a7d7d51b4d48928ee59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30747
x-cache: HIT
last-modified: Mon, 08 Nov 2021 23:01:40 GMT
x-cache-hits: 29
x-ah-environment: prod
content-length: 36216
x-request-id: v-2b5e9556-40e8-11ec-9307-ebf57448f4ed
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c274aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 viral-saltan-de-edificio.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 14 KB
14 KB 20ms
19ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/viral-saltan-de-edificio.jpg?itok=Jkkvve_5

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69bdb96417cb215a9d39bcc5b1c3349b77fe5ded27f8ce8eadbe6bc0950295cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 37020
x-cache: HIT
last-modified: Mon, 08 Nov 2021 21:48:32 GMT
x-cache-hits: 7
x-ah-environment: prod
content-length: 14510
x-request-id: v-70d7d402-40df-11ec-ae88-6b8d89287c95
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c284aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 enrique1.jpg
www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/ 15 KB
15 KB 14ms
14ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/home400x225/public/articulos/2021/11/08/enrique1.jpg?itok=hidyy5-F

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad27ed9db8b2b9cae2d9c309dc825fab56dd206b54099e172299703085e22dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 45970
x-cache: HIT
last-modified: Mon, 08 Nov 2021 19:32:47 GMT
x-cache-hits: 11
x-ah-environment: prod
content-length: 14962
x-request-id: v-aa9ac466-40ca-11ec-be30-d79488db23bd
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0844c2b4aa3-FRA
expires: Sat, 14 May 2022 08:21:20 GMT

GET
H2 200 816c18ff-f753-471b-9b0d-e3000f908090.js Show response
static.sunmedia.tv/integrations/816c18ff-f753-471b-9b0d-e3000f908090/ 299 KB
98 KB 77ms
15ms Script
application/javascript 51.91.154.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/816c18ff-f753-471b-9b0d-e3000f908090/816c18ff-f753-471b-9b0d-e3000f908090.js
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.154.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3158246.ip-51-91-154.eu
Software: nginx /
Resource Hash: db4d9e3404ab026c8c936501189065b5306b06a020074319e65c576fee62ad63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Fri, 29 Oct 2021 16:41:56 GMT
server: nginx
age: 126805
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 99687
accept-ranges: bytes
x-device: mobile

GET
DATA 200
OK truncated
/ Frame A8AE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82871cb36d8c4111339a96f648883f57fc559aa8dd9ab05aeffb911f3ffada4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view%3Fxai%3DAKAOjsumy4kdl_oQA4SwiEWR2Jtp_Z3FRFtlRAcIFs4EO_T1twRMHz1Aunw9HuZpbXQCl1lXGzAlDc5JaCZ6wi1XzcnuSHkXdxUyTDHPNk4nPHMIDTy9Z6NaOkf33j8jQ4AZcOTnVKRbgoRaHfAHUELvwEcfVeNhBJeR1ZnXzdU3xn1SgyktU7si...
securepubads.g.doubleclick.net/pcs/ Frame A8AE 0
26 B 17ms
17ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsumy4kdl_oQA4SwiEWR2Jtp_Z3FRFtlRAcIFs4EO_T1twRMHz1Aunw9HuZpbXQCl1lXGzAlDc5JaCZ6wi1XzcnuSHkXdxUyTDHPNk4nPHMIDTy9Z6NaOkf33j8jQ4AZcOTnVKRbgoRaHfAHUELvwEcfVeNhBJeR1ZnXzdU3xn1SgyktU7siyeZPLpOOE-yb5UB1v4Gy8WKBX7MbRQfEPfufQicQy4pWszV2jdUormvS06VwD4f6BEj0QSGXhYQaGUR5eVFA6dFbg9cUAVPFsd9u-VFEypejBTg1xJ_Bn9umkE0F4_5GTa5U-okwA7yCVLxvcoIu2NXRJUboxgXbzJka0YPk52r_gvWMHg%26sai%3DAMfl-YSvvMn-XHQoKFyvTHMW08mLD8nZGBLZeOL3b49mL09gl_H0xZCU4lJCYm59DcFVzntoqasiRalRAlCOZhq_J43PFf7ncif7ga5E0EfsDBWcVwwUBaw_RivjWhuuJ8cg%26sig%3DCg0ArKJSzDRPAPpisfsDEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3D

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:21:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 09 Nov 2021 08:21:20 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
417 B 26ms
7ms XHR
binary/octet-stream 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 2425185
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: B5EorJOpwVTgfLkTZ62FcNi8otV0KEvmFcYqhn3QWSlmgOHgbkAwXw==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
418 B 58ms
8ms XHR
binary/octet-stream 13.224.186.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-18.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 2425185
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: 8InV1wLZ0_9SaOiBxlpqdR9wHDE1_0VKMPH8N_Xwp0HecTYTdycuJQ==

GET
H2 200 json Show response
trc.taboola.com/notmusa-tvnotas/trc/3/ 16 KB
7 KB 228ms
221ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/notmusa-tvnotas/trc/3/json?tim=08%3A21%3A20.410&lti=deflated&data=%7B%22id%22%3A636%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1636365935462%2C%22vi%22%3A1636446080406%2C%22cv%22%3A%2220211108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.tvnotas.com.mx%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.tvnotas.com.mx%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7015%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20Home%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20Home%22%2C%22cd%22%3A1808%2C%22mw%22%3A1024%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%20Home%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 10db159beec8c943ec30743d0164a1bd093f36631dea6bd5d372a6f7409bf706

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 215
date: Tue, 09 Nov 2021 08:21:21 GMT
content-encoding: gzip
server: nginx
x-timer: S1636446081.801204,VS0,VE215
x-served-by: cache-fra19177-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.tvnotas.com.mx
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
BLOB 200
OK 2fe12cfd-5147-4901-9fb1-e074807dbc5e
https://www.tvnotas.com.mx/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvnotas.com.mx/2fe12cfd-5147-4901-9fb1-e074807dbc5e
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ 28 B
135 B 110ms
41ms XHR
text/plain 34.249.212.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1636446080447
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.212.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-212-247.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 81b3eb7b9b53370b135c51c8872c49b5bd8a64758884508ce0485fbfb0a96c42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 08:21:20 GMT
cache-control: no-store
server: awselb/2.0
content-length: 28
content-type: text/plain

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 320ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tvnotas.com.mx

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tvnotas.com.mx

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 891 KB
80 KB 584ms
584ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=581957119321683&correlator=1876393008621612&output=ldjh&impl=fifs&eid=31063205%2C31063405%2C31063683%2C44714449%2C31062930&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=50466933%2CGEN_TV_NOTAS%2CHome%2C970x250_Especial%2C160x600_izq%2C160x600_der%2C300X250_Kuxtal%2C300x250_a%2C970x90_b%2C336X280%2C970x90_c%2C970x90_d%2C970x90_e%2C300x250_f%2C970x90_g&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11%2C%2F0%2F1%2F2%2F12%2C%2F0%2F1%2F2%2F13%2C%2F0%2F1%2F2%2F14&prev_iu_szs=970x250%7C970x90%7C728x90%2C160x600%2C160x600%2C300x250%2C300x250%2C970x250%7C970x90%7C728x90%2C300x250%2C970x90%7C728x90%2C970x90%7C728x90%2C970x90%7C728x90%2C300x250%2C970x90%7C728x90&prev_scp=pos%3D10%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D662dad5071978ac%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.00%26hb_adid%3D662dad5071978ac%26hb_bidder%3Dappnexus%7Cpos%3D2%7Cpos%3D1%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D160x600%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D67b1536a7c289d8%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.00%26hb_adid%3D67b1536a7c289d8%26hb_bidder%3Dappnexus%7Cpos%3D8%7Cpos%3D1%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D681ced050026e2b%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D681ced050026e2b%26hb_bidder%3Dappnexus%7Cpos%3D2%7Cpos%3D9%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D69660c0f97646c6%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D69660c0f97646c6%26hb_bidder%3Dappnexus%7Cpos%3D3%7Cpos%3D4%7Cpos%3D5%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D7001294ef790f21%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D7001294ef790f21%26hb_bidder%3Dappnexus%7Cpos%3D6%7Cpos%3D7%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D712ceaa8979fb4c%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D712ceaa8979fb4c%26hb_bidder%3Dappnexus&eri=1&cookie=ID%3Da4f878678e5ee7bd-22c485d939cb008f%3AT%3D1636446080%3AS%3DALNI_MZ3TiGp5PeivsvczeIeVCl6Vk-z3Q&bc=31&abxe=1&lmt=1636445364&dt=1636446080492&dlt=1636446079284&idt=426&frm=20&biw=1600&bih=1200&oid=2&adxs=288%2C125%2C1316%2C288%2C1010%2C288%2C288%2C288%2C288%2C288%2C288%2C288&adys=60%2C60%2C60%2C819%2C1086%2C2192%2C2249%2C2887%2C3257%2C4233%2C5440%2C6642&adks=2722686511%2C252808437%2C2059891187%2C2051797624%2C2557176332%2C936130313%2C346654121%2C692437649%2C150040675%2C414862981%2C4220164478%2C1848901400&ucis=3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tvnotas.com.mx%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0%7C1024x0%7C1024x0%7C300x250%7C300x0%7C1024x0%7C300x250%7C1024x0%7C1024x0%7C1024x0%7C300x0%7C1024x0&msz=1024x0%7C160x0%7C160x0%7C300x-1%7C300x0%7C1024x0%7C300x-1%7C1024x0%7C1024x0%7C1024x0%7C300x0%7C1024x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-IRTJoXjrv9hg_P22qOPndQMG4986YUKS5bcJpOA-0WOkN03kIMoQboFH0fSDUlsDHULyghzxA92n_fWuNugF7BVbA&ga_vid=163100912.1636446080&ga_sid=1636446080&ga_hid=912629741&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C0%7C3%7C4%7C5%7C6%7C7%7C8%7C9&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

709a17b3c7dd76a90f0481730ba8c06ca43f25bc29d7806d63dd8d035a1871df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82081
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tvnotas.com.mx
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 34ms
34ms Script
application/javascript 51.91.154.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=https%253A%252F%252Fwww.tvnotas.com.mx%252F
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/816c18ff-f753-471b-9b0d-e3000f908090/816c18ff-f753-471b-9b0d-e3000f908090.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.154.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3158246.ip-51-91-154.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:20 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 126855
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: mobile
accept-ranges: bytes
content-length: 1634

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 9ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b69967c0d0795c59adbf5770fb6891760d3b8e2d0934aa54a165ae44de87447b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Z9vEYl_N8SSxpCpJAub2PIMzfFITjGTm
content-encoding: gzip
etag: "32f01c4091f73eabe019005d909e2e44"
age: 20552
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6020
x-amz-id-2: 1ZPHGniPHrQWVoyhNHWSYVh1hNcNNefIPK045J05BmNUCFyU0kptJ4qxn5TVnC+xgAWhYZDzmPc=
x-served-by: cache-fra19177-FRA
last-modified: Wed, 03 Nov 2021 10:38:29 GMT
server: AmazonS3
x-timer: S1636446081.032078,VS0,VE0
date: Tue, 09 Nov 2021 08:21:21 GMT
vary: Accept-Encoding
x-amz-request-id: 3ZV83BBJ84QMJSSM
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 46
x-cache-hits: 89747

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
934 B 9ms
9ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: SaZoTsX4ny11TP1YZbP8i3tjs4BdrMLw
content-encoding: gzip
etag: "978cfe7fd9cd031786ca00806b338a40"
age: 20556
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 714
x-amz-id-2: 1IOsR6ivqBumVITXs9Z552smwDUqR3uOZPKxq4goQ2Uz1JcvWpqC3vXTTCCWqFPnkt5y5VppR+A=
x-served-by: cache-fra19177-FRA
last-modified: Wed, 03 Nov 2021 10:38:29 GMT
server: AmazonS3
x-timer: S1636446081.032167,VS0,VE0
date: Tue, 09 Nov 2021 08:21:21 GMT
vary: Accept-Encoding
x-amz-request-id: KV2MERDMTQMGSY8P
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 46
x-cache-hits: 87509

GET
H2 200 tfa-eid.20211108-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 8ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20211108-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/notmusa-tvnotas/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40e0abb4ea1c6939f435018be2ed0eb094e125d72897af16e089acf3602f8f88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: _Tt9nj1GIoSWYaG9h_sfnxxVOpLFsl9a
content-encoding: gzip
etag: "de36c5c5fc790bdef06cac680d46c451"
age: 121
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5062
x-amz-id-2: flP8xgugmiNWjKvy97lC/c4EGxa2OyIgIiu1DIBg/4+gp6Oz83RXwL65JzZeX+RJ/yEmne9cgUo=
x-served-by: cache-fra19177-FRA
last-modified: Mon, 08 Nov 2021 10:00:04 GMT
server: AmazonS3
x-timer: S1636446081.032201,VS0,VE0
date: Tue, 09 Nov 2021 08:21:21 GMT
vary: Accept-Encoding
x-amz-request-id: D2PTNMADX2C8GM4S
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 46
x-cache-hits: 18

GET
H2 200 sha256.20211108-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 8ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20211108-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/notmusa-tvnotas/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f987277481bdb5e15f013fbb0e7036478e6f820c0a6220f68e4726779ca883dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: y1PfUnpCYMfaLFA79hjS.56e470yGuUH
content-encoding: gzip
etag: "9186894661e1e99912204506b13cfade"
age: 58
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: R7c74jZk96og4jNhnW1M4RYiO98PVNEVG/T/0FCnD/98nNadFHHmXLkvuKDiHfJoGm9GAR3TY0U=
x-served-by: cache-fra19177-FRA
last-modified: Mon, 08 Nov 2021 10:00:47 GMT
server: AmazonS3
x-timer: S1636446081.032252,VS0,VE0
date: Tue, 09 Nov 2021 08:21:21 GMT
vary: Accept-Encoding
x-amz-request-id: 2TH3N6F04HV7K5T8
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 46
x-cache-hits: 188

GET
H2 200 userx.20211108-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 6ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20211108-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/notmusa-tvnotas/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8ce0d868b04686994caae0a66bb97f3975040018ea07d497fe89cca2f88d366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: LGsWgRuBElpi4dY4gt6xU1WYmfd02X0S
content-encoding: gzip
etag: "0e0ad38d58a360f990b5cffa09948900"
age: 92
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5340
x-amz-id-2: zJgT1H9zf/01iLdCXZq3WCZkdQXNN8c65ttEuec1lV1+PW1Fr0uP7tgeItdYU0SUTXwgPNY2VRw=
x-served-by: cache-fra19177-FRA
last-modified: Mon, 08 Nov 2021 09:59:49 GMT
server: AmazonS3
x-timer: S1636446081.072240,VS0,VE0
date: Tue, 09 Nov 2021 08:21:21 GMT
vary: Accept-Encoding
x-amz-request-id: ZTM4512JCZ656E9N
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 46
x-cache-hits: 96

GET
H2 200 beacon
tag.researchnow.com/t/ 42 B
442 B 48ms
8ms Image
image/gif 13.224.186.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=286243&adn=1&ca=163698&si=7744&pl=5942472&cr=50126&ord=2021-11-09+08%3A21%3A21&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_110}&us_privacy=${US_PRIVACY}
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-112.fra2.r.cloudfront.net
Software: Apache/2.4.51 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:03:51 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
server: Apache/2.4.51 ()
age: 1050
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: FRA2-C1
content-type: image/gif
content-length: 42
x-amz-cf-id: 5GxWAVTjR5tk9i63awfnHZ83id_q29qC_d-DxZUkS_ox9LpvP1TO6Q==
expires: 0

GET
H/1.1 200 img.png
d9.flashtalking.com/img/ 70 B
597 B 164ms
49ms Image
image/png 34.252.163.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.flashtalking.com/img/img.png?D9v.CampID=3175&D9r.DeviceID=true&D9c=ftImp&D9v.CCampID=163698&D9c.placementId=5942472&D9v.gdpr=${GDPR}&D9v.gdpr_consent=${GDPR_CONSENT_78}&D9v.us_privacy=${US_PRIVACY}&cb=2021-11-09+08%3A21%3A21
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.163.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-163-14.eu-west-1.compute.amazonaws.com
Software: prod-xre-app1.lhr11 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 08:21:20 GMT
Server: prod-xre-app1.lhr11
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/png
Content-Length: 70
X-HW: 1636446004.dop027.lo4.t,1636446004.cds248.lo4.shn,1636446080.dop027.lo4.t,1636446081.cds103.lo4.sc,1636446081.cds103.lo4.p

GET
H/1.1 200
OK visit.jpg
tps.doubleverify.com/ 305 B
367 B 179ms
17ms Image
image/jpeg 213.254.244.12
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=15911784&cmp=163698&sid=7744&plc=5942472&adsrv=29&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=0
Content-Length: 142
Expires: 11/8/2021 8:21:21 AM

GET
H3

200

B26527206.316784214;dc_pre=CJjW79rsivQCFTnFEQgdSO4NyA;dc_trk_aid=509586315;dc_trk_cid=157578517;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGD...
ad.doubleclick.net/ddm/trackimp/N280805.4306944BRITA_DE_TABOOLA/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N280805.4306944BRITA_DE_TABOOLA/B26527206.316784214;dc_trk_aid=509586315;dc_trk_cid=157578517;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/trackimp/N280805.4306944BRITA_DE_TABOOLA/B26527206.316784214;dc_pre=CJjW79rsivQCFTnFEQgdSO4NyA;dc_trk_aid=509586315;dc_trk_cid=157578517;ord=[1];dc_lat=;dc_rdid=;tag_...

42 B
63 B

42ms
28ms

Image
image/gif

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N280805.4306944BRITA_DE_TABOOLA/B26527206.316784214;dc_pre=CJjW79rsivQCFTnFEQgdSO4NyA;dc_trk_aid=509586315;dc_trk_cid=157578517;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=tvnotas.com.mx

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N280805.4306944BRITA_DE_TABOOLA/B26527206.316784214;dc_pre=CJjW79rsivQCFTnFEQgdSO4NyA;dc_trk_aid=509586315;dc_trk_cid=157578517;ord=[1];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=tvnotas.com.mx
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 long-970x90.jpg
www.tvnotas.com.mx/sites/default/files/kuxtal_pub/11/ 21 KB
21 KB 15ms
15ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/kuxtal_pub/11/long-970x90.jpg

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44eed2267226d833c1bcf7ac9c22e3eac37854cc8a29b2d5b31f55202b26b52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:21 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 701862
x-cache: HIT
last-modified: Fri, 17 Sep 2021 22:07:32 GMT
x-cache-hits: 11
x-ah-environment: prod
content-length: 21577
x-request-id: v-410dc02c-3ace-11ec-b7cf-2b3b631667c6
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a086e89a4aa3-FRA
expires: Sat, 14 May 2022 08:21:21 GMT

GET
H2 200 geocity.php Show response
services.sunmedia.tv/geotarget/ 456 B
702 B 67ms
14ms XHR
application/json 141.94.102.46
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/geocity.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/816c18ff-f753-471b-9b0d-e3000f908090/816c18ff-f753-471b-9b0d-e3000f908090.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.102.46 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31432935.ip-141-94-102.eu
Software: nginx /
Resource Hash: 3656a15190137a5ccb1e28c8a02d52e2fff6989f87c98090c493154545da518f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:21 GMT
tp-cache: HIT
server: nginx
age: 1167
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 456

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 55ms
21ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07b4f2cad7cf3190654734460a7779988028e80b0bbe895a01d016a5fbbf8737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9279
x-xss-protection: 0

GET
H2 200 / Show response
sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ 3 KB
1 KB 14ms
3ms Script
text/javascript 168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 2a7605a2dee36609d3f20fed8c78d2f9ce0404dcf67c0adc41bfc422704a8283

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:21 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 28ms
7ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 38743be62c3c6384da933b785f689933c1bc3b0fe33af64d40027ca84d44a834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 07:27:34 GMT
content-encoding: gzip
age: 3227
x-guploader-uploadid: ADPycdtBK8Ivt5TbSMEclN-l5jlEsQ4HLOMPj6g3bjebZYOdEHNVym5u5U3jLQudkxf_pqPDghspnmhS349zLbIodxavMYwWIw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3607
last-modified: Wed, 03 Nov 2021 14:17:41 GMT
server: UploadServer
etag: "a3cfc290a2a59172994eca570704d2ea"
vary: Accept-Encoding
x-goog-hash: crc32c=Nfk9rw==, md5=o8/CkKKlkXKZTspXBwTS6g==
x-goog-generation: 1635949061609314
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3607
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 25ms
14ms Image
image/gif 51.91.154.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=816c18ff-f753-471b-9b0d-e3000f908090&tp=op&pb=1&pos=0&loop=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.154.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3158246.ip-51-91-154.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:21 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 126856
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent}
https://sync.search.spotxchange.com/partner?source=202100&gdpr=1&gdpr_consent=${gdpr_consent}&__user_check__=1&sync_id=0543bc89-4136-11ec-97fe-1fd522ee0306
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=1&gdpr_consent=${gdpr_consent}

170 B
502 B

53ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=1&gdpr_consent=${gdpr_consent}

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:21 GMT
Server: nginx
Location: //cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=1&gdpr_consent=${gdpr_consent}
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 71
Connection: keep-alive
Content-Length: 0

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/7914328/
Redirect Chain

https://sb.scorecardresearch.com/c2/7914328/cs.js
https://sb.scorecardresearch.com/internal-c2/7914328/cs.js

7 KB
3 KB

9ms
9ms

Script
application/javascript

13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/7914328/cs.js
Protocol: H2
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fb9d0a062f3f0f927b7df8255df418814c6ebfe37bb18f3d8d5138fffc795b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 07:52:54 GMT
content-encoding: gzip
etag: W/"4ee24921410e26be02a7cfaf6c5de08f"
last-modified: Mon, 01 Mar 2021 20:42:15 GMT
server: AmazonS3
age: 1708
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: rQ4WSfH1X1BXOVzHnPTlpO4ut9oFiwdST_ybXA4ZZkMSnUuVHHwT8w==

Redirect headers

date: Tue, 09 Nov 2021 08:21:21 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/7914328/cs.js
content-length: 48
x-amz-cf-id: 3jRFOL36gKC_2tByqjfEa5kE0tCy9OZePfGmEhdCYwN5jcG9cwjbEQ==

POST
H2 200 rum Show response
www.tvnotas.com.mx/cdn-cgi/ 0
178 B 16ms
16ms XHR
text/plain 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnotas.com.mx/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

date: Tue, 09 Nov 2021 08:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.tvnotas.com.mx
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6ab5a0884b844aa3-FRA
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 08:21:21 GMT

GET
H2 200 tag Show response
pandg.tapad.com/ Frame A70E 188 B
693 B 46ms
15ms Document
text/html 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Fwww.tvnotas.com.mx%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22News%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

e95829fa1e6cf74f092dd04142a372cb66a82156d12b60650781ae6f9c774d87

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

date: Tue, 09 Nov 2021 08:21:21 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 188
via: 1.1 google
alt-svc: clear

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3309 12 KB
5 KB 308ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 08 Nov 2021 19:53:47 GMT
expires: Tue, 08 Nov 2022 19:53:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 44854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DAB5 783 B
957 B 17ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8d07be28312a414a182aece0bf82b55bdecbca0a3a2094d784f3326fa87b05ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MM9l9ktZkyarhNmmTcW7jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 09 Nov 2021 08:21:21 GMT
date: Tue, 09 Nov 2021 08:21:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MM9l9ktZkyarhNmmTcW7jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame A70E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c0cc217e-7cac-4922-9890-9d9a717be822&gdpr=&gdpr_consent=${gdpr_consent}
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c0cc217e-7cac-4922-9890-9d9a717be822&gdpr=&gdpr_consent=${gdpr_consent}
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f47c1eae-3417-4452-abb3-7c4af8cd03da&ttd_puid=c0cc217e-7cac-4922-9890-9d9a717be822

95 B
429 B

17ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f47c1eae-3417-4452-abb3-7c4af8cd03da&ttd_puid=c0cc217e-7cac-4922-9890-9d9a717be822

Requested by

Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Fwww.tvnotas.com.mx%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22News%22%7D

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:21 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f47c1eae-3417-4452-abb3-7c4af8cd03da&ttd_puid=c0cc217e-7cac-4922-9890-9d9a717be822
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 347

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DAB5 0
0 377ms
55ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=581957119321683&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 9884 190 KB
55 KB 54ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 9884 13 KB
5 KB 63ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 9884 89 KB
28 KB 64ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 9884 4 KB
2 KB 66ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 9884 40 KB
13 KB 66ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
DATA 200
OK truncated
/ Frame 9884 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4468a542db9ce765e14124f6e2f764ca5c83c07e2a5f35f75c0d86103603a4f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8824408972639097355
tpc.googlesyndication.com/daca_images/simgad/ Frame 9884 135 KB
135 KB 197ms
9ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8824408972639097355

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef05bf8a415a04e48cdbacb52c7ad2ab37e6a9d4497ea2dcd0c4f281a118b403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:18:35 GMT
x-content-type-options: nosniff
age: 316966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137942
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 10:55:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 16:18:35 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9884 3 KB
3 KB 212ms
25ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 13:34:11 GMT
x-content-type-options: nosniff
server: cafe
age: 67630
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Tue, 09 Nov 2021 13:34:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9884 295 B
353 B 195ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 23:42:59 GMT
x-content-type-options: nosniff
server: cafe
age: 31102
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 09 Nov 2021 23:42:59 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9884 0
0 49ms
49ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEeQMgC-KYZu7OtHy3wOMg46ABIGZkqRm18zMvLUPl96ivcABEAEgrfe4H2CVgoCAuAegAdCou7oCyAEC4AIAqAMByAMIqgThAU_QrPKw0NGnxh5w3bB6ZXWXn3vjxs8zfytoDLfK-yCfBeosEvrITM-8a9K1Rmt8IbuCq4TItsoyqANF2gu2fbME1FbQs7vTxkAJlc9OGC3ZG4kXK1Qsi3SO8WLyx679BcN0HTY6UkplCOUjJq5Z2iuHGS0hoxqhNSqUZt2unxiXN8kPQnlttJJJnR6LJqN1lVaJ1p9x6up5AeIidoRQavtffkNvfp9TKCnGWHo4V0WqPPeko1V1TG_sXud948-Ra41E_GVCD3_eVlYsQvZNVEi4GEDTgezVWPxMiKLmT7iaHMAEoJ-FgPcD4AQBkgUECAQYAZIFBAgFGASgBgKAB4u-n8UBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELvnEdIICQiA4YAQEAEYHYAKA8gLAdgTC9AVAYAXAbIXHgocCAASFHB1Yi0yNjI2NTY2MTg2ODIxNjAyGK3tGA&sigh=rWSWXPCA-AI&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 02A7 190 KB
54 KB 312ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 02A7 13 KB
5 KB 333ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 02A7 89 KB
28 KB 335ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 02A7 4 KB
2 KB 331ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 02A7 40 KB
13 KB 331ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 02A7 3 KB
3 KB 151ms
25ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 13:34:11 GMT
x-content-type-options: nosniff
server: cafe
age: 67630
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Tue, 09 Nov 2021 13:34:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 02A7 295 B
353 B 133ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 23:42:59 GMT
x-content-type-options: nosniff
server: cafe
age: 31102
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 09 Nov 2021 23:42:59 GMT

GET
DATA 200
OK truncated
/ Frame 02A7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7048198560df757d3fb92ec37b29beb7f2ce5164f4bb91881d265a572c5708f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 3EF8 190 KB
54 KB 306ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3EF8 13 KB
5 KB 331ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3EF8 89 KB
28 KB 331ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3EF8 4 KB
2 KB 311ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3EF8 40 KB
13 KB 309ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3EF8 3 KB
3 KB 139ms
20ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 13:34:11 GMT
x-content-type-options: nosniff
server: cafe
age: 67630
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Tue, 09 Nov 2021 13:34:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3EF8 295 B
537 B 124ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 23:42:59 GMT
x-content-type-options: nosniff
server: cafe
age: 31102
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 09 Nov 2021 23:42:59 GMT

GET
DATA 200
OK truncated
/ Frame 3EF8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a73645879b5640812f5dd4caf1e59ece2ca93fe93849090edfc64604876f4d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0214 6 KB
3 KB 325ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:21:20 GMT
expires: Wed, 09 Nov 2022 08:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AA78 6 KB
3 KB 317ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:21:20 GMT
expires: Wed, 09 Nov 2022 08:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame CB10 190 KB
54 KB 272ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame CB10 13 KB
5 KB 281ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame CB10 89 KB
28 KB 282ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame CB10 4 KB
2 KB 280ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame CB10 40 KB
13 KB 279ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 8824408972639097355
tpc.googlesyndication.com/daca_images/simgad/ Frame CB10 135 KB
135 KB 108ms
22ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8824408972639097355

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef05bf8a415a04e48cdbacb52c7ad2ab37e6a9d4497ea2dcd0c4f281a118b403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:18:35 GMT
x-content-type-options: nosniff
age: 316966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137942
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 10:55:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 16:18:35 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CB10 3 KB
3 KB 112ms
26ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 13:34:11 GMT
x-content-type-options: nosniff
server: cafe
age: 67630
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Tue, 09 Nov 2021 13:34:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CB10 295 B
353 B 94ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 23:42:59 GMT
x-content-type-options: nosniff
server: cafe
age: 31102
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 09 Nov 2021 23:42:59 GMT

GET
DATA 200
OK truncated
/ Frame CB10 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ef3dbd4ca9faf2fa20400e088d2c36969c9ccb5631decd1a3a0f4c8bb91ec94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 35F2 6 KB
3 KB 304ms
12ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:21:20 GMT
expires: Wed, 09 Nov 2022 08:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 78AF 6 KB
3 KB 294ms
11ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:21:20 GMT
expires: Wed, 09 Nov 2022 08:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E18 6 KB
3 KB 284ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:21:20 GMT
expires: Wed, 09 Nov 2022 08:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 388D 6 KB
3 KB 280ms
9ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:21:20 GMT
expires: Wed, 09 Nov 2022 08:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C8AC 6 KB
3 KB 275ms
9ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:21:20 GMT
expires: Wed, 09 Nov 2022 08:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FED0 6 KB
3 KB 271ms
10ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:21:20 GMT
expires: Wed, 09 Nov 2022 08:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 6456699134347984976
tpc.googlesyndication.com/simgad/ Frame 02A7 54 KB
54 KB 61ms
20ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6456699134347984976?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qleH2bS-c4wF0ho359zBHO6_d2bVQ

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2d688afedee2facbb82380151f061c32f513f97ab4c82126da8fd504f89e527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:19:04 GMT
x-content-type-options: nosniff
age: 316937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55396
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 10:53:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 16:19:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 02A7 0
0 14ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMl7jwVYFT9_CXyEAYcs6UMYdc6zWRIPiK_SabDz0glR5OYeHOgohGh7wXYjaknfNfc4zyV2zB-J8KMG1HHMB6WJhUKg
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 02A7 0
0 52ms
51ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuClIgC-KYZy7OtHy3wOMg46ABIGZkqRmn87MvLUPl96ivcABEAEgrfe4H2CVgoCAuAegAdCou7oCyAEC4AIAqAMByAMIqgTkAU_QpCKIjggLEAzu7EOJU9q41vVB5tInhsbkyOLc8Ci4jUCYb_PpWPv-sjKZdDWaxm2j6_RUDKA-dk1OAbas4zkCUn1SuAGHaPrlHIo-WPHXYH6AMDNPh0T64nPJZWz1IRjoWyJJW2QAa_89bfWJ3GPPyZ4qHzIHqIxvcMlrH7RtcD_Krx1bfoQQxF44htP6F8BMFU6isL1Oq2AEWuTRCGTmfWG9O_8a5JyV87ErPL4hxcVWGF3u50Ic4MtQApT5HoEVH4ad72HQxsdhBWePEuV9c8XgN0LYAWbLUBX4VF4kXfYw38AEoJ-FgPcD4AQBkgUECAQYAZIFBAgFGASgBgKAB4u-n8UBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIGqBNIICQiA4YAQEAEYHYAKA8gLAdgTC9AVAYAXAbIXHgocCAASFHB1Yi0yNjI2NTY2MTg2ODIxNjAyGK3tGA&sigh=3ZaNw3OjpsQ&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 3487337044650224660
tpc.googlesyndication.com/simgad/ Frame 3EF8 55 KB
55 KB 67ms
27ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3487337044650224660?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkrQLzcxBNkL0qcsJnAD8UqbbL_FA

Requested by

Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90a116c464866630f6296e9538cd46c23bd74fe16167259781cf9e559bce1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:51:55 GMT
x-content-type-options: nosniff
age: 350966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56294
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 13:10:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 06:51:55 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3EF8 0
0 50ms
49ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWjrhgC-KYZ27OtHy3wOMg46ABKbOk9NlkuGN6skO-JvFpcsZEAEgrfe4H2CVgoCAuAegAYPemO0CyAECqQIywPOHj3azPuACAKgDAcgDCKoE4wFP0NUaALJ9VVseFAw93P17xrYZ6nAwLCVv_WSGYo_-q6E_fHPMw6DSJ9cMSICErIh_WA4pOleiO3oEEPsWQ5O5rXREVkNkb5dn4_i0XtGcZWbmARhQBcOdMe6UtsOiAvYoPsmOaMzUau1ceXDntuBHY3xAOcSbdAJZ4XoBLKNe6M6tzky79kIYC4r9skt1Ku6QjppxipAtl2dbQdP_AqaQe8_s8Ba_uOHdzegaBU9pV0_MK9wpryMtTz3Jpd2Vk8ek325T1uk5ddA4uM7ezemWYdMIrysJzXgFqySbnJkDWgrmxcAEq9TNutYD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB5LF3naoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQv_0F0ggJCIDhgBAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTI2MjY1NjYxODY4MjE2MDIYre0Y&sigh=Mp4aLocbwWs&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame CB10 0
0 15ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGS-xe5GuOdOP-Ds_MNuRizlmVyBjjad35P6IYbckcK49Pg7oa0ioy6Yl-A5ELjDoCUw4wH3DyOQMNbd3B4UInsuf8Mw
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CB10 0
0 50ms
50ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CupqxgC-KYaC7OtHy3wOMg46ABIGZkqRm18zMvLUPl96ivcABEAEgrfe4H2CVgoCAuAegAdCou7oCyAEC4AIAqAMByAMIqgTkAU_Qhgy8MGGYayb_Mix4A2VIxfz9YsmixBHTJS_C5uh_FmDsnO-kGiR3bbwFBfdGO28Z7QPBk55NUKckSBVX2qhzwKDUo-gXSZgsjAG3dLHfRfUqxUEWabUdte7HFTlMg6GObOV-AqRuBfA6ukWUIVmvEPa6O44f8RMStFXkZfkyQMiXy2LnNMuNw2Bjfg8llT9SlYo3shP9CY6eQa7KmxTZSqDHN2mQc6V7Yd4QKecfCw9SSILXJTrKdRE7gqh-aWxvqyC_n2_Yv8q3uGgO3Gj0_30G_7pUEJyLiLofIKv6Fs1EFcAEoJ-FgPcD4AQBkgUECAQYAZIFBAgFGASgBgKAB4u-n8UBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOucCtIICQiA4YAQEAEYHYAKA8gLAdgTC9AVAYAXAbIXHgocCAASFHB1Yi0yNjI2NTY2MTg2ODIxNjAyGK3tGA&sigh=iQ7RIwPu9zA&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9884
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

80ms
50ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Nov 2021 08:21:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 8824408972639097355
tpc.googlesyndication.com/daca_images/simgad/ Frame 9884 135 KB
135 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8824408972639097355

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef05bf8a415a04e48cdbacb52c7ad2ab37e6a9d4497ea2dcd0c4f281a118b403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:18:35 GMT
x-content-type-options: nosniff
age: 316966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137942
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 10:55:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 16:18:35 GMT

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3309 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:02:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 20:02:57 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3EF8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

44ms
44ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Nov 2021 08:21:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 bulk Show response
trc.taboola.com/notmusa-tvnotas/log/3/ 0
287 B 15ms
15ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/notmusa-tvnotas/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvnotas.com.mx/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
via: 1.1 varnish
server: nginx
x-timer: S1636446082.128637,VS0,VE9
x-served-by: cache-fra19177-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CB10
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

97ms
97ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Nov 2021 08:21:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 02A7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

97ms
97ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Nov 2021 08:21:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 41da6f2331623d3b8845889ffd3555e0.js Show response
www.gstatic.com/mysidia/ Frame 0214 8 KB
4 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/41da6f2331623d3b8845889ffd3555e0.js?tag=client_fast_engine_2019

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3349
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:36 GMT

GET
H2 200 f8b2bdb732dad463b772cb50ae38401b.js Show response
www.gstatic.com/mysidia/ Frame 0214 130 KB
48 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2512558d33186fad2b9dc1ab14298f54ae7982fd4120d20aa081e2caa09d0969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 06:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49134
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 06:41:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0214 3 KB
1 KB 44ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 06:44:21 GMT
server: ESF
date: Tue, 09 Nov 2021 08:21:22 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 0214 2 KB
952 B 12ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:17:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 0214 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:19:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 0214 3 KB
2 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:21:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0214 121 KB
38 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 0214 15 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:18:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0214 0
0 14ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ24RVooaw6ZTwG3BmAjFjiVRo7qgPmeTDCzssVEBZndEFiDMQDtac4HmMGpog3SSxJD3vxQpTwQ_hJ65cSGtosZI_d1Q
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 0214 27 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11508
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:36 GMT

GET
H2 200 6456699134347984976
tpc.googlesyndication.com/simgad/ Frame 02A7 54 KB
54 KB 7ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6456699134347984976?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qleH2bS-c4wF0ho359zBHO6_d2bVQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2d688afedee2facbb82380151f061c32f513f97ab4c82126da8fd504f89e527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:19:04 GMT
x-content-type-options: nosniff
age: 316938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55396
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 10:53:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 16:19:04 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 02A7 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 13:34:11 GMT
x-content-type-options: nosniff
server: cafe
age: 67631
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Tue, 09 Nov 2021 13:34:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 02A7 295 B
358 B 8ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 23:42:59 GMT
x-content-type-options: nosniff
server: cafe
age: 31103
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 09 Nov 2021 23:42:59 GMT

GET
H2 200 3487337044650224660
tpc.googlesyndication.com/simgad/ Frame 3EF8 55 KB
55 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3487337044650224660?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkrQLzcxBNkL0qcsJnAD8UqbbL_FA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90a116c464866630f6296e9538cd46c23bd74fe16167259781cf9e559bce1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:51:55 GMT
x-content-type-options: nosniff
age: 350967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56294
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 13:10:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 06:51:55 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3EF8 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 13:34:11 GMT
x-content-type-options: nosniff
server: cafe
age: 67631
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Tue, 09 Nov 2021 13:34:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3EF8 295 B
353 B 9ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 23:42:59 GMT
x-content-type-options: nosniff
server: cafe
age: 31103
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 09 Nov 2021 23:42:59 GMT

GET
H2 200 8824408972639097355
tpc.googlesyndication.com/daca_images/simgad/ Frame CB10 135 KB
135 KB 9ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8824408972639097355

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef05bf8a415a04e48cdbacb52c7ad2ab37e6a9d4497ea2dcd0c4f281a118b403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:18:35 GMT
x-content-type-options: nosniff
age: 316967
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137942
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 10:55:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 16:18:35 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CB10 3 KB
3 KB 10ms
10ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 13:34:11 GMT
x-content-type-options: nosniff
server: cafe
age: 67631
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Tue, 09 Nov 2021 13:34:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CB10 295 B
354 B 11ms
11ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 23:42:59 GMT
x-content-type-options: nosniff
server: cafe
age: 31103
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 09 Nov 2021 23:42:59 GMT

GET
H2 200 41da6f2331623d3b8845889ffd3555e0.js Show response
www.gstatic.com/mysidia/ Frame AA78 8 KB
3 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/41da6f2331623d3b8845889ffd3555e0.js?tag=client_fast_engine_2019

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3349
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:36 GMT

GET
H2 200 f8b2bdb732dad463b772cb50ae38401b.js Show response
www.gstatic.com/mysidia/ Frame AA78 130 KB
48 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2512558d33186fad2b9dc1ab14298f54ae7982fd4120d20aa081e2caa09d0969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 06:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49134
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 06:41:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AA78 3 KB
653 B 27ms
20ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 06:43:40 GMT
server: ESF
date: Tue, 09 Nov 2021 08:21:22 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame AA78 2 KB
952 B 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:17:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame AA78 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:19:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame AA78 3 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:21:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA78 121 KB
37 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame AA78 15 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:18:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AA78 0
0 14ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_cEpgED5KzFZ0ajyDnvTueM7YkAHIl-jO7BI2q_75g3RfrWQJLhXC78bjshx0jpM2fWHzkyQ9JfJm3nx0X9QUgzZIyw
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame AA78 27 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11508
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2E18 3 KB
653 B 22ms
19ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 06:47:14 GMT
server: ESF
date: Tue, 09 Nov 2021 08:21:22 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2E18 2 KB
992 B 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:17:31 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2E18 0
0 52ms
50ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKo-ggC-KYaO7OtHy3wOMg46ABI2y0Zpmh-jxlskOZBABIK33uB9glYKAgLgHoAHulOzNA8gBCakCMsDzh492sz7gAgCoAwHIA5sEqgTnAU_QwnysUqFTF3C0PiWRsUv1hjt1ZAw9TZzW9fqUpc5DR5mfLptUXOq4mr9ILRJap7-z8fYtmUgPEyGxnblKiqk7ZeRVCECwmfR0_CGLvfVd_IbIhlktRihjWJAOVg0i2IeySEyzlUgv3j4g3yeVNuam5i84vzgUp5gO67qPQPJMBhU2pKSHPJcBBA7q4NxCFx8i7EHAAvUUfuAAL6oGne57fZOIK-EWPsTPzgY1u9AtIEQhJMUpobi-pHj0DIo31W73pDCxGF__FR4aNTIFBOfEo0RCqYIZuNRKn5onf-sZj5B-ABHpB8AEk6Lvrt0D4AQBkgUECAQYAZIFBAgFGASgBi6AB_rqkzKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ3L0D0ggJCIDhgBAQARgdgAoDyAsBmAzBvMPK2gO4E4ME2BMO0BUBgBcBshceChwIABIUcHViLTI2MjY1NjYxODY4MjE2MDIYre0Y&sigh=um9anm0h8b8&uach_m=[UACH]&template_id=515
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 2E18 19 KB
8 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:19:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2E18 3 KB
2 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:21:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E18 121 KB
37 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2E18 15 KB
7 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:18:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2E18 0
0 18ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTz4o52TIhzznqFBMqcHhXwMcHWGj7duu7zWcPq0YZZn0Q34WQ8rI0lfYdvBgGsA3UrGDjdQwntlFyA5FwMoFNO4wl6JQ
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 2E18 27 KB
11 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11508
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:36 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 388D 0
0 51ms
49ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMMLIgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE7gFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2HFuik359-3sCVxm5fGLKVZHfFe5dYugpaRXHQlMrSpVkBCapNHt4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjYyNjU2NjE4NjgyMTYwMhit7Rg&sigh=dz91VPRzuuo&uach_m=[UACH]&cid=CAQSPACNIrLMucSYGrD4Gd6O1yEpznPwTPOziz2Sb4QVzTgKHKTU7HxhV9DXht7fOZcVcR3jSsxdsbMmIIOeXxgB
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 388D 0
0 68ms
18ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k7tp3gv1xmcvnhkf166r95wt1x8tkxmjn4zfaak0hsacekxpwf6ez3qtphd5ta73j7pfz7vsbnqr7trt6ngr5va4g4pht6z6qenf7x0eddfv6wvkzhm7txgvtkjgekthj6wk7aa80aqmwf098r3r5fh1kvj2scgrpzcgwweq6sr2r4j329szsqawc4eez0qt0gyxfnjrtxnxrw5bggwhzps9zzwpm9zwcbja6bktcjfxspw8bdet5ppemnxryxcm3vhnpf0g5ayja5282dcajbqzk2wyyv5jypsfkb0h2xzyhs8ev051asd71v6y5d3k9fe6km42ng7b5nprzz30aq8yvvpqgfecwhgmeq7rh52j8afrbvje396y0aftjjrqtfjr3vetxjgqr2z&b=YYovgAAOnaQKd_lRAAOBjJP4cAJXPeXWUcSX1g
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 08:21:22 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 36AF 2 KB
1 KB 75ms
27ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jy0ty8kk9tmpy98609t1gkzphna2rehs9gh3xbe104a9e58xqj7swj45h7n63tq2bc333pf7y66e8dgdx9e4exn48qqkb6s5zpyqm5dvq3rrktkdmq7sa160r30kravq65cgrp2snweqpbyj057bwkcf5vrb0mt2ygvea57sgerwbwrqn32yn11c6syvxmybzwftm6b5vvwjxn3tep3x0zhzj8s7ga2ftr4zbnytq2e4y1wbnjmc2bf78w73kyhkrtz0a3nt4zqh1ypp4cf1q2ent2damkvp71p2wrq1k7rgtn5fhxqnawbp31vbpsnyc6a4856c9mg1m4yk2de7mcjmng0hn49ka802s5kn2p8m4mqgwk78zx1qj2ht4qrk2zdh634559hzmgt5w149a8ywhk94zkdx8pz71jf3q6w29g1dhrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%26client%3Dca-pub-2626566186821602%26adurl%3D

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e596f20e4a58f3d7efe66ed56d6546b51f1d3b31995bebf279f62f6c46be7a5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ab5a08defce1756-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 388D 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:21:08 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2DA1 1 KB
849 B 20ms
0ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 50081
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 388D 121 KB
37 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 388D 15 KB
7 KB 12ms
0ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:18:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 388D 0
0 33ms
6ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0niGykNlObjKQo92Xpbn2IePLpbhugD_mjbTeSxTYhlBux0Uz30n9rxsLYIQHnaiigzRzo92TbiB8GlfK0Hye9ZMtDA
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 388D 22 KB
7 KB 19ms
0ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Nov 2022 08:59:07 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C8AC 0
0 73ms
56ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1QoRgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8wFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N7piCj1IeuquWyNamtomYJexzLdXq2nEwx76ouRtQssqTl0LNuszjgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI2MjY1NjYxODY4MjE2MDIYre0Y&sigh=3SGBbt3BM8c&uach_m=[UACH]&cid=CAQSPACNIrLMucSYGrD4Gd6O1yEpznPwTPOziz2Sb4QVzTgKHKTU7HxhV9DXht7fOZcVcR3jSsxdsbMmIIOeXxgB
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C8AC 0
0 51ms
19ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gtgh73dnkvwp0ym63v8acznv73rpvjqyefpezjwrs2zsvz8ra3r57effhp5gnycmcnjxygrqpp36gs4nw18b0vcpa6m78qdrat01ktfjakwnmjj0z1nna650bx09b5cpd7a847saxnmy45nh3cwm9792c1svwcgdnv7kn71p2hy8z8jmqd35s0f2zmzw5ysah3ayshyn56r05ged4vzdhtjpj835myxf0aqfkbrkkb28xysweqvj7q45egdhm8d842510yqfyejqgc8404qpxqfsrnaw2w4ga49swnp2kytgy6ejg3109az705wqkj8wngm412rpvpg14hxv41gx93z2jsqgqrz3fm9raw014fpbykn88abgjdvcry3rszvz3mkckj162921zmn&b=YYovgAAOnaUKd_lRAAOBjDzClop91sPwURAR2g
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 08:21:22 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 8EA0 2 KB
3 KB 56ms
24ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kgrbtrdk80tybhns6d2py3kq5ap9s3q2fse4h08qvn9tcbd60zz4766xvphjq04a5thbkvz718ae2qb6brzm0vpb3rhyykqz6b5cayw7ev2yq80y9x5r4a9bnp8n7s9wwfhap4ak85f3s81ee16xw6ysfwp96165pebtfrnpfv0yz4rpvywxpqay2kv2rxcdhwk78frkxy83wtxzc7xvqzshavvv4rg2pbtzmqmysmh0tht0jc65ct6k2281v3dddb6qdbrk7as50xf60g8eh2xnsf9wxzwe88pabnyenz84en1t97rbj108bs6zecf6pkn5gbng8x47cs8wjw7bnzpj5rnwjm34t6g788rm5qbz5h16x8bfbjvvv8ajk8vbs8h87jtmt2mcv5an3a30g2hqjqyqt53xcqss9m6aec7grxa5fdke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%26client%3Dca-pub-2626566186821602%26adurl%3D

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a302180f9bc9ae0ee882e6e00d42194e03b575ceea1157d0e706b2525b5c60d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ab5a08defd01756-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame C8AC 3 KB
2 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:21:08 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9129 1 KB
783 B 26ms
4ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 50081
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8AC 121 KB
37 KB 336ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame C8AC 15 KB
7 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:18:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C8AC 0
0 36ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNO95fpe_YcGuhT1Xtz0RGynt8cHk2s2-DG6Ecp6nNsydmAej-jL7O1c-VlNZ8qDiT6RurcmvKQbAWVx5gu8N1if0rzA
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C8AC 22 KB
7 KB 32ms
11ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Nov 2022 08:59:07 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FED0 0
0 66ms
48ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHjQggC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE7gFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uKCv_Nk4HZ5kpLBIO1f3Ao5C1lulIBquK5hnMJsqLKimnOmzcMX44AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjYyNjU2NjE4NjgyMTYwMhit7Rg&sigh=t_howNwEFAA&uach_m=[UACH]&cid=CAQSPACNIrLMucSYGrD4Gd6O1yEpznPwTPOziz2Sb4QVzTgKHKTU7HxhV9DXht7fOZcVcR3jSsxdsbMmIIOeXxgB
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame FED0 0
0 40ms
19ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gnfbjp8d3tg5ac3hpksz0dwdbxh0e3krtandn804ywmypy0rm3b9x3hh832npe8r2p517n70tfyy2x1z2w20t7ty2edadcc2gsaa6fqg5cjvvjw9md9nfksxgb4br1d7ks6qrfxvq2tbgvergpcr9d95ckspnxpxhxzpvwzxhx3ae9rv290qyq7cw9zdqmqthtzmzz034p6x6pva6zksrs9r8v0wxryyqgyf1cryd9jscp7yp5x74fe8t93h0m9wfksd41mewb1w1ke7ng481bee68es6qf33qpsmmk7e8rkmgdsjqkwhemhp1194hqv9v1tqyg7yxese7vzafhbw0q5gtkw20a72x8md2fsc0zb4mtg9jn5hxw6exkrrxtvvahb541v9azt4nv&b=YYovgAAOnaYKd_lRAAOBjH2yHmGBLr2wzkkdig
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 08:21:22 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 0766 2 KB
1 KB 47ms
24ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ghkfn2d4m38d8ve62pqfk22ek3wd0tcaw3qved8jrbxgwq65kmz46zk1vv4cypmnq70y4xpvdvjd66a03s2dp4w3rej9g4q1pkds6sdj8pfywwqwkbaq0eeva0hjdge35kf10ct3das3px6eyk62md0pqkm8391eds0mns036cdgss42py7ch50gsgn9r14kb5eab085tdwgyyzab0jvtnq6atvq74bdzvepgf64wwbbv3hdx9ec2j8dywb32550qbf5rqvfj480x547wkftsmvywj0jwj695p34e678k7v63pee30gx39g79d3pj0cp4p6q0dnb27fzxd7v7ndswp9rd1hvf591azvpq8xjc5q2092221vz1ygj073sr61bkgk18ppf33a2rba2r4xzq29vfxwb9f6wpt24z64cct8pkzyteng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%26client%3Dca-pub-2626566186821602%26adurl%3D

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7cc6468b5795829f0c09021c3300035bb3831cda0ef69e2b5a4efa2cf463432

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ab5a08defd41756-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame FED0 3 KB
2 KB 36ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:21:08 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6628 1 KB
783 B 26ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 50081
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FED0 121 KB
37 KB 349ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame FED0 15 KB
7 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:18:04 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FED0 22 KB
7 KB 27ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Nov 2022 08:59:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 78AF 3 KB
653 B 40ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 06:47:28 GMT
server: ESF
date: Tue, 09 Nov 2021 08:21:22 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 78AF 2 KB
952 B 34ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:17:31 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 78AF 0
0 61ms
48ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0_U3gC-KYaK7OtHy3wOMg46ABI2y0Zpm1-3xlskOZBABIK33uB9glYKAgLgHoAHulOzNA8gBCakCMsDzh492sz7gAgCoAwHIA5sEqgTnAU_Qm3kgdYGrk8Ue5AlRDtYa1OgzV60XbYUtkJRYfPgfHIoG-7xNQ1Ww1lNTcM_FIdPevZf_sn4UcPSiZo93x3gL73e_KxI5QejdPEl7mpHmh2T9sqnLJVru4UQ_9MHqdH-eSq05-lzlEUojMvhZcCwBUfYMwY2qwpjb5WdXEmBG9t8t_D9B15WSvfsnUMUZJnBwRCFumrTPwGzZec17h0e9gpkuXsvrULojAUmvxi5IFKghhjXtmxQrV-BXY9TnFcIqMKXzFC0ZU4IlbOfk_Sm2GpuiNB1uowLKbiCiQdXj60TMjw6tmcAEk6Lvrt0D4AQBkgUECAQYAZIFBAgFGASgBi6AB_rqkzKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQt_MD0ggJCIDhgBAQARgdgAoDyAsBmAzBvMPK2gO4E4ME2BMO0BUBgBcBshceChwIABIUcHViLTI2MjY1NjYxODY4MjE2MDIYre0Y&sigh=Y4kU5ELVH9I&uach_m=[UACH]&template_id=515
Requested by: Host: www.tvnotas.com.mx
URL: https://www.tvnotas.com.mx/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 78AF 19 KB
8 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:19:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 78AF 3 KB
2 KB 34ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:21:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78AF 121 KB
37 KB 349ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 78AF 15 KB
7 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:18:04 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 78AF 27 KB
11 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11508
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:36 GMT

GET
H2 200 41da6f2331623d3b8845889ffd3555e0.js Show response
www.gstatic.com/mysidia/ Frame 35F2 8 KB
3 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/41da6f2331623d3b8845889ffd3555e0.js?tag=client_fast_engine_2019

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3349
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:36 GMT

GET
H2 200 f8b2bdb732dad463b772cb50ae38401b.js Show response
www.gstatic.com/mysidia/ Frame 35F2 130 KB
48 KB 20ms
10ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2512558d33186fad2b9dc1ab14298f54ae7982fd4120d20aa081e2caa09d0969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 06:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49134
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 06:41:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 35F2 3 KB
653 B 27ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 06:48:53 GMT
server: ESF
date: Tue, 09 Nov 2021 08:21:22 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 35F2 2 KB
952 B 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:17:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 35F2 19 KB
8 KB 25ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:19:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 35F2 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:21:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35F2 121 KB
37 KB 335ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 35F2 15 KB
7 KB 25ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 08:18:04 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 35F2 27 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11508
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:36 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
711 B 22ms
11ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 2553
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by: cache-fra19177-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1636446082.222213,VS0,VE0
date: Tue, 09 Nov 2021 08:21:22 GMT
x-amz-request-id: E8X2YXVA73E9K5Z9
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 46
x-cache-hits: 2170

GET
H2 200 5515106912178039841
tpc.googlesyndication.com/simgad/ Frame 78AF 2 KB
2 KB 18ms
15ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5515106912178039841?w=100&h=100

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5daa89cd4139169a652a65b7dcb6d5560e20b004b7ddfd4d217e5d96974bfd97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 04:20:25 GMT
x-content-type-options: nosniff
age: 360057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2227
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 12:15:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 04:20:25 GMT

GET
H2 200 5515106912178039841
tpc.googlesyndication.com/simgad/ Frame 2E18 2 KB
2 KB 13ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5515106912178039841?w=100&h=100

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5daa89cd4139169a652a65b7dcb6d5560e20b004b7ddfd4d217e5d96974bfd97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 04:20:25 GMT
x-content-type-options: nosniff
age: 360057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2227
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 12:15:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 04:20:25 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 8EA0 64 KB
8 KB 321ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgrbtrdk80tybhns6d2py3kq5ap9s3q2fse4h08qvn9tcbd60zz4766xvphjq04a5thbkvz718ae2qb6brzm0vpb3rhyykqz6b5cayw7ev2yq80y9x5r4a9bnp8n7s9wwfhap4ak85f3s81ee16xw6ysfwp96165pebtfrnpfv0yz4rpvywxpqay2kv2rxcdhwk78frkxy83wtxzc7xvqzshavvv4rg2pbtzmqmysmh0tht0jc65ct6k2281v3dddb6qdbrk7as50xf60g8eh2xnsf9wxzwe88pabnyenz84en1t97rbj108bs6zecf6pkn5gbng8x47cs8wjw7bnzpj5rnwjm34t6g788rm5qbz5h16x8bfbjvvv8ajk8vbs8h87jtmt2mcv5an3a30g2hqjqyqt53xcqss9m6aec7grxa5fdke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%26client%3Dca-pub-2626566186821602%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kgrbtrdk80tybhns6d2py3kq5ap9s3q2fse4h08qvn9tcbd60zz4766xvphjq04a5thbkvz718ae2qb6brzm0vpb3rhyykqz6b5cayw7ev2yq80y9x5r4a9bnp8n7s9wwfhap4ak85f3s81ee16xw6ysfwp96165pebtfrnpfv0yz4rpvywxpqay2kv2rxcdhwk78frkxy83wtxzc7xvqzshavvv4rg2pbtzmqmysmh0tht0jc65ct6k2281v3dddb6qdbrk7as50xf60g8eh2xnsf9wxzwe88pabnyenz84en1t97rbj108bs6zecf6pkn5gbng8x47cs8wjw7bnzpj5rnwjm34t6g788rm5qbz5h16x8bfbjvvv8ajk8vbs8h87jtmt2mcv5an3a30g2hqjqyqt53xcqss9m6aec7grxa5fdke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%26client%3Dca-pub-2626566186821602%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1081673
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 27 Oct 2021 19:53:29 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6ab5a0913c2d1756-FRA
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 8EA0 36 KB
13 KB 29ms
17ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgrbtrdk80tybhns6d2py3kq5ap9s3q2fse4h08qvn9tcbd60zz4766xvphjq04a5thbkvz718ae2qb6brzm0vpb3rhyykqz6b5cayw7ev2yq80y9x5r4a9bnp8n7s9wwfhap4ak85f3s81ee16xw6ysfwp96165pebtfrnpfv0yz4rpvywxpqay2kv2rxcdhwk78frkxy83wtxzc7xvqzshavvv4rg2pbtzmqmysmh0tht0jc65ct6k2281v3dddb6qdbrk7as50xf60g8eh2xnsf9wxzwe88pabnyenz84en1t97rbj108bs6zecf6pkn5gbng8x47cs8wjw7bnzpj5rnwjm34t6g788rm5qbz5h16x8bfbjvvv8ajk8vbs8h87jtmt2mcv5an3a30g2hqjqyqt53xcqss9m6aec7grxa5fdke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%26client%3Dca-pub-2626566186821602%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39241
x-guploader-uploadid: ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJXNeItS%2FGTU5MX4MeYi2GG%2BPHfBZHFwejET02CmJRrBe33LpgIU5YtWtAZG4oCC6gZHdvO7MTBAhEx2UIxrqRuycYBticyxODg20bUmGY8K1ZIEMLAB71pTdl0UGJL7%2B0CxC5Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
expires: Mon, 08 Nov 2021 21:27:21 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6ab5a08f699e1756-FRA
cf-bgj: minify

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 0766 64 KB
8 KB 331ms
30ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ghkfn2d4m38d8ve62pqfk22ek3wd0tcaw3qved8jrbxgwq65kmz46zk1vv4cypmnq70y4xpvdvjd66a03s2dp4w3rej9g4q1pkds6sdj8pfywwqwkbaq0eeva0hjdge35kf10ct3das3px6eyk62md0pqkm8391eds0mns036cdgss42py7ch50gsgn9r14kb5eab085tdwgyyzab0jvtnq6atvq74bdzvepgf64wwbbv3hdx9ec2j8dywb32550qbf5rqvfj480x547wkftsmvywj0jwj695p34e678k7v63pee30gx39g79d3pj0cp4p6q0dnb27fzxd7v7ndswp9rd1hvf591azvpq8xjc5q2092221vz1ygj073sr61bkgk18ppf33a2rba2r4xzq29vfxwb9f6wpt24z64cct8pkzyteng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%26client%3Dca-pub-2626566186821602%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ghkfn2d4m38d8ve62pqfk22ek3wd0tcaw3qved8jrbxgwq65kmz46zk1vv4cypmnq70y4xpvdvjd66a03s2dp4w3rej9g4q1pkds6sdj8pfywwqwkbaq0eeva0hjdge35kf10ct3das3px6eyk62md0pqkm8391eds0mns036cdgss42py7ch50gsgn9r14kb5eab085tdwgyyzab0jvtnq6atvq74bdzvepgf64wwbbv3hdx9ec2j8dywb32550qbf5rqvfj480x547wkftsmvywj0jwj695p34e678k7v63pee30gx39g79d3pj0cp4p6q0dnb27fzxd7v7ndswp9rd1hvf591azvpq8xjc5q2092221vz1ygj073sr61bkgk18ppf33a2rba2r4xzq29vfxwb9f6wpt24z64cct8pkzyteng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%26client%3Dca-pub-2626566186821602%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1081673
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 27 Oct 2021 19:53:29 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6ab5a0913c2e1756-FRA
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0766 36 KB
12 KB 34ms
22ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ghkfn2d4m38d8ve62pqfk22ek3wd0tcaw3qved8jrbxgwq65kmz46zk1vv4cypmnq70y4xpvdvjd66a03s2dp4w3rej9g4q1pkds6sdj8pfywwqwkbaq0eeva0hjdge35kf10ct3das3px6eyk62md0pqkm8391eds0mns036cdgss42py7ch50gsgn9r14kb5eab085tdwgyyzab0jvtnq6atvq74bdzvepgf64wwbbv3hdx9ec2j8dywb32550qbf5rqvfj480x547wkftsmvywj0jwj695p34e678k7v63pee30gx39g79d3pj0cp4p6q0dnb27fzxd7v7ndswp9rd1hvf591azvpq8xjc5q2092221vz1ygj073sr61bkgk18ppf33a2rba2r4xzq29vfxwb9f6wpt24z64cct8pkzyteng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%26client%3Dca-pub-2626566186821602%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39241
x-guploader-uploadid: ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaE1cv5XB%2BW%2B7BHP1M1CNapB5CbjyDIJ86H7rypZ4bfUfpiO3z9L7jtblvx0S3KQkpEQxVQbjtU3Kmq71DhG1i%2BXBL03DuFw%2FWXws4Q93b%2FYtq9jDsO3FcfKY3pmW1ffn902gMk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
expires: Mon, 08 Nov 2021 21:27:21 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6ab5a08f69a11756-FRA
cf-bgj: minify

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 36AF 64 KB
8 KB 321ms
20ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jy0ty8kk9tmpy98609t1gkzphna2rehs9gh3xbe104a9e58xqj7swj45h7n63tq2bc333pf7y66e8dgdx9e4exn48qqkb6s5zpyqm5dvq3rrktkdmq7sa160r30kravq65cgrp2snweqpbyj057bwkcf5vrb0mt2ygvea57sgerwbwrqn32yn11c6syvxmybzwftm6b5vvwjxn3tep3x0zhzj8s7ga2ftr4zbnytq2e4y1wbnjmc2bf78w73kyhkrtz0a3nt4zqh1ypp4cf1q2ent2damkvp71p2wrq1k7rgtn5fhxqnawbp31vbpsnyc6a4856c9mg1m4yk2de7mcjmng0hn49ka802s5kn2p8m4mqgwk78zx1qj2ht4qrk2zdh634559hzmgt5w149a8ywhk94zkdx8pz71jf3q6w29g1dhrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%26client%3Dca-pub-2626566186821602%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jy0ty8kk9tmpy98609t1gkzphna2rehs9gh3xbe104a9e58xqj7swj45h7n63tq2bc333pf7y66e8dgdx9e4exn48qqkb6s5zpyqm5dvq3rrktkdmq7sa160r30kravq65cgrp2snweqpbyj057bwkcf5vrb0mt2ygvea57sgerwbwrqn32yn11c6syvxmybzwftm6b5vvwjxn3tep3x0zhzj8s7ga2ftr4zbnytq2e4y1wbnjmc2bf78w73kyhkrtz0a3nt4zqh1ypp4cf1q2ent2damkvp71p2wrq1k7rgtn5fhxqnawbp31vbpsnyc6a4856c9mg1m4yk2de7mcjmng0hn49ka802s5kn2p8m4mqgwk78zx1qj2ht4qrk2zdh634559hzmgt5w149a8ywhk94zkdx8pz71jf3q6w29g1dhrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%26client%3Dca-pub-2626566186821602%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1081673
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 27 Oct 2021 19:53:29 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6ab5a0913c311756-FRA
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 36AF 36 KB
12 KB 30ms
18ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jy0ty8kk9tmpy98609t1gkzphna2rehs9gh3xbe104a9e58xqj7swj45h7n63tq2bc333pf7y66e8dgdx9e4exn48qqkb6s5zpyqm5dvq3rrktkdmq7sa160r30kravq65cgrp2snweqpbyj057bwkcf5vrb0mt2ygvea57sgerwbwrqn32yn11c6syvxmybzwftm6b5vvwjxn3tep3x0zhzj8s7ga2ftr4zbnytq2e4y1wbnjmc2bf78w73kyhkrtz0a3nt4zqh1ypp4cf1q2ent2damkvp71p2wrq1k7rgtn5fhxqnawbp31vbpsnyc6a4856c9mg1m4yk2de7mcjmng0hn49ka802s5kn2p8m4mqgwk78zx1qj2ht4qrk2zdh634559hzmgt5w149a8ywhk94zkdx8pz71jf3q6w29g1dhrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%26client%3Dca-pub-2626566186821602%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Tue, 09 Nov 2021 08:21:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39241
x-guploader-uploadid: ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRDq22QasF6n3DT9vwKSOjZSTFEU2vDCoQJslP%2FYUATzKE5LeYPuhAnx1vdNVUKOg0ezdHdDiAtFfW2GFow1ClezjeVIyx%2F0MFUIa63lQy65c536sS78IQ0dClGQWFS5WQuR0h0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
expires: Mon, 08 Nov 2021 21:27:21 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6ab5a08f69a21756-FRA
cf-bgj: minify

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2DA1
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEFbUPvo7jJnpNnNmNiwwrzI&google_cver=1&google_push=AYg5qPKc60VKbUfRxN4PVAX1LrZ7EScV5rnoLRK1LtLGhTsEbvwoNP-3bRpaKejPmbGbE4fj5weuzbmSrv45xpnMp1SYvWwLgNw
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjgzMDA2Nzc1MjU0NDgwQw==

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjgzMDA2Nzc1MjU0NDgwQw==

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RjgzMDA2Nzc1MjU0NDgwQw==
date: Tue, 09 Nov 2021 08:21:22 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2DA1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG7gyDlBY4mgz9zkBhsqDbY&google_cver=1&google_push=AYg5qPIMkQrK-RxeFuq2Cvczd6LtdbVVgz8YBuVdBa18OCnXSIVCFnoVEjIdi56kKSyqTiGc9ecPI6aNOt3VS4...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODQ4MjQwMzg2NTcyMDk4Nw%3D%3D&google_push=AYg5qPIMkQrK-RxeFuq2Cvczd6LtdbVVgz8YBuVdBa18OCnXSIVCFnoVEjIdi56kKSyqTiGc9ecPI6aNOt3VS49du-...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODQ4MjQwMzg2NTcyMDk4Nw%3D%3D&google_push=AYg5qPIMkQrK-RxeFuq2Cvczd6LtdbVVgz8YBuVdBa18OCnXSIVCFnoVEjIdi56kKSyqTiGc9ecPI6aNOt3VS49du-m4eqllXbc

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODQ4MjQwMzg2NTcyMDk4Nw%3D%3D&google_push=AYg5qPIMkQrK-RxeFuq2Cvczd6LtdbVVgz8YBuVdBa18OCnXSIVCFnoVEjIdi56kKSyqTiGc9ecPI6aNOt3VS49du-m4eqllXbc
Date: Tue, 09 Nov 2021 08:21:22 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2DA1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJWrFR_ReU0Ds1YzieMEYUs&google_cver=1&google_push=AYg5qPLNntg2Lotk5LfWsnxJD16RFw84SzV0pH2CKsrjDcT2TjI7iJ4NhhQZ3mWvLR6CptSM9WhqlblRwpsr9qt...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=hh30nDBLSE9L03VQRnuUd4jzxlA&google_push=AYg5qPLNntg2Lotk5LfWsnxJD16RFw84SzV0pH2CKsrjDcT2TjI7iJ4NhhQZ3mWvLR6CptSM9WhqlblRwpsr9q...

170 B
188 B

22ms
21ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=hh30nDBLSE9L03VQRnuUd4jzxlA&google_push=AYg5qPLNntg2Lotk5LfWsnxJD16RFw84SzV0pH2CKsrjDcT2TjI7iJ4NhhQZ3mWvLR6CptSM9WhqlblRwpsr9qtj46y8J-c9JnM

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=hh30nDBLSE9L03VQRnuUd4jzxlA&google_push=AYg5qPLNntg2Lotk5LfWsnxJD16RFw84SzV0pH2CKsrjDcT2TjI7iJ4NhhQZ3mWvLR6CptSM9WhqlblRwpsr9qtj46y8J-c9JnM
Date: Tue, 09 Nov 2021 08:21:22 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 2DA1 42 B
233 B 259ms
83ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEHQSVh9Quu0QXymheQu7LhA&google_cver=1&google_push=AYg5qPJ36oP9W1S8i68gj_7bAQaqi6QZagVmQ2OLH0d6DPcFk7owd6a20iH00SasEDu12WD2E-X5M74U2_Whxo_Cb4Ec83XpqSc
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:22 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 204 exptsync
ads.yieldmo.com/ Frame 2DA1 0
35 B 125ms
31ms Image
text/plain 34.254.8.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/exptsync?google_gid=CAESEEabUjkem7sizZhfr6p3iyY&google_cver=1&google_push=AYg5qPLhTo4Y6ET4A1VgpRsgEmlbIGRsOiwZPKEmqlhmfNR4va66y9uZyeXrsPRKe3vM-HNtuMm4ipF53VHjXpXcYBYK-BDVbg
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2DA1
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELHCj1PJv7W6srjYlqU90w4&google_cver=1&google_push=AYg5qPLRXPAuBU_gmNi0EDrcUEQ9aUCgzWPGEdR8dAgRwxGixZX02KqMXOB2nQp2p6q58ySKLuhYSeBC1kp2RjzqX...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDcwMDNiMTUtODRhOS00NGVmLWJmYzUtZjcxNTI0MzcwYTRi&google_push=AYg5qPLRXPAuBU_gmNi0EDrcUEQ9aUCgzWPGEdR8dAgRwxGixZX02KqMXOB2nQp2...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDcwMDNiMTUtODRhOS00NGVmLWJmYzUtZjcxNTI0MzcwYTRi&google_push=AYg5qPLRXPAuBU_gmNi0EDrcUEQ9aUCgzWPGEdR8dAgRwxGixZX02KqMXOB2nQp2p6q58ySKLuhYSeBC1kp2RjzqX3o-u-EWmI2C

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDcwMDNiMTUtODRhOS00NGVmLWJmYzUtZjcxNTI0MzcwYTRi&google_push=AYg5qPLRXPAuBU_gmNi0EDrcUEQ9aUCgzWPGEdR8dAgRwxGixZX02KqMXOB2nQp2p6q58ySKLuhYSeBC1kp2RjzqX3o-u-EWmI2C
date: Tue, 09 Nov 2021 08:21:22 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2DA1
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEKM1p8PL6xWL-5V_cAWuMSk&google_cver=1&google_push=AYg5qPISRm-z-NsmhWRTeUtKbE-hN67VHWTz79BEg03Z-ZOmQYE3lSIPXQdJfcw9CXCtGtYpWg2OzqyoAcjJxjoyXF6UWIuRQV4
https://ads.avads.net/sync/ggl?google_gid=CAESEKM1p8PL6xWL-5V_cAWuMSk&google_cver=1&google_push=AYg5qPISRm-z-NsmhWRTeUtKbE-hN67VHWTz79BEg03Z-ZOmQYE3lSIPXQdJfcw9CXCtGtYpWg2OzqyoAcjJxjoyXF6UWIuRQV4&a...
https://ads.avads.net/sync/ggl?google_gid=CAESEKM1p8PL6xWL-5V_cAWuMSk&google_cver=1&google_push=AYg5qPISRm-z-NsmhWRTeUtKbE-hN67VHWTz79BEg03Z-ZOmQYE3lSIPXQdJfcw9CXCtGtYpWg2OzqyoAcjJxjoyXF6UWIuRQV4
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OGZmZTJjODEtMWMzYi00Y2Q1LWFiZjAtNDNhMWQ1ZmE1M2Zh&google_push=AYg5qPISRm-z-NsmhWRTeUtKbE-hN67VHWTz79BEg03Z-ZOmQYE3lSIPXQdJfcw9CXCtGtY...

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OGZmZTJjODEtMWMzYi00Y2Q1LWFiZjAtNDNhMWQ1ZmE1M2Zh&google_push=AYg5qPISRm-z-NsmhWRTeUtKbE-hN67VHWTz79BEg03Z-ZOmQYE3lSIPXQdJfcw9CXCtGtYpWg2OzqyoAcjJxjoyXF6UWIuRQV4

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OGZmZTJjODEtMWMzYi00Y2Q1LWFiZjAtNDNhMWQ1ZmE1M2Zh&google_push=AYg5qPISRm-z-NsmhWRTeUtKbE-hN67VHWTz79BEg03Z-ZOmQYE3lSIPXQdJfcw9CXCtGtYpWg2OzqyoAcjJxjoyXF6UWIuRQV4
date: Tue, 09 Nov 2021 08:21:22 GMT
x-envoy-upstream-service-time: 3
server: istio-envoy
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2DA1 0
12 B 28ms
14ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Icokx4ytS38dkzYlaebXBPDi-YQywiHXcG76pLg16nG8WWBxAq5W30f5ail0e_chAevp56ylI

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 2633026185873813768
tpc.googlesyndication.com/simgad/ Frame 0214 168 KB
168 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2633026185873813768

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a0e6e2fa3625713132fdd57a1e0bdc847927c9c26ae15fc93bde02fd4269e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 05:42:25 GMT
x-content-type-options: nosniff
age: 527937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172021
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 16:11:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 05:42:25 GMT

GET
H2 200 18076485150489721097
tpc.googlesyndication.com/simgad/ Frame 0214 3 KB
3 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18076485150489721097?w=100&h=100

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08b13e9bd202db706536afa6af63bdf52d90b660021f3eb3297f139d49ceb049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 22:49:50 GMT
x-content-type-options: nosniff
age: 466292
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3119
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 09:02:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 22:49:50 GMT

GET
H2 200 data=VIAgeyNkoV8Ec9TSEsD6-odQMMFkoeQD1KhX0YawYtIzZKPeuCCWHtDkb-akjdSHPQrtjdLZ5ft2-d4GIn4
mts0.google.com/vt/ Frame 0214 17 KB
17 KB 34ms
19ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=VIAgeyNkoV8Ec9TSEsD6-odQMMFkoeQD1KhX0YawYtIzZKPeuCCWHtDkb-akjdSHPQrtjdLZ5ft2-d4GIn4

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

65062a8b5c46a8d0d6467b94e7047f9de07b8375fe009e0e101a0f1328a839c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17768
x-xss-protection: 0
x-server-version-bin: CggIBBCSvqOMBg==
server: scaffolding on HTTPServer2
etag: 043cb34f1babb93bf
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2398
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 09 Nov 2021 09:01:20 GMT

GET
DATA 200
OK truncated
/ Frame 0214 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0214 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 2633026185873813768
tpc.googlesyndication.com/simgad/ Frame AA78 168 KB
168 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2633026185873813768

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a0e6e2fa3625713132fdd57a1e0bdc847927c9c26ae15fc93bde02fd4269e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 05:42:25 GMT
x-content-type-options: nosniff
age: 527937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172021
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 16:11:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 05:42:25 GMT

GET
H2 200 18076485150489721097
tpc.googlesyndication.com/simgad/ Frame AA78 3 KB
3 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18076485150489721097?w=100&h=100

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08b13e9bd202db706536afa6af63bdf52d90b660021f3eb3297f139d49ceb049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 22:49:50 GMT
x-content-type-options: nosniff
age: 466292
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3119
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 09:02:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 22:49:50 GMT

GET
H2 200 data=VIAgeyNkoV8Ec9TSEsD6-odQMMFkoeQD1KhX0YawYtIzZKPeuCCWHtDkb-akjdSHPQrtjdLZ5ft2-d4GIn4
mts0.google.com/vt/ Frame AA78 17 KB
17 KB 27ms
20ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=VIAgeyNkoV8Ec9TSEsD6-odQMMFkoeQD1KhX0YawYtIzZKPeuCCWHtDkb-akjdSHPQrtjdLZ5ft2-d4GIn4

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

65062a8b5c46a8d0d6467b94e7047f9de07b8375fe009e0e101a0f1328a839c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17768
x-xss-protection: 0
x-server-version-bin: CggIBBCSvqOMBg==
server: scaffolding on HTTPServer2
etag: 043cb34f1babb93bf
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2398
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 09 Nov 2021 09:01:20 GMT

GET
DATA 200
OK truncated
/ Frame AA78 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AA78 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 2633026185873813768
tpc.googlesyndication.com/simgad/ Frame 35F2 168 KB
168 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2633026185873813768

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a0e6e2fa3625713132fdd57a1e0bdc847927c9c26ae15fc93bde02fd4269e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 05:42:25 GMT
x-content-type-options: nosniff
age: 527937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172021
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 16:11:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 05:42:25 GMT

GET
H2 200 18076485150489721097
tpc.googlesyndication.com/simgad/ Frame 35F2 3 KB
3 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18076485150489721097?w=100&h=100

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08b13e9bd202db706536afa6af63bdf52d90b660021f3eb3297f139d49ceb049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 22:49:50 GMT
x-content-type-options: nosniff
age: 466292
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3119
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 09:02:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 22:49:50 GMT

GET
H2 200 data=VIAgeyNkoV8Ec9TSEsD6-odQMMFkoeQD1KhX0YawYtIzZKPeuCCWHtDkb-akjdSHPQrtjdLZ5ft2-d4GIn4
mts0.google.com/vt/ Frame 35F2 17 KB
18 KB 21ms
17ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=VIAgeyNkoV8Ec9TSEsD6-odQMMFkoeQD1KhX0YawYtIzZKPeuCCWHtDkb-akjdSHPQrtjdLZ5ft2-d4GIn4

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

65062a8b5c46a8d0d6467b94e7047f9de07b8375fe009e0e101a0f1328a839c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17768
x-xss-protection: 0
x-server-version-bin: CggIBBCSvqOMBg==
server: scaffolding on HTTPServer2
etag: 043cb34f1babb93bf
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2398
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 09 Nov 2021 09:01:20 GMT

GET
DATA 200
OK truncated
/ Frame 35F2 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 35F2 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 0214 0
54 B 726ms
252ms Ping
image/gif 2800:3f0:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvrtqu7p&c=460252161816&slotId=230126080908&qqid=CJ775drsivQCFVH5dwodjIEDQA&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:81d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2633026185873813768
tpc.googlesyndication.com/simgad/ Frame 0214 168 KB
168 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2633026185873813768

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a0e6e2fa3625713132fdd57a1e0bdc847927c9c26ae15fc93bde02fd4269e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 05:42:25 GMT
x-content-type-options: nosniff
age: 527937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172021
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 16:11:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 05:42:25 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0214 0
0 48ms
48ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CocingC-KYZ67OtHy3wOMg46ABKXQ76NmpffXjvAOZBABIK33uB9glYKAgLgHoAHMqLDgA8gBCakCMsDzh492sz7gAgCoAwHIA5sEqgTqAU_QFw5yrC9RgFpkpsOY954wuRwLSbktw6UNlB5F3wqXDyzgQVDDJc6VYioAcs8G39lE92C-SE2CB6wrqoaj7_rCWtomN1MomQVRRgz26OTBlAcYlXiH80eTRxb3npTrmZTonX063ldos7aFRtS1LuVs8U4Lg92pO-GdVsY9ub9dLj25qFxC6yZM3H_xveSLeluuP81I680pglCmmMR62hrjCw3LtGu8YR9Npu3LTDnLkCWMUp5hNtzRWkkp6BDdPat3HBRqPzgW6HtC23o4GOu1WL-He5OWxQg8DRekr4JqNV5nWjYu_MziocAExpf7hN0D4AQBkgUECAQYAZIFBAgFGASgBi6AB5zysiCoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ-4sR0ggJCIDhgBAQARgdgAoDyAsBmAybqajI9gO4E6EE2BMO0BUBmBYBgBcBshceChwIABIUcHViLTI2MjY1NjYxODY4MjE2MDIYre0Y&sigh=AZu_R-G24eU&uach_m=[UACH]&template_id=545
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame AA78 0
54 B 703ms
253ms Ping
image/gif 2800:3f0:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvrtqu8o&c=2653672992870&slotId=1326836496435&qqid=CJ_75drsivQCFVH5dwodjIEDQA&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:81d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2633026185873813768
tpc.googlesyndication.com/simgad/ Frame AA78 168 KB
168 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2633026185873813768

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a0e6e2fa3625713132fdd57a1e0bdc847927c9c26ae15fc93bde02fd4269e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 05:42:25 GMT
x-content-type-options: nosniff
age: 527937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172021
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 16:11:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 05:42:25 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AA78 0
0 47ms
46ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQWqBgC-KYZ-7OtHy3wOMg46ABKXQ76Nm_YDYjvAOZBABIK33uB9glYKAgLgHoAHMqLDgA8gBCakCMsDzh492sz7gAgCoAwHIA5sEqgTqAU_QsDlLj6t9TUcFmFuLeFcw2uaUN71oHYx_PaoiMb4nIFll3QZLX6ZUF0-jaY2bGSI55iXNcIUW4D80VKl9aLCRCdo7VkdXk3TPiBCSTkoL8ongn9zSTj79XAAZIbBVfMjdiZjQ8UrO23Z1qcRa03eoGSUKNkVqgtX61Wd-Wl00B06nndWglJjefUA45RTaTUR8zUkeRXMyUNn5ngOrceJ_dxoH5M-CIxXAYt8T_XHL0EiHwaz26vAUAZpM1WLz3nt-VawedgHkmhzdnV5KMbcIjrKEKFnaG4iOVb9prdDgmI9Rx4VUCnkj8MAExpf7hN0D4AQBkgUECAQYAZIFBAgFGASgBi6AB5zysiCoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ4a4O0ggJCIDhgBAQARgdgAoDyAsBmAybqajI9gO4E6EE2BMO0BUBmBYBgBcBshceChwIABIUcHViLTI2MjY1NjYxODY4MjE2MDIYre0Y&sigh=tZ92tH_mLek&uach_m=[UACH]&template_id=545
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 35F2 0
54 B 689ms
253ms Ping
image/gif 2800:3f0:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvrtqu93&c=4828774747984&slotId=2414387373992&qqid=CKH75drsivQCFVH5dwodjIEDQA&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:81d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2633026185873813768
tpc.googlesyndication.com/simgad/ Frame 35F2 168 KB
168 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2633026185873813768

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a0e6e2fa3625713132fdd57a1e0bdc847927c9c26ae15fc93bde02fd4269e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 05:42:25 GMT
x-content-type-options: nosniff
age: 527937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172021
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 16:11:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 05:42:25 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 35F2 0
0 53ms
52ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0bKvgC-KYaG7OtHy3wOMg46ABKXQ76NmxYLYjvAOZBABIK33uB9glYKAgLgHoAHMqLDgA8gBCakCMsDzh492sz7gAgCoAwHIA5sEqgTqAU_QTgsXwRdV5HYVR9YCpLAFJ00WxPF5o9Wfk93F4L7B2cJMd2GiVzF8fOWxlZSSBEpmzBrDCGTqfUoB9YeMKeYpmG2A5JL6VEOSs7tdp7z34LaIXmTTVgGszSV4c_xWq51JV0fEb8HYYf-rFOE3c30Xlh1geKZkko1I8IqtokigLzpEHHNOkZ6HnsJtAmlukiVXP1gUmLsROekwj6gxkzdIOXdEd6RP0RS42kOGXn1zEsmD1SEgWzHWpZBiOxSmLJWtE-NHGOMkTpHEQETiPUWoqRGImIGRZDFfNQdALiVnWuN9FJJoGhTzD8AExpf7hN0D4AQBkgUECAQYAZIFBAgFGASgBi6AB5zysiCoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQq5kG0ggJCIDhgBAQARgdgAoDyAsBmAybqajI9gO4E6EE2BMO0BUBmBYBgBcBshceChwIABIUcHViLTI2MjY1NjYxODY4MjE2MDIYre0Y&sigh=clJc9pvgAN8&uach_m=[UACH]&template_id=545
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1

206
Partial Content

videoplayback
rr4---sn-4g5ednsk.googlevideo.com/ Frame 0214
Redirect Chain

https://rr4---sn-4g5lznez.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYZOGEt3n1gKr9L9g&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&mh=zq&mm=31&mn=sn-4g5lz...
https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYZOGEt3n1gKr9L9g&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...

927 KB
927 KB

21ms
8ms

Media
video/mp4

2a00:1450:4001:6f::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYZOGEt3n1gKr9L9g&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgXm3l9MWM_PvOtp3QjhgzDSlr5VSghC2QsoInIxl8QMwCIEBwav2usk1mqXRED5iTjDsnZ3Ghuvt38Tl0mS9z6H78&cpn=hEmXBUzr3C_noBS_&redirect_counter=1&rm=sn-4g5ek77z&fexp=24052761&req_id=834758f7303736e2&cms_redirect=yes&ipbypass=yes&mh=zq&mip=2a01:4f8:212:78e:2a::1&mm=31&mn=sn-4g5ednsk&ms=au&mt=1636445312&mv=u&mvi=4&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIganTq1RvuHJFNGQo2yLYrlgg8ZGummPj_k3YjJqyNJWoCIQCpK4Hsmxx-xVJq1P16nOs7ja5g00MaC9q_3ARjYBtBRA%3D%3D

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:6f::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3368e90b1dd9b3619427ee06846b07bb55a38e77129d23f95c7288620b847a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 08:21:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Oct 2021 11:07:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-948853/948854
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 948854
Expires: Tue, 09 Nov 2021 08:21:22 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYZOGEt3n1gKr9L9g&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgXm3l9MWM_PvOtp3QjhgzDSlr5VSghC2QsoInIxl8QMwCIEBwav2usk1mqXRED5iTjDsnZ3Ghuvt38Tl0mS9z6H78&cpn=hEmXBUzr3C_noBS_&redirect_counter=1&rm=sn-4g5ek77z&fexp=24052761&req_id=834758f7303736e2&cms_redirect=yes&ipbypass=yes&mh=zq&mip=2a01:4f8:212:78e:2a::1&mm=31&mn=sn-4g5ednsk&ms=au&mt=1636445312&mv=u&mvi=4&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIganTq1RvuHJFNGQo2yLYrlgg8ZGummPj_k3YjJqyNJWoCIQCpK4Hsmxx-xVJq1P16nOs7ja5g00MaC9q_3ARjYBtBRA%3D%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5B7E 1 KB
783 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 50081
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0214 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a99b49f6d75d4331a8b852638fae0d5622bf16cd386f6e6515faccd9e9613794

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B890 1 KB
783 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 50081
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2E18 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93aaa6beafa756a441dbcff6a9af23ffbfa2d057d18eb412e3e6892434ade16f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

206
Partial Content

videoplayback
rr4---sn-4g5ednsk.googlevideo.com/ Frame AA78
Redirect Chain

https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYd-PEofR1wKh3ZKYAQ&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&mh=zq&mm=31&mn=sn-4g5...
https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYd-PEofR1wKh3ZKYAQ&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&cti...

927 KB
927 KB

323ms
8ms

Media
video/mp4

2a00:1450:4001:6f::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYd-PEofR1wKh3ZKYAQ&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAPvXrRf-UYec_WefG0mztvwgYnnMVCLyFstHgKNFf5iLAiEA53cr2BhEGTLWXvsN8UE14o6bkAK70IoTSXiVvrzQ47A=&cpn=r8ysrdXHRlx0YpNd&redirect_counter=1&rm=sn-4g5e6y7z&req_id=17b99f5c121d36e2&cms_redirect=yes&ipbypass=yes&mh=zq&mip=2a01:4f8:212:78e:2a::1&mm=31&mn=sn-4g5ednsk&ms=au&mt=1636445312&mv=u&mvi=4&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMR5Oi6VtQiLJxSuWUEC_lN6eaivhSfHEJLsJGu11K09AiEAl6GbvTdDF2gKhRaAUne6zP1VRreqCgWMUDWuaQ6_APM%3D

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:6f::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3368e90b1dd9b3619427ee06846b07bb55a38e77129d23f95c7288620b847a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Oct 2021 11:07:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-948853/948854
Cache-Control: private, max-age=28498
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 948854
Expires: Tue, 09 Nov 2021 08:21:23 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYd-PEofR1wKh3ZKYAQ&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAPvXrRf-UYec_WefG0mztvwgYnnMVCLyFstHgKNFf5iLAiEA53cr2BhEGTLWXvsN8UE14o6bkAK70IoTSXiVvrzQ47A=&cpn=r8ysrdXHRlx0YpNd&redirect_counter=1&rm=sn-4g5e6y7z&req_id=17b99f5c121d36e2&cms_redirect=yes&ipbypass=yes&mh=zq&mip=2a01:4f8:212:78e:2a::1&mm=31&mn=sn-4g5ednsk&ms=au&mt=1636445312&mv=u&mvi=4&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMR5Oi6VtQiLJxSuWUEC_lN6eaivhSfHEJLsJGu11K09AiEAl6GbvTdDF2gKhRaAUne6zP1VRreqCgWMUDWuaQ6_APM%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8FDE 1 KB
783 B 7ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 50081
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AA78 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c0b6781c2413c25157d7f05cf5693932dd23c18744e771e48c24e8fd2d427c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EC58 1 KB
783 B 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 50081
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9129
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESELse1Z5oQ40FN7J-ZcwuKYI&google_cver=1&google_push=AYg5qPIpGB47scEp27EwU8skE813emYokoSuzYhmlKeoQ3Cu7YwyKDsQt5t3J...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESELse1Z5oQ40FN7J-ZcwuKYI&google_cver=1&google_push=AYg5qPIpGB47scEp27EwU8skE813emYokoSuzYhmlKeoQ3Cu7YwyKDsQt5t3J...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=qQR9XO_nhus1fmYZZuiq7w&google_push=AYg5qPIpGB47scEp27EwU8skE813emYokoSuzYhmlKeoQ3Cu7YwyKDsQt5t3JcNHeWsZQ9jGlRwvrbp9o...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=qQR9XO_nhus1fmYZZuiq7w&google_push=AYg5qPIpGB47scEp27EwU8skE813emYokoSuzYhmlKeoQ3Cu7YwyKDsQt5t3JcNHeWsZQ9jGlRwvrbp9ohCxCpUVHagFuvpQ-Xw

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:22 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=qQR9XO_nhus1fmYZZuiq7w&google_push=AYg5qPIpGB47scEp27EwU8skE813emYokoSuzYhmlKeoQ3Cu7YwyKDsQt5t3JcNHeWsZQ9jGlRwvrbp9ohCxCpUVHagFuvpQ-Xw
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 237

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9129
Redirect Chain

https://px.adhigh.net/p/gm/rub?google_gid=CAESENwLOX7VKIhwFYlPzPhBOwg&google_cver=1&google_push=AYg5qPI-Q_qF3m_0r4NaVHYZQNt1zrs0qhSd54f40T-2Nmbqf4e1evLL6rrVjpLF3q_g13XoaCbQlboCP2CoBR-K-LvqKKQ5mQ
https://px.adhigh.net/p/gm/rub?google_gid=CAESENwLOX7VKIhwFYlPzPhBOwg&google_cver=1&google_push=AYg5qPI-Q_qF3m_0r4NaVHYZQNt1zrs0qhSd54f40T-2Nmbqf4e1evLL6rrVjpLF3q_g13XoaCbQlboCP2CoBR-K-LvqKKQ5mQ&bo...
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPI-Q_qF3m_0r4NaVHYZQNt1zrs0qhSd54f40T-2Nmbqf4e1evLL6rrVjpLF3q_g13XoaCbQlboCP2CoBR-K-LvqKKQ5mQ&google_hm=4T14YQ4iFokAAikABlF9A8mXB...

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPI-Q_qF3m_0r4NaVHYZQNt1zrs0qhSd54f40T-2Nmbqf4e1evLL6rrVjpLF3q_g13XoaCbQlboCP2CoBR-K-LvqKKQ5mQ&google_hm=4T14YQ4iFokAAikABlF9A8mXBw%3D%3D

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f8-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPI-Q_qF3m_0r4NaVHYZQNt1zrs0qhSd54f40T-2Nmbqf4e1evLL6rrVjpLF3q_g13XoaCbQlboCP2CoBR-K-LvqKKQ5mQ&google_hm=4T14YQ4iFokAAikABlF9A8mXBw%3D%3D
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 9129 43 B
586 B 63ms
15ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEE4bSrHa8nGt-PRAcE1ebaA&google_cver=1&google_push=AYg5qPJc-hPJiJThB4bW6wi7g6mdHFyPreW-IbJo0c2t6BBizRgNBBMDEoG6im6CaulgxLv_esVRAVG65uAgN1WtuWjl2DIpsSc

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 08:21:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9129
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAkvrik1DcfY5FXFc1gVdE8&google_cver=1&google_push=AYg5qPKUHOAI-rs0aCf5w6X6Nf9ChiFcHuGU-KdvYlNAJWpLdamMMddvYixbF61iHPqOCCZW-rX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPKUHOAI-rs0aCf5w6X6Nf9ChiFcHuGU-KdvYlNAJWpLdamMMddvYixbF61iHPqOCCZW-rXNfNKI3dRVdIM2g5q01fA56w

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPKUHOAI-rs0aCf5w6X6Nf9ChiFcHuGU-KdvYlNAJWpLdamMMddvYixbF61iHPqOCCZW-rXNfNKI3dRVdIM2g5q01fA56w

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPKUHOAI-rs0aCf5w6X6Nf9ChiFcHuGU-KdvYlNAJWpLdamMMddvYixbF61iHPqOCCZW-rXNfNKI3dRVdIM2g5q01fA56w
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 9129 0
474 B 60ms
12ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPICAYJF2eb4_0zxRjNx0YkUHYr6RJPM2nuIyb1Zqh3IGGKtaHTSB35Pjo8UwY7UfX6zyCk8G5-YdX0U9ldPKQjPnPdTkNM%26google_hm%3D%5BUID%5D&google_gid=CAESEMxAPwHMRf8ZGn8yqSVIGfY&google_cver=1

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:22 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 9129 0
44 B 970ms
320ms Image
text/plain 52.69.203.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEO_DlZmYbrTZ9h9aWv97bAo&google_cver=1&google_push=AYg5qPK0PQrmfzShT7iiDo54sx3PuLUgC_mz7VQx65P871jCGQ3AICdjPL_pn3nMvMaa7RyWUhtve5qF8nQo-_WMuE7JL-whfiw
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.69.203.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-69-203-30.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
server: awselb/2.0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9129
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELHCj1PJv7W6srjYlqU90w4&google_cver=1&google_push=AYg5qPIrPVvu7AFZir_UqEDRP8I04EIoWD1r66tBj6uQgZATlpD8gveYnrsRWw_ghOxnbdmKk0Nl--65VUz8uyWll...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDcwMDNiMTUtODRhOS00NGVmLWJmYzUtZjcxNTI0MzcwYTRi&google_push=AYg5qPIrPVvu7AFZir_UqEDRP8I04EIoWD1r66tBj6uQgZATlpD8gveYnrsRWw_g...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDcwMDNiMTUtODRhOS00NGVmLWJmYzUtZjcxNTI0MzcwYTRi&google_push=AYg5qPIrPVvu7AFZir_UqEDRP8I04EIoWD1r66tBj6uQgZATlpD8gveYnrsRWw_ghOxnbdmKk0Nl--65VUz8uyWllF09EdSBZ0nJ

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDcwMDNiMTUtODRhOS00NGVmLWJmYzUtZjcxNTI0MzcwYTRi&google_push=AYg5qPIrPVvu7AFZir_UqEDRP8I04EIoWD1r66tBj6uQgZATlpD8gveYnrsRWw_ghOxnbdmKk0Nl--65VUz8uyWllF09EdSBZ0nJ
date: Tue, 09 Nov 2021 08:21:22 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9129 0
12 B 15ms
15ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IuixcdGvRVlIJcslSu6WWt_gYBdkWXlSlYEG0LsocAUpEH4evqueNr6l0FFCEXDgJdbUY9BA

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

206
Partial Content

videoplayback
rr4---sn-4g5ednsk.googlevideo.com/ Frame 35F2
Redirect Chain

https://rr4---sn-4g5lznez.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYfWjEuKyx_APzf-tCA&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&mh=zq&mm=31&mn=sn-4g5...
https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYfWjEuKyx_APzf-tCA&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&cti...

927 KB
927 KB

317ms
9ms

Media
video/mp4

2a00:1450:4001:6f::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYfWjEuKyx_APzf-tCA&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgYCo8gzjKYfKldjzmoqqrn_tkrZjtFYv0fJ9MZFf3UiMCIEXMudC9skt6MlpGIp-VWspCUf1avh7s1itL03vmjTB0&cpn=-untHMvhU-Q_RBTo&redirect_counter=1&rm=sn-4g5ek77z&req_id=34342d8b553f36e2&cms_redirect=yes&ipbypass=yes&mh=zq&mip=2a01:4f8:212:78e:2a::1&mm=31&mn=sn-4g5ednsk&ms=au&mt=1636445312&mv=u&mvi=4&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPTnicsDKTC6FTtJ-inrD5V1q1PWVsSp-lciHI6IfheEAiEAut4HJ5Wtdyu7puDELwtgfrZxnLlki8DT1e6ayz8kREI%3D

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:6f::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3368e90b1dd9b3619427ee06846b07bb55a38e77129d23f95c7288620b847a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Oct 2021 11:07:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-948853/948854
Cache-Control: private, max-age=28498
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 948854
Expires: Tue, 09 Nov 2021 08:21:23 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr4---sn-4g5ednsk.googlevideo.com/videoplayback?expire=1636474881&ei=gS-KYfWjEuKyx_APzf-tCA&ip=136.243.198.80&id=be6a66ca718a13c3&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.085&lmt=1634641639491682&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgYCo8gzjKYfKldjzmoqqrn_tkrZjtFYv0fJ9MZFf3UiMCIEXMudC9skt6MlpGIp-VWspCUf1avh7s1itL03vmjTB0&cpn=-untHMvhU-Q_RBTo&redirect_counter=1&rm=sn-4g5ek77z&req_id=34342d8b553f36e2&cms_redirect=yes&ipbypass=yes&mh=zq&mip=2a01:4f8:212:78e:2a::1&mm=31&mn=sn-4g5ednsk&ms=au&mt=1636445312&mv=u&mvi=4&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPTnicsDKTC6FTtJ-inrD5V1q1PWVsSp-lciHI6IfheEAiEAut4HJ5Wtdyu7puDELwtgfrZxnLlki8DT1e6ayz8kREI%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6FE2 1 KB
783 B 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 50081
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 388D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 313ac0bd3ec8cd4aaf9b8a1d11335f0852592cf671c129bc6bbb15d7d1b8021d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6628 35 B
463 B 35ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPUbm2qexE61SvVGkTyA4PQ&google_cver=1&google_push=AYg5qPJWNSCNblAigZdf9c1w7q2S_ly57VTymVO4XsrtWOFgCMVGjto5HZKNg3EtGdQnRSr2X4ZvwmsBON3KsjzTxuGvkg-ubUgJ

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6628
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELvhPI3q5AZQaJvBaPtYTU8&google_push=AYg5qPLWS7DbBuqvll5DtdWqD1H55VqD1geI3V1gWEJGqGbmUQQdCVapIk...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELvhPI3q5AZQaJvBaPtYTU8&google_push=AYg5qPLWS7DbBuqvll5DtdWqD1H55VqD1geI3V1gWEJGqGbmUQQdCVapIk_DPOJ8aNgzKnTTN1sVwnifva1bk2imkBzbWMNA9jKZ

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1636446083.754514,VS0,VE94
x-served-by: cache-fra19183-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELvhPI3q5AZQaJvBaPtYTU8&google_push=AYg5qPLWS7DbBuqvll5DtdWqD1H55VqD1geI3V1gWEJGqGbmUQQdCVapIk_DPOJ8aNgzKnTTN1sVwnifva1bk2imkBzbWMNA9jKZ
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6628 70 B
264 B 37ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAghtHOZ5leKBFaDhHe5os4&google_cver=1&google_push=AYg5qPLw418Bh4uEnm5ahrcyEjaMLUxLZwg4NAO2D1BSWMRUYwOzV_1NenMb-X8qY9z9DZRWds7tFinF-8jseKGmF-SqmUhW6XdO
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6628
Redirect Chain

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEEu2idTvsNfV3KEsIPEn2uE&google_cver=1&google_push=AYg5qPJX-AQT_BCtOfhWtPTS2n1bhpXGQSFs9qSCYSQzQUVTVbTEnoavryXlGRJroEfYOvr5BqeH0Ci8d57n1i9OhK3L...
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPJX-AQT_BCtOfhWtPTS2n1bhpXGQSFs9qSCYSQzQUVTVbTEnoavryXlGRJroEfYOvr5BqeH0Ci8d57n1i9OhK3LfTR4rlFT

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPJX-AQT_BCtOfhWtPTS2n1bhpXGQSFs9qSCYSQzQUVTVbTEnoavryXlGRJroEfYOvr5BqeH0Ci8d57n1i9OhK3LfTR4rlFT

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:22 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPJX-AQT_BCtOfhWtPTS2n1bhpXGQSFs9qSCYSQzQUVTVbTEnoavryXlGRJroEfYOvr5BqeH0Ci8d57n1i9OhK3LfTR4rlFT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6628
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=omt1Wah8QzWvvxuJ73XAlQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

21ms
21ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=omt1Wah8QzWvvxuJ73XAlQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLG_6VVP5tAnzq1ZRKUzk6D9aPVN0EJwmjkuDjKcW_VErHJNOXzvdWz_pygqOCx9xee-5IkUTFPNpAukOCJmGXn2MElLBU

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=omt1Wah8QzWvvxuJ73XAlQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLG_6VVP5tAnzq1ZRKUzk6D9aPVN0EJwmjkuDjKcW_VErHJNOXzvdWz_pygqOCx9xee-5IkUTFPNpAukOCJmGXn2MElLBU
date: Tue, 09 Nov 2021 08:21:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6628
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAkvrik1DcfY5FXFc1gVdE8&google_cver=1&google_push=AYg5qPLesFzuB3qOFhcmWzbMOVIxjxEwWl39MS2b_xmSW9VmsCs-QVfQOm9dctqyC7A4OX1BJWy...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPLesFzuB3qOFhcmWzbMOVIxjxEwWl39MS2b_xmSW9VmsCs-QVfQOm9dctqyC7A4OX1BJWya3fNGYehqQ_B_JV13mKeF4Do

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPLesFzuB3qOFhcmWzbMOVIxjxEwWl39MS2b_xmSW9VmsCs-QVfQOm9dctqyC7A4OX1BJWya3fNGYehqQ_B_JV13mKeF4Do

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPLesFzuB3qOFhcmWzbMOVIxjxEwWl39MS2b_xmSW9VmsCs-QVfQOm9dctqyC7A4OX1BJWya3fNGYehqQ_B_JV13mKeF4Do
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6628
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDWUmXens0GzrBZzxLEHF3c&google_cver=1&google_push=AYg5qPLL67_YQ7nsXA1XMTvT0WkVRDvM-LUB2mlsvBOPnh5w0ceRMbJ_uMWa0Qx4O3aVH082jd...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDWUmXens0GzrBZzxLEHF3c&google_cver=1&google_push=AYg5qPLL67_YQ7nsXA1XMTvT0WkVRDvM-LUB2mlsvBOPnh5w0ceRMbJ_uMWa0Qx4O3aVH082jd...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kWWpoOEtSRTJ1SG01b2NRYlBMUV8wUDlpUU1YNE56an5B&google_push=AYg5qPLL67_YQ7nsXA1XMTvT0WkVRDvM-LUB2mlsvBOPnh5w0ceRMbJ_u...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kWWpoOEtSRTJ1SG01b2NRYlBMUV8wUDlpUU1YNE56an5B&google_push=AYg5qPLL67_YQ7nsXA1XMTvT0WkVRDvM-LUB2mlsvBOPnh5w0ceRMbJ_uMWa0Qx4O3aVH082jdjIGrNT0918ABygVQRzA4OaCCpvdw

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kWWpoOEtSRTJ1SG01b2NRYlBMUV8wUDlpUU1YNE56an5B&google_push=AYg5qPLL67_YQ7nsXA1XMTvT0WkVRDvM-LUB2mlsvBOPnh5w0ceRMbJ_uMWa0Qx4O3aVH082jdjIGrNT0918ABygVQRzA4OaCCpvdw
date: Tue, 09 Nov 2021 08:21:22 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6628 0
12 B 16ms
14ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ix6b6JmTNYnqqfeQMgZBV_j96yAVPZwnd2hO1Yug8V3raIUP_7BPv_MwKuT-OK66OazwmK2A

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0214 21 KB
22 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 50396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 18:21:26 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0214 21 KB
21 KB 31ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:15:39 GMT
x-content-type-options: nosniff
age: 453943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 02:15:39 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 2E18 21 KB
21 KB 34ms
17ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:15:39 GMT
x-content-type-options: nosniff
age: 453943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 02:15:39 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 2E18 21 KB
21 KB 28ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 50396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 18:21:26 GMT

GET
DATA 200
OK truncated
/ Frame 35F2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26118521af76c02bcc66aa9cc30f3846c28f89cafb472a066e31a926911b7b35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 78AF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 988198efc2085822c472b6bdcf09c93384f89ae53eb934f9432ba12903907ec6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 78AF 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:15:39 GMT
x-content-type-options: nosniff
age: 453943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 02:15:39 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 78AF 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 50396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 18:21:26 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame AA78 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 50396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 18:21:26 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame AA78 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:15:39 GMT
x-content-type-options: nosniff
age: 453943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 02:15:39 GMT

GET
DATA 200
OK truncated
/ Frame C8AC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a76138e20faabd59089f5f82cf5826f96a1f6acfd355eb05cd52d8baf4ea05a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8EA0 3 KB
4 KB 48ms
19ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 09 Nov 2021 08:21:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4946487
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0d6Ot%2FarG%2FGJ%2FH5ItJt6CuHZhUZzfTiPzszUk1iE1%2Fi9Gt2a8WA5xq%2B%2BGKTWB7qolSdYd5VK66nBsWkEDCbJO3RnRJ6elINCVbAO6RCvmVXyaFiLQxjCz4PWJ129yIb9cwCxcHyReIJmOiplnocAIoY"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6ab5a0929c17c26d-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 36AF 3 KB
3 KB 49ms
22ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 09 Nov 2021 08:21:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4946487
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpX2GUTcmKoLq276vSoSDTw1Pt%2FOwEAsoXru6gmekCy2hzaVRiDU5SAag67hhXRb3J3QDk3LHITbjMpkd%2FouYq1vu6ydNuv4vMp%2BY1pz9yhKCZ6S0BWUz7JSzM2exmcLZNetO3YMNdiVEU6Nnk6WoyMh"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6ab5a0929c1ac26d-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0766 3 KB
3 KB 46ms
21ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 09 Nov 2021 08:21:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4946487
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tp6QZdgserFWmH7657JAkKcsG9rCY6ObQDblGrgBb26sOsmd%2BjTNqt4%2BljaDgjP6v%2BneIZh922XV%2B7gsbQWdx9drmwmGPguw6oiP4fkW8Mzkjv%2FT7AZmJgcsuk4n4QUq1CJ5%2BR8M%2Fhooaa%2B7Aw2QWMqu"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6ab5a0929c1bc26d-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
DATA 200
OK truncated
/ Frame FED0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a461bd4b17917ded8236779772e1ad83836eaeb62e2e89d5fcd0e5c3263fa263

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9884 42 B
176 B 46ms
46ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstavNdc4aA_n_Pcvf09otIJEI9UkQDDpGFxcd7jEnejdne-zq4q0Fx3c5tq-MnVn2w1FMXaiCFmKULmy1VRrd_1B3frxzVmgUNiWw-yU2lhR6oCEFyDbg&sai=AMfl-YQKgmnSMIWu-Xy2C2z_Y8PcczbmiTNDRhqKf9WP5HLHdh-ORl93GHFQFlKtAKJUOlrhX5kU_6f-LtVyQ6W3xn5FA3XdsXjx9_fXHvAs_T9UlXRu-6HOF0l__DOY&sig=Cg0ArKJSzC8URHhBuxA8EAE&cid=CAASF-RogQ4e-WnZKaGKcDlASXGxNFvMMgne&id=ampim&o=315,60&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1095&mtos=0,0,0,1095,1095&tos=0,0,0,1095,0&tfs=106&tls=1201&g=100&h=100&tt=1201&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2722686511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 35F2 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 50396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 18:21:26 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 35F2 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:15:39 GMT
x-content-type-options: nosniff
age: 453943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 02:15:39 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame DCE7 2 KB
1 KB 319ms
17ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires: Tue, 09 Nov 2021 09:21:23 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1049240
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOCRalsPB4QDG5iGXj3kKuNwqBxa%2FN6yC0Eo6%2BoHpOtp3P2n2Avobxyi4IXthgiSk3PZ7QzB%2F5f7D0sXiBCJAXNEr3JFdY%2BMkua%2Fup3R5OU8ZClfS5SqnnbCnXbiGh9Yh7tmUUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ab5a09488d01756-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4m.at/ Frame 10FE 2 KB
1 KB 333ms
33ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires: Tue, 09 Nov 2021 09:21:23 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1049240
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Bwc4U%2F8pFOCFLyrqZqzvqo4fFKda%2FI8%2FO5Kvj59egAPGIv8SNz%2F5Hu96WUx95KnjRLOzzh3q5IDIrUrbVbeV7cv5nEvAL8J8%2Fr2hnIOkfZb6a%2B7DW3w3qDz%2FjSPpnjWILdSOqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ab5a09488d31756-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4m.at/ Frame C5B4 2 KB
1 KB 334ms
37ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires: Tue, 09 Nov 2021 09:21:23 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1049240
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DimnMP7%2BUlM6aPhVQlWJibL1vz5GdRywiWupa0nT3v9rWTucKWhnEtJDNFddRZDYX9T%2F7kVyLSqQapiqrRWdyhnfTE7xeV%2Fe1WnSTT5WmORIuoPjgsdOtt6zuSaJYWeAa9mfpdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ab5a09488d51756-FRA
content-encoding: br

POST
H2 204 csi
csi.gstatic.com/ Frame 0214 0
54 B 302ms
255ms Ping
image/gif 2800:3f0:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kvrtqu85&c=460252161816&slotId=230126080908&qqid=CJ775drsivQCFVH5dwodjIEDQA&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F41da6f2331623d3b8845889ffd3555e0.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:81d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0214 0
54 B 298ms
252ms Ping
image/gif 2800:3f0:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~kvrtqujz&c=460252161816&slotId=230126080908&qqid=CJ775drsivQCFVH5dwodjIEDQA&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ff8b2bdb732dad463b772cb50ae38401b.js%253Ftag%253Dvideo_location%252Fweb_och&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:81d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0214 0
327 B 298ms
252ms Ping
image/gif 2800:3f0:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~kvrtquk0&c=460252161816&slotId=230126080908&qqid=CJ775drsivQCFVH5dwodjIEDQA&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fc5d443f94f59031b290788a54ae3dbc2.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:81d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0214 0
54 B 300ms
254ms Ping
image/gif 2800:3f0:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~kvrtquk0&c=460252161816&slotId=230126080908&qqid=CJ775drsivQCFVH5dwodjIEDQA&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fmts0.google.com%252Fvt%252Fdata%253DVIAgeyNkoV8Ec9TSEsD6-odQMMFkoeQD1KhX0YawYtIzZKPeuCCWHtDkb-akjdSHPQrtjdLZ5ft2-d4GIn4&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:81d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5B7E 0
191 B 97ms
30ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIdT1VL3a2sgftLKInqhTIU&google_cver=1&google_push=AYg5qPKMsJP4ZSvfd2AU58Q0gg-FaX_Qp29e0kruL29obmIEMriBWlYYDw-GDFfw3sl5cUay_iwnIu2ZQThBPDJCJH3-rdpYczM
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5B7E
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEK0dMiT2cKms3sreFl3ACh0&google_cver=1&google_push=AYg5qPJZByAiKiVF9BIVJHuf655Zx0uDol0l33xlFurdIFKUKZwLkMt4FQeUtEVhUAW7t-mbjokbuNjt5YiA_bK7DelF5FBLr0M
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SGw4UTdtRXJDRE84cktqZWd5LUtZUQ%3D%3D&google_push=AYg5qPJZByAiKiVF9BIVJHuf655Zx0uDol0l33xlFurdIFKUKZwLkMt4FQeUtEVhUAW7t-mbjokbuNjt5YiA_...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SGw4UTdtRXJDRE84cktqZWd5LUtZUQ%3D%3D&google_push=AYg5qPJZByAiKiVF9BIVJHuf655Zx0uDol0l33xlFurdIFKUKZwLkMt4FQeUtEVhUAW7t-mbjokbuNjt5YiA_bK7DelF5FBLr0M

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SGw4UTdtRXJDRE84cktqZWd5LUtZUQ%3D%3D&google_push=AYg5qPJZByAiKiVF9BIVJHuf655Zx0uDol0l33xlFurdIFKUKZwLkMt4FQeUtEVhUAW7t-mbjokbuNjt5YiA_bK7DelF5FBLr0M
date: Tue, 09 Nov 2021 08:21:23 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 242
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 5B7E 0
474 B 14ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPKwwC4k0JESqCJrMr62op-whroY8IrYsSLgCjmTKh3f4ihE63vBg9YImuEnGJXQT3JykcN5C5dUCW8GMY21XNWVy9qsfNM%26google_hm%3D%5BUID%5D&google_gid=CAESEMxAPwHMRf8ZGn8yqSVIGfY&google_cver=1

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:23 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5B7E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIyy_9ihNdVLdWHCBmBW958&google_cver=1&google_push=AYg5qPLj4hl0zLX2ccIfmkmqR_9YBatmxQLx9gMWGzE4mSOcN5YbwvC9GUHRBudNrl6ljSuk-dXiZjG1KiTaDXEFx...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIyy_9ihNdVLdWHCBmBW958&google_cver=1&google_push=AYg5qPLj4hl0zLX2ccIfmkmqR_9YBatmxQLx9gMWGzE4mSOcN5YbwvC9GUHRBudNrl6ljSuk-dXiZjG1KiTaDXEFx...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLj4hl0zLX2ccIfmkmqR_9YBatmxQLx9gMWGzE4mSOcN5YbwvC9GUHRBudNrl6ljSuk-dXiZjG1KiTaDXEFxXafWL2xzOU&google_hm=7e03891c2017d4ea83bd147f

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLj4hl0zLX2ccIfmkmqR_9YBatmxQLx9gMWGzE4mSOcN5YbwvC9GUHRBudNrl6ljSuk-dXiZjG1KiTaDXEFxXafWL2xzOU&google_hm=7e03891c2017d4ea83bd147f

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLj4hl0zLX2ccIfmkmqR_9YBatmxQLx9gMWGzE4mSOcN5YbwvC9GUHRBudNrl6ljSuk-dXiZjG1KiTaDXEFxXafWL2xzOU&google_hm=7e03891c2017d4ea83bd147f
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5B7E
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEC1-U7eW_Oih-WoI4VtN_ig&google_cver=1&google_push=AYg5qPIJrNTfxU4uzf0xWBL37CJw8oK4BOfo-EAIJc9P2NgZjuMLEe8RyC_DvfgnI2W2ZtUepbzQrXA-zLAl4pdqk...
https://sm.rtb.mts.ru/match/second?ssp=12&google_push=AYg5qPIJrNTfxU4uzf0xWBL37CJw8oK4BOfo-EAIJc9P2NgZjuMLEe8RyC_DvfgnI2W2ZtUepbzQrXA-zLAl4pdqkQkwNgBLtiCG&exu=CAESEC1-U7eW_Oih-WoI4VtN_ig
https://tech.rtb.mts.ru/?dsp_uid=3689b9bb-f0a6-4033-8e59-2771e32ef693&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D3689b9bb-f0a6-4033-8e59-2771e32ef693%26g...
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=3689b9bb-f0a6-4033-8e59-2771e32ef693&google_push=AYg5qPIJrNTfxU4uzf0xWBL37CJw8oK4BOfo-EAIJc9P2NgZjuMLEe8RyC_DvfgnI2W2ZtUepbzQrXA-zLAl4pdq...

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=3689b9bb-f0a6-4033-8e59-2771e32ef693&google_push=AYg5qPIJrNTfxU4uzf0xWBL37CJw8oK4BOfo-EAIJc9P2NgZjuMLEe8RyC_DvfgnI2W2ZtUepbzQrXA-zLAl4pdqkQkwNgBLtiCG

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=3689b9bb-f0a6-4033-8e59-2771e32ef693&google_push=AYg5qPIJrNTfxU4uzf0xWBL37CJw8oK4BOfo-EAIJc9P2NgZjuMLEe8RyC_DvfgnI2W2ZtUepbzQrXA-zLAl4pdqkQkwNgBLtiCG
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5B7E
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECF92vJkgD1VEju4LIBomA0&google_cver=1&google_push=AYg5qPI_FmjTVU5vQtKHObfWaEiPSB_SMoMPI1xI-zZI3N_NjltZnyVHC-kKUEI68LhHwd5k3c-o7knNMGAWOKaVc0jJeMY...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPI_FmjTVU5vQtKHObfWaEiPSB_SMoMPI1xI-zZI3N_NjltZnyVHC-kKUEI68LhHwd5k3c-o7knNMGAWOKaVc0jJeMY29mmt&google_hm=MjYyNzUzNTQ...

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPI_FmjTVU5vQtKHObfWaEiPSB_SMoMPI1xI-zZI3N_NjltZnyVHC-kKUEI68LhHwd5k3c-o7knNMGAWOKaVc0jJeMY29mmt&google_hm=MjYyNzUzNTQxNDUyOTEwNDI3Mw==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPI_FmjTVU5vQtKHObfWaEiPSB_SMoMPI1xI-zZI3N_NjltZnyVHC-kKUEI68LhHwd5k3c-o7knNMGAWOKaVc0jJeMY29mmt&google_hm=MjYyNzUzNTQxNDUyOTEwNDI3Mw==
Date: Tue, 09 Nov 2021 08:21:23 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 5B7E 43 B
101 B 317ms
15ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEP3FLCeL05KD2Y_FINWb7g0&google_cver=1&google_push=AYg5qPKhgzpAAVVSIWA4L_P0GzTmwFJYeSScVbDIdDun8rERmMaQFRfWLwSdQ_ma2m0Qxh7gBoPFAhozv7Yxjmzc26wFX8Bs_2Ow

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 08:21:23 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5B7E 0
12 B 14ms
13ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEs6Jd6jyjUg-jLO_HgMvXklzoHcm5368yikKnMKzzBhzCNSzRGq7YxgEEeY8JmxWO0LAd8y7H

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B890
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDMeTwVAd96Q2BbA14kqk0o&google_cver=1&google_push=AYg5qPJgL_9S88r3OY2UV5y-c-RHI4rdm4UvAtNkfBQheHP0QObRHQ3V_nnvJQXgLL1I--hV8byveXf5R7iYaQun...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJgL_9S88r3OY2UV5y-c-RHI4rdm4UvAtNkfBQheHP0QObRHQ3V_nnvJQXgLL1I--hV8byveXf5R7iYaQunllETFzXKcpw

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJgL_9S88r3OY2UV5y-c-RHI4rdm4UvAtNkfBQheHP0QObRHQ3V_nnvJQXgLL1I--hV8byveXf5R7iYaQunllETFzXKcpw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJgL_9S88r3OY2UV5y-c-RHI4rdm4UvAtNkfBQheHP0QObRHQ3V_nnvJQXgLL1I--hV8byveXf5R7iYaQunllETFzXKcpw
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Nov 2021 08:21:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B890
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKRiRcXJX5ry0GYG7CQrL6k&google_cver=1&google_push=AYg5qPKTf80HqeoyQPP7GxECEy-W7nGvke3szNayqFlXyljf_FhcgAwO7-oscmnF0GanuGQE4tdE_7y5vauWaPJKSV7byAqz2To
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC0DFEEAF9014937A1D3C4474FE7C607&google_push=AYg5qPKTf80HqeoyQPP7GxECEy-W7nGvke3szNayqFlXyljf_FhcgAwO7-oscmnF0GanuGQE4tdE_7y5vauWaPJ...

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC0DFEEAF9014937A1D3C4474FE7C607&google_push=AYg5qPKTf80HqeoyQPP7GxECEy-W7nGvke3szNayqFlXyljf_FhcgAwO7-oscmnF0GanuGQE4tdE_7y5vauWaPJKSV7byAqz2To

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Nov 2021 08:21:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC0DFEEAF9014937A1D3C4474FE7C607&google_push=AYg5qPKTf80HqeoyQPP7GxECEy-W7nGvke3szNayqFlXyljf_FhcgAwO7-oscmnF0GanuGQE4tdE_7y5vauWaPJKSV7byAqz2To
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 08 Nov 2021 08:21:23 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame B890 43 B
124 B 313ms
14ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEE4bSrHa8nGt-PRAcE1ebaA&google_cver=1&google_push=AYg5qPIxMjWYk90xA9lg8j8N3J8eU1Lp0RgxMCrQcdCYSzTxjV068pU31AllrsRDT09oiLEmOu7f0T2r6Cl2D2IG8WxLPXABUT4

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 08:21:23 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B890
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIoUsrkAt-SNvCST3M56blk&google_cver=1&google_push=AYg5qPKn61BaLSPN3QF1UMawCoR7yXsolj-IVXfLY1bsMWqWa1No7IzJbMIp_pwFzKHmtEen0Nos8LAm3oS_J...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIoUsrkAt-SNvCST3M56blk&google_push=AYg5qPKn61BaLSPN3QF1UMawCoR7yXsolj-IVXfLY1bsMWqWa1No7IzJbMIp_pwFzKHmtEen0Nos8LAm3oS_J...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKn61BaLSPN3QF1UMawCoR7yXsolj-IVXfLY1bsMWqWa1No7IzJbMIp_pwFzKHmtEen0Nos8LAm3oS_JjcvLpSRNp-Prg&google_hm=OEJlZVU3SjBCR2hodlZfNG...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKn61BaLSPN3QF1UMawCoR7yXsolj-IVXfLY1bsMWqWa1No7IzJbMIp_pwFzKHmtEen0Nos8LAm3oS_JjcvLpSRNp-Prg&google_hm=OEJlZVU3SjBCR2hodlZfNG5tam4=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:23 GMT
P3p: CP="We do not support P3P header."
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKn61BaLSPN3QF1UMawCoR7yXsolj-IVXfLY1bsMWqWa1No7IzJbMIp_pwFzKHmtEen0Nos8LAm3oS_JjcvLpSRNp-Prg&google_hm=OEJlZVU3SjBCR2hodlZfNG5tam4=
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 234
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame B890 0
478 B 25ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPLTtzD__v8f-X6i5XH7K-byF3NraqvCyAJncME9mKYwJhidyJb5f8fYv98n0uCJBonYhS_R8goP_15nOQgNH8EHWq72aLI%26google_hm%3D%5BUID%5D&google_gid=CAESEMxAPwHMRf8ZGn8yqSVIGfY&google_cver=1

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:23 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame B890
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEInx5L25D2DgEnGOG4a7gH8&google_cver=1&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRl...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEInx5L25D2DgEnGOG4a7gH8&google_cver=1&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP3732...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP373...

0
0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame B890 0
75 B 91ms
20ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECS5L07zQtLKLWzhR5XTm0U&google_cver=1&google_push=AYg5qPJdRupf78oHYPpUv8sXa2OqWn9LyhLd9NKyTd7KwCFVBii0XtSuQn_a7EYgliiXW3UTq3a1lRoXb8Nv40xDT7_rvYU5ig
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B890 0
12 B 28ms
28ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_ttJsG44lpQRUlS3EuvFzQBN-UEqocV8xRCDdTv0g7FNt_4Z_jV4qj55HPS3tWb47rJXs

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET /
google2waycm.netmng.com/cm/ Frame 8FDE 0
0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8FDE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAmyjjUQo2zKU2PhyEexX40&google_cver=1&google_push=AYg5qPLC5-oRpGIDUcijHOLj0kkZxs28Fhatze6CnMGWxWwIFKogQrtlBqWZwOnNLjdJb2_XeUSoOgOuytjBlMHabh9rOPOfnKM&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAmyjjUQo2zKU2PhyEexX40&google_cver=1&google_push=AYg5qPLC5-oRpGIDUcijHOLj0kkZxs28Fhatze6CnMGWxWwIFKogQrtlBqWZwOnNLjdJb2_XeUSoOgOuytjBlMHabh9rOPOfnKM...

43 B
415 B

183ms
174ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAmyjjUQo2zKU2PhyEexX40&google_cver=1&google_push=AYg5qPLC5-oRpGIDUcijHOLj0kkZxs28Fhatze6CnMGWxWwIFKogQrtlBqWZwOnNLjdJb2_XeUSoOgOuytjBlMHabh9rOPOfnKM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLC5-oRpGIDUcijHOLj0kkZxs28Fhatze6CnMGWxWwIFKogQrtlBqWZwOnNLjdJb2_XeUSoOgOuytjBlMHabh9rOPOfnKM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ab5a0944b35c303-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 150
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ab5a09319a6c303-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAmyjjUQo2zKU2PhyEexX40&google_cver=1&google_push=AYg5qPLC5-oRpGIDUcijHOLj0kkZxs28Fhatze6CnMGWxWwIFKogQrtlBqWZwOnNLjdJb2_XeUSoOgOuytjBlMHabh9rOPOfnKM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLC5-oRpGIDUcijHOLj0kkZxs28Fhatze6CnMGWxWwIFKogQrtlBqWZwOnNLjdJb2_XeUSoOgOuytjBlMHabh9rOPOfnKM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FDE
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEK0dMiT2cKms3sreFl3ACh0&google_cver=1&google_push=AYg5qPJN1IATy8iJv8KgxPsH3mQYNbt4xpTy6Hv5-1W0l8ZCrgk42Wy_drwB7XLbNX52bspQOObFfFZR-xqqjO9YFbxKqtYh2pNL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UGc1SENFNXNBM0t5RGVSdmd5LUtZUQ%3D%3D&google_push=AYg5qPJN1IATy8iJv8KgxPsH3mQYNbt4xpTy6Hv5-1W0l8ZCrgk42Wy_drwB7XLbNX52bspQOObFfFZR-xqqj...

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UGc1SENFNXNBM0t5RGVSdmd5LUtZUQ%3D%3D&google_push=AYg5qPJN1IATy8iJv8KgxPsH3mQYNbt4xpTy6Hv5-1W0l8ZCrgk42Wy_drwB7XLbNX52bspQOObFfFZR-xqqjO9YFbxKqtYh2pNL

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UGc1SENFNXNBM0t5RGVSdmd5LUtZUQ%3D%3D&google_push=AYg5qPJN1IATy8iJv8KgxPsH3mQYNbt4xpTy6Hv5-1W0l8ZCrgk42Wy_drwB7XLbNX52bspQOObFfFZR-xqqjO9YFbxKqtYh2pNL
date: Tue, 09 Nov 2021 08:21:23 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 243
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FDE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPO9O9WeFPRagKVQYODcH3Y&google_cver=1&google_push=AYg5qPKjgIXzwbZ7CWH61Zoj-7Dr3HX9FoCx_beC65o3V7l77RM7e0WchRQij2choUaJI49-EsXTWsk82I16vsNAKrRMcrV...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKjgIXzwbZ7CWH61Zoj-7Dr3HX9FoCx_beC65o3V7l77RM7e0WchRQij2choUaJI49-EsXTWsk82I16vsNAKrRMcrVMZDhN&google_hm=NjIxNjM0NzY1NTcwMzA1Mj...

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKjgIXzwbZ7CWH61Zoj-7Dr3HX9FoCx_beC65o3V7l77RM7e0WchRQij2choUaJI49-EsXTWsk82I16vsNAKrRMcrVMZDhN&google_hm=NjIxNjM0NzY1NTcwMzA1MjMwMQ%3D%3D

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Nov 2021 08:21:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKjgIXzwbZ7CWH61Zoj-7Dr3HX9FoCx_beC65o3V7l77RM7e0WchRQij2choUaJI49-EsXTWsk82I16vsNAKrRMcrVMZDhN&google_hm=NjIxNjM0NzY1NTcwMzA1MjMwMQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FDE
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFtcxkI09c4N3wHQoujheLE&google_cver=1&google_push=AYg5qPJvDZ3JTfvnbRA8_lIJpEUThQ5LJ29usC-0Ns8UR0bTZoeQW6CrUucJZR8xVIEOHBuk_0XhBLtToNc_O0reAlAXqZPZ8pk
https://rtb.openx.net/sync/dds?google_gid=CAESEFtcxkI09c4N3wHQoujheLE&google_cver=1&google_push=AYg5qPJvDZ3JTfvnbRA8_lIJpEUThQ5LJ29usC-0Ns8UR0bTZoeQW6CrUucJZR8xVIEOHBuk_0XhBLtToNc_O0reAlAXqZPZ8pk&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJvDZ3JTfvnbRA8_lIJpEUThQ5LJ29usC-0Ns8UR0bTZoeQW6CrUucJZR8xVIEOHBuk_0XhBLtToNc_O0reAlAXqZPZ8pk&google_hm=qeN20aRkzM0_FFsW_qiRUw==

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJvDZ3JTfvnbRA8_lIJpEUThQ5LJ29usC-0Ns8UR0bTZoeQW6CrUucJZR8xVIEOHBuk_0XhBLtToNc_O0reAlAXqZPZ8pk&google_hm=qeN20aRkzM0_FFsW_qiRUw==

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJvDZ3JTfvnbRA8_lIJpEUThQ5LJ29usC-0Ns8UR0bTZoeQW6CrUucJZR8xVIEOHBuk_0XhBLtToNc_O0reAlAXqZPZ8pk&google_hm=qeN20aRkzM0_FFsW_qiRUw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: hdg1nq029l4o2fvasbcul7psm4nrced3

GET

pixel
cm.g.doubleclick.net/ Frame 8FDE
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEInx5L25D2DgEnGOG4a7gH8&google_cver=1&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEInx5L25D2DgEnGOG4a7gH8&google_cver=1&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__M...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FDE
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPJ-dPE2qkgTlS7xAy1Kvg-dicN8dzVm4u57F-cCeKuASI3lQEw-...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPJ-dPE2qkgTlS7xAy1Kvg-dicN8dzVm4u57F-cCeKuASI3lQEw-...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPJ-dPE2qkgTlS7xAy1Kvg-dicN8dzVm4u57F-cCeKuASI3lQE...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNjQzMGU1OS00MTM2LTExZWMtOWNlMi0wMjI4ZDAzZDk3YWM%3D&google_push=AYg5qPJ-dPE2qkgTlS7xAy1Kvg-dicN8dzVm4u57F-cCeKuASI3lQEw-3zjw9gTJA6...

170 B
188 B

16ms
15ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNjQzMGU1OS00MTM2LTExZWMtOWNlMi0wMjI4ZDAzZDk3YWM%3D&google_push=AYg5qPJ-dPE2qkgTlS7xAy1Kvg-dicN8dzVm4u57F-cCeKuASI3lQEw-3zjw9gTJA6Hrm4R1rTb_GSsf6xoD1K0u9pmpds-la-LHkw

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNjQzMGU1OS00MTM2LTExZWMtOWNlMi0wMjI4ZDAzZDk3YWM%3D&google_push=AYg5qPJ-dPE2qkgTlS7xAy1Kvg-dicN8dzVm4u57F-cCeKuASI3lQEw-3zjw9gTJA6Hrm4R1rTb_GSsf6xoD1K0u9pmpds-la-LHkw
date: Tue, 09 Nov 2021 08:21:23 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8FDE 0
12 B 14ms
14ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IB_30bGNtr8XyJaZqx7FIoTVlGXcsxCCm_llFDl99Yx807yGP5kvJco3Si0za6WIMsV235Dw

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EC58
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHgPGK6xpyWRwqbesU2nTlA&google_cver=1&google_push=AYg5qPI24GyzgJ0hVT_R9lYhxfqJMhLLqpJnLjf-s93UkWMvyDp3fSJhm7jNMmPu4C7kXWSLe9qvY9loMEgDbn2oCIb9rNy-gEaa
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ0NzI0MjI0NTgwODYwMTEzNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHgPGK6xpyWRwqbesU2nTlA&google_cver=1

43 B
407 B

32ms
16ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHgPGK6xpyWRwqbesU2nTlA&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHgPGK6xpyWRwqbesU2nTlA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame EC58 70 B
264 B 37ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAghtHOZ5leKBFaDhHe5os4&google_cver=1&google_push=AYg5qPJZE42eV2TyFHH7nNdk1SWQkp4c1Rrk17DJj_Ri5EVyfAOXgE1pdkEGWhdWQqYhmFEx431IMyH_x_hvtY0qw8vTUJc61lZz
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC58
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEJcanytDQdwEIhUijr6SBM&google_cver=1&google_push=AYg5qPJ9h9aeHKBfiz_D3U2MnM6EdbUTmfRZNP9UHJSKPJ_ZlFJZGP_SS7DcBGVXmX2Jbd75NSYm6m_lwPc...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJ9h9aeHKBfiz_D3U2MnM6EdbUTmfRZNP9UHJSKPJ_ZlFJZGP_SS7DcBGVXmX2Jbd75NSYm6m_lwPcyshiVhtAsyTelbCVd&google_hm=b2HtQNc4RLOF6vjA89x3SFA

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJ9h9aeHKBfiz_D3U2MnM6EdbUTmfRZNP9UHJSKPJ_ZlFJZGP_SS7DcBGVXmX2Jbd75NSYm6m_lwPcyshiVhtAsyTelbCVd&google_hm=b2HtQNc4RLOF6vjA89x3SFA

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJ9h9aeHKBfiz_D3U2MnM6EdbUTmfRZNP9UHJSKPJ_ZlFJZGP_SS7DcBGVXmX2Jbd75NSYm6m_lwPcyshiVhtAsyTelbCVd&google_hm=b2HtQNc4RLOF6vjA89x3SFA
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC58
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECHApiOLjO4mwoUdtCMprYE&google_cver=1&google_push=AYg5qPLsHbZraT13K2qcBw8z3DUcNHBvaU6qafvd-8pE8lKX1_pPHRysLAAbLAmADlZmLGfDzxTKRpwxDfQlTUVS...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Ei76DnPRR60rzsBdG22hg2&google_push=AYg5qPLsHbZraT13K2qcBw8z3DUcNHBvaU6qafvd-8pE8lKX1_pPHRysLAAbLAmADlZmLGfDzxTKRpwxDfQlTUVSLiKil9z0KDuq

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Ei76DnPRR60rzsBdG22hg2&google_push=AYg5qPLsHbZraT13K2qcBw8z3DUcNHBvaU6qafvd-8pE8lKX1_pPHRysLAAbLAmADlZmLGfDzxTKRpwxDfQlTUVSLiKil9z0KDuq

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Nov 2021 08:21:23 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8Ei76DnPRR60rzsBdG22hg2&google_push=AYg5qPLsHbZraT13K2qcBw8z3DUcNHBvaU6qafvd-8pE8lKX1_pPHRysLAAbLAmADlZmLGfDzxTKRpwxDfQlTUVSLiKil9z0KDuq
x-host: tde-deliveryengine-production-55f754bb97-c676r
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK us.php
c.eu1.dyntrk.com/adx/ga/ Frame EC58 0
215 B 60ms
14ms Image
text/plain 51.178.20.140
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEFQq_hWJ3QYxdGLxY8NR76s&google_cver=1&google_push=AYg5qPIjg8Wac-QZ4AnTPITVn-NXL1RxO9Mi95tvOdsVlf34cGHC-lXnZfI2jEvcdF-R96zUgSRrknvA_LbbeLF7jNysXGHXeA
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31193670.ip-51-178-20.eu
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC58
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFjcHv80LKxg1foIDVidzBc&google_cver=1&google_push=AYg5qPL8G_rOZ6xJps-fOjcmiaqYaIx3cHENQkUpFTenCJO65mpSXApQWQqnXoc9ODmzqFxWoN5kAoG5MdX4FSuH...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL8G_rOZ6xJps-fOjcmiaqYaIx3cHENQkUpFTenCJO65mpSXApQWQqnXoc9ODmzqFxWoN5kAoG5MdX4FSuHD8BA_a9cXPsq

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL8G_rOZ6xJps-fOjcmiaqYaIx3cHENQkUpFTenCJO65mpSXApQWQqnXoc9ODmzqFxWoN5kAoG5MdX4FSuHD8BA_a9cXPsq

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Nov 2021 08:21:23 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL8G_rOZ6xJps-fOjcmiaqYaIx3cHENQkUpFTenCJO65mpSXApQWQqnXoc9ODmzqFxWoN5kAoG5MdX4FSuHD8BA_a9cXPsq
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: lagWEyGPZlUNchM4e05ffSDWSxtR7vH1iL0h59LZJnTSfaBuadN4lg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC58
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPmrR_SGLPMYdeIVC3xh3xA&google_cver=1&google_push=AYg5qPJjYX86CAuXfQM3TGEC5IA7Q5Ca_k9-TjhwN0kN_VGG38ImjzPcgp0G_zF0q9UjfYP2b09_0Uaz-C5-Vk-IJkRo9Q6cAoQ
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJjYX86CAuXfQM3TGEC5IA7Q5Ca_k9-TjhwN0kN_VGG38ImjzPcgp0G_zF0q9UjfYP2b09_0Uaz-C5-Vk-IJkRo9Q6cAoQ&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTQyMTkyODA0NjIyNTEzNzc1NQ%3D%3D&google_push=AYg5qPJjYX86CAuXfQM3TGEC5IA7Q5Ca_k9-TjhwN0kN_VGG38ImjzPcgp0G...

170 B
188 B

16ms
15ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTQyMTkyODA0NjIyNTEzNzc1NQ%3D%3D&google_push=AYg5qPJjYX86CAuXfQM3TGEC5IA7Q5Ca_k9-TjhwN0kN_VGG38ImjzPcgp0G_zF0q9UjfYP2b09_0Uaz-C5-Vk-IJkRo9Q6cAoQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTQyMTkyODA0NjIyNTEzNzc1NQ%3D%3D&google_push=AYg5qPJjYX86CAuXfQM3TGEC5IA7Q5Ca_k9-TjhwN0kN_VGG38ImjzPcgp0G_zF0q9UjfYP2b09_0Uaz-C5-Vk-IJkRo9Q6cAoQ
date: Tue, 09 Nov 2021 08:21:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EC58 0
12 B 16ms
15ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZjH9DpgGQH-izhQrOu9Vz4NDCpsVrg9Vqquqy-X_IH4gNhLrE_6KPsh_FV8_49uCPpkey

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FE2
Redirect Chain

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEEu2idTvsNfV3KEsIPEn2uE&google_cver=1&google_push=AYg5qPKEHqkTUaibUFJBw9Gyf5FYgbjmAeqxMtqLXDEGML9sjfItw53DI4gZlfklFw4UYOty_nWmsytGCrqcC27wuR3Y...
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPKEHqkTUaibUFJBw9Gyf5FYgbjmAeqxMtqLXDEGML9sjfItw53DI4gZlfklFw4UYOty_nWmsytGCrqcC27wuR3Y24Q3Mg

170 B
188 B

15ms
15ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPKEHqkTUaibUFJBw9Gyf5FYgbjmAeqxMtqLXDEGML9sjfItw53DI4gZlfklFw4UYOty_nWmsytGCrqcC27wuR3Y24Q3Mg

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPKEHqkTUaibUFJBw9Gyf5FYgbjmAeqxMtqLXDEGML9sjfItw53DI4gZlfklFw4UYOty_nWmsytGCrqcC27wuR3Y24Q3Mg
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FE2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=omt1Wah8QzWvvxuJ73XAlQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=omt1Wah8QzWvvxuJ73XAlQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIcwhflfs-e25GKx_nOyQ5kuWZNOWnqzq1OXUghaO3wNIJe9im2SjZMaWvOLdeUydYoLc4_RUmtBrjPC-jmBLI2p84wx_s

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=omt1Wah8QzWvvxuJ73XAlQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIcwhflfs-e25GKx_nOyQ5kuWZNOWnqzq1OXUghaO3wNIJe9im2SjZMaWvOLdeUydYoLc4_RUmtBrjPC-jmBLI2p84wx_s
date: Tue, 09 Nov 2021 08:21:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FE2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAkvrik1DcfY5FXFc1gVdE8&google_cver=1&google_push=AYg5qPK2gq3TmuIPxMqV9cjDfkJiBELPEhRC30XqePvhLEWQ3xbIxuxvPL5Cjhs3r-9pAqalFEZ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPK2gq3TmuIPxMqV9cjDfkJiBELPEhRC30XqePvhLEWQ3xbIxuxvPL5Cjhs3r-9pAqalFEZ6xNs-xdJG_blAvhSgtB59erw

170 B
188 B

19ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPK2gq3TmuIPxMqV9cjDfkJiBELPEhRC30XqePvhLEWQ3xbIxuxvPL5Cjhs3r-9pAqalFEZ6xNs-xdJG_blAvhSgtB59erw

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSVFFTWlotUy1JSTRM&google_push=AYg5qPK2gq3TmuIPxMqV9cjDfkJiBELPEhRC30XqePvhLEWQ3xbIxuxvPL5Cjhs3r-9pAqalFEZ6xNs-xdJG_blAvhSgtB59erw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FE2
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIyy_9ihNdVLdWHCBmBW958&google_cver=1&google_push=AYg5qPLOLvOcN2MgP50_8aotPwKxF55Ipx_GyMNvoU3Q3tlufZWL1duOmPiRxqm9_ue6F0Q78IXwlp1XRa2L8IZFu...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIyy_9ihNdVLdWHCBmBW958&google_cver=1&google_push=AYg5qPLOLvOcN2MgP50_8aotPwKxF55Ipx_GyMNvoU3Q3tlufZWL1duOmPiRxqm9_ue6F0Q78IXwlp1XRa2L8IZFu...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLOLvOcN2MgP50_8aotPwKxF55Ipx_GyMNvoU3Q3tlufZWL1duOmPiRxqm9_ue6F0Q78IXwlp1XRa2L8IZFuq9ClHeYX6s&google_hm=7e03891c2017d4ea83bd147f

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLOLvOcN2MgP50_8aotPwKxF55Ipx_GyMNvoU3Q3tlufZWL1duOmPiRxqm9_ue6F0Q78IXwlp1XRa2L8IZFuq9ClHeYX6s&google_hm=7e03891c2017d4ea83bd147f

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLOLvOcN2MgP50_8aotPwKxF55Ipx_GyMNvoU3Q3tlufZWL1duOmPiRxqm9_ue6F0Q78IXwlp1XRa2L8IZFuq9ClHeYX6s&google_hm=7e03891c2017d4ea83bd147f
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 6FE2 0
75 B 72ms
21ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECS5L07zQtLKLWzhR5XTm0U&google_cver=1&google_push=AYg5qPJZfmEPd_DPp_PUvQ8twB1IvFnqAvCD_0m-84lDrq5YW31Lus6ltSmbihYd7f-MmGhDN9mrnGASb-SveTwp4J0sj5yPcMc
Requested by: Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:22 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FE2
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPLBrMKdOUb6ZD4rlCZ5PJc57MnrrkdppmEdm_z0ym3jRA4jQ4sd...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPLBrMKdOUb6ZD4rlCZ5PJc57MnrrkdppmEdm_z0ym3jRA4jQ4sd...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEK_ZRlTZe22CADRSZQUoinY&google_cver=1&google_push=AYg5qPLBrMKdOUb6ZD4rlCZ5PJc57MnrrkdppmEdm_z0ym3jRA4jQ4...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNjQzMGU1OS00MTM2LTExZWMtOWNlMi0wMjI4ZDAzZDk3YWM%3D&google_push=AYg5qPLBrMKdOUb6ZD4rlCZ5PJc57MnrrkdppmEdm_z0ym3jRA4jQ4sdxFoZkZCj2u...

170 B
188 B

15ms
15ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNjQzMGU1OS00MTM2LTExZWMtOWNlMi0wMjI4ZDAzZDk3YWM%3D&google_push=AYg5qPLBrMKdOUb6ZD4rlCZ5PJc57MnrrkdppmEdm_z0ym3jRA4jQ4sdxFoZkZCj2uNPktG7tRU0sfeSpjT-rMb91UHUHAEThXQF

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwNjQzMGU1OS00MTM2LTExZWMtOWNlMi0wMjI4ZDAzZDk3YWM%3D&google_push=AYg5qPLBrMKdOUb6ZD4rlCZ5PJc57MnrrkdppmEdm_z0ym3jRA4jQ4sdxFoZkZCj2uNPktG7tRU0sfeSpjT-rMb91UHUHAEThXQF
date: Tue, 09 Nov 2021 08:21:23 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FE2
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECF92vJkgD1VEju4LIBomA0&google_cver=1&google_push=AYg5qPJ2IBEhLUZFfVHIOKt5eQaN4v2k2TkzHNgoOhty3qiZS6yPreyuuq17XfM9m3SQaoF2Eghwh35lrbiwi40KyM3E4KZ...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJ2IBEhLUZFfVHIOKt5eQaN4v2k2TkzHNgoOhty3qiZS6yPreyuuq17XfM9m3SQaoF2Eghwh35lrbiwi40KyM3E4KZ1AL0&google_hm=MjYyNzUzNTQx...

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJ2IBEhLUZFfVHIOKt5eQaN4v2k2TkzHNgoOhty3qiZS6yPreyuuq17XfM9m3SQaoF2Eghwh35lrbiwi40KyM3E4KZ1AL0&google_hm=MjYyNzUzNTQxNDUyOTEwNDI3Mw==

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJ2IBEhLUZFfVHIOKt5eQaN4v2k2TkzHNgoOhty3qiZS6yPreyuuq17XfM9m3SQaoF2Eghwh35lrbiwi40KyM3E4KZ1AL0&google_hm=MjYyNzUzNTQxNDUyOTEwNDI3Mw==
Date: Tue, 09 Nov 2021 08:21:23 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6FE2 0
12 B 16ms
15ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUxRIWEO8CpZdB4uBkXTJ8M4k64oPSz2d2-LO1Vu9ompcvZGjimNXdgAyzY0VvElQkq2LUvXE

Requested by

Host: 82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
URL: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0214 42 B
224 B 22ms
16ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CJKFggC-KYZ67OtHy3wOMg46ABKXQ76NmpffXjvAOZBABIK33uB9glYKAgLgHoAHMqLDgA8gBCakCMsDzh492sz7gAgCoAwHIA5sEqgTtAU_QFw5yrC9RgFpkpsOY954wuRwLSbktw6UNlB5F3wqXDyzgQVDDJc6VYioAcs8G39lE92C-SE2CB6wrqoaj7_rCWtomN1MomQVRRgz26OTBlAcYlXiH80eTRxb3npTrmZTonX063ldos7aFRtS1LuVs8U4Lg92pO-GdVsY9ub9dLj25qFxC6yZM3H_xveSLeluuP81I680pglCmmMR62hrjCw3LtGu8YR9Npu3LTDnLkCWMUp5hNtzRWkkp6BDdPel1PYb-wocRJcRZccwCvXWoRrUqcb2OT7WSN7IwH5ZGLci__THjw0ZoK52viMAExpf7hN0D4AQBoAYugAec8rIgqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHbEJBcPillHTYSyACgOKCoQDaHR0cHM6Ly90cmFja2luZy5lcm5zdGluZ3MtZmFtaWx5LmRlL21peC9jMy8_dGNzPTM1NjUmY2huPU8yTyZzcmM9R29vZ2xlJmN0eT1kZSZhY2NfaWQ9MzE0LTEzMC05OTI0JmFkX2lkPTU1ODUwMjQ5Nzc1NCZhZD1EaXNwbGF5JmFuemVpZ2VfdHlwPVN0YXRpc2NoJmFkX2dwX2lkPTEyODA1NDExOTM2NiZ0Y2xpZD01NTg1MDI0OTc3NTQmY21wPUNfODAwMV9Mb2NhbF9DYW1wYWlnbl9Qcm9zcGVjdGluZ19uZXUmY21wX25hbWU9R1dfYXBwZ2FtZV8wMzExMjAyMSZjbXBfY2x1PUFsbGdlbWVpbiZjbXBfaWQ9MTE4MjM5Nzc3MTImcGxtdD1Mb0NhJnRyZ3Q9QXVkaWVuY2UmY3RfdHJndD1Qcm9zcGVjdGluZyZjbXBfaWQ9MTE4MjM5Nzc3MTImZ2NsaWQ9e2djbGlkfSZ1cmw9e2xwdXJsfZgLAcgLAeALAYAMAZgMm6moyPYDuAwBuBOhBNgTDtAVAZgWAYAXAQ&sigh=yieN2tGmo2A&cid=CAQSPACNIrLMucSYGrD4Gd6O1yEpznPwTPOziz2Sb4QVzTgKHKTU7HxhV9DXht7fOZcVcR3jSsxdsbMmIIOeXw&label=adresume

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 9ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 2515
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19177-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1636446083.058024,VS0,VE0
date: Tue, 09 Nov 2021 08:21:23 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 46
x-cache-hits: 12842

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=581957119321683&bg=!qKulq-_NAAYH3anuB907ACkAdvg8Wo020vsG196B7quFqsrQK5lidmOLFlKSl_GT6XolO4pMGJHkHgIAAAQzUgAAACpoAQeZAqxg6cNWBNEdwbWLTCWTD5zG_jXk90Mc4T_zwQXIYMrjgwB6pCM3CYZdiEPumu9_QwJdgbPxH2nADHAEWxjDe7LEZxn1ARmfUkp3RhJlDCpixtE8Vvcnyt7XiHXefNW-rs6zyzBpGLeGfcdd2xGeA4bj-WVv08HLHsHWCTM6sRZC5ebVLtX-DnMaGJ9RCZpoTazkL1eoVcAzWOUuSxOEXLBhwLwp0gFzqzPlv_nfwyGoCchtMcWFaif0HFIp0mOWofJXu26NZr7HFo0JK-IwPBogD6G6gBwms0gpcZ2sYEa178csUeOp1BF9fsWtn45UDtdG21FHWVWR2wRsca5ycgzCX-f-THufkoGnnSJYmD5PpPLk8LILi5sUC3-KJv69wfVlPu3nJsusF1Taig0bS_oq142wH9cHiCJbVpdo688trWpjFagiT-aqgn5D5YbkykvX6X83JnqdtgExOk8c2f1TkM41OG_ZfKHSkUwrvcSYsilsciEYV5LL0C0NlX8_i7w98dr0tekHQY7c9EvAUzUcKIYiQ37jPkOt3lKqL3uWeVGvmuw5QCIgYBX4bFq2ZTQZj10A_5D6Cgw_O-Y4q7S1FtvbIFmTDOfeq3e7MLwOQDSE3WFryciDKzao5UtxDQpuKQUqlU57sovYj2cOblF4kGFjlmZBcgiXGjMVqVwlrCXa7LW_c5r7ulOBzCcQ9CUN_c89N_N5cjv_XZFX_eH-73JtAbSA6N6gZBdjpP2iBRh2gZ2DrAGuYI3NcE1LJPjATboHKWLMsTb6rTJHSQKcpuAXfFoOWiDYIUuDoVzPSIO5m9rVTAAHPDPLG7SovFhl4VClTtlyuVfTfqpAjsxK8mInc3lSda38LSOaYZPxVXwqCs6nD7rZOGVLvbwPrIxKvfyiQWrlAdCtQnA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
pips.taboola.com/ 64 B
242 B 21ms
6ms XHR
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ecba73703f7842ce16befbdcbc8a78b2fee971c6b74960904f8ce99b01dd7acc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19173-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.tvnotas.com.mx
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 257ms
84ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=67950498-1729-42c4-b9f4-c553a2000364-tuct883b500&uad=1113463442f689efcc24506bc8298dcc9af3062b6942f9196a62db97a8bf8c5f
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 09 Nov 2021 08:21:23 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0214 42 B
108 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rs Show response
ad4m.at/ Frame 8EA0 2 KB
1 KB 28ms
28ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7c29e46a5d39465d2cd1e2e13de3e7a87ed21cd99ca01371332d4600ec9e72

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6ab5a0952deb5c92-FRA
date: Tue, 09 Nov 2021 08:21:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8%2Bf8YYWcT55wjKhhhpY57PZDuc3kzUpuowFGt4%2FLnK9zgW9rdfcaxP%2BjuIb0EceN%2F%2BiUrA7yVkggpFzMWLDXgiaNLtTj5RDBZmq3FjXD7eCECdUaHBlLkDhjMxZDxl2RnCqCyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2sfw

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 60ms
43ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-2sfw
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5scf6W3%2B7t%2F0bgUGHPkOsEcKNv2F5Ri2wCs3yWZLtCb4tODIHP3PftqzOnzBaWhYoDEeCtPumjXmNzWA1SIV%2BJT01DGXDgeONgT3Yk7lYhv2BeS8uea4M4SSGSOQVU6vVKef7w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ab5a094fda25c92-FRA

POST
H2 200 rs Show response
ad4m.at/ Frame 36AF 2 KB
1 KB 31ms
29ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd854a9f3ebad6b4fb0a218e0ec267bb476cc304e5164d5ad82f287ec64b3ae

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6ab5a0952e0b5c92-FRA
date: Tue, 09 Nov 2021 08:21:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UXZyTduM3Qy%2BiAkXaWL8UgaWUeDnuUiWQ811InH3TAqSFTFaFJJUDxIy%2BxW3tWowtdB6REFb1DBMxa7lBVMdEe6iJtIADMRH8FgJ3z7fMsjXXoHNGmxf2e3g7AetiMsWgflMA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2sfw

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 26ms
26ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-2sfw
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMuuxcVreCUmY9u0WyfBUuzHZbmIEOhfXsrRGF5P7bJeQonNqVCC8Ka6Jl4oCAIpDTAS%2FvKQ7hIQkvFOIa6PZykVjS27jbbqCw%2FE%2BMAUv7%2B7KGsGgNbS4WjhOtQjYgPEZtFmOJc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ab5a094fdad5c92-FRA

POST
H2 200 rs Show response
ad4m.at/ Frame 0766 2 KB
1 KB 36ms
35ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ab582a7d4f13d53d24ff435e8225666bbd0541edaf5149a88359fdf5fc77c0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6ab5a0952e0d5c92-FRA
date: Tue, 09 Nov 2021 08:21:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arvtDnmBrvjetbFSamDu9N%2BJQEoEe98AUREK%2FJMLS2Bk6O2%2BiIkSu9e0dYcTs4iJHLVGO1JoDQV2DIGt1mVlYu8r0VD78L2yBAYc4wQcb5qhl2fDjxrygXMNEdLZ1T1Bz5rc2yk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2sfw

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 27ms
27ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-2sfw
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0N3dTpUDVQWttyjyJi4mTqoxG%2BYFEHirig3RV9%2FtsjJa6V6A4dFzNw7ouXiT%2FwpQSb5xTKxJd8WVvWw3EFJ0lofJlGJ9TAjluZUClMXY9Xopuiwd9sR6ZQPlQp%2FTTHjm4zf2pxk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ab5a094fdaf5c92-FRA

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 02A7 42 B
108 B 47ms
46ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0ZuclAsaNiXJBZ5No1-_WUeeAKDbyS2bbL3JR5ZgP3qVfAMSw6QLVQAL5EvZl39hHhh74UrVvB5ZtLF5glXPn7ZTxsXqFp7zo4F5Xn3ojDX5mZ8-jfQ&sai=AMfl-YSsG3laahR5sh0ldGZBtShWqS4zQZrkVfFnFpbnL3PWAOTWh0IuHvoLveEQE6jlf7zcwWipCnjdlbs-54gv0FD6FhQ9f9bGMyyfism1kvwmyj-q-XJRKBvD02MJ&sig=Cg0ArKJSzA840kzoCBxJEAE&cid=CAASF-RoF-Ie9NkHg4mL_1JluP1GVlexoLbw&id=ampim&o=125,60&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=292&tls=1292&g=100&h=100&tt=1292&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=252808437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3EF8 42 B
108 B 47ms
47ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCno0watv09dv5B8F0PQnU_khtAl28P8iCe5lDdv10XDioiA5Kyv5Sqoln6GkyrPmhGjyBdQXzW75GSexvV4tVVsjAmv_XMu9SRdChl3pRkhQmrk-JbA&sai=AMfl-YQXn0c4jjpRqPgoyTBZNL5_7KSwT8OZVq8tjoggpnwOnp8nh9_DlqLqf93LjYTUUCsBwF7kbTCquilTES8c8JijGCZ64VeXsmV3h4lrPTRx4QpuEOrUHk_XrNYF&sig=Cg0ArKJSzM9dkntPGMjqEAE&cid=CAASF-RoNynN0M-7SwVPUqjfPqw7FG_q3TMB&id=ampim&o=1316,60&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=311&tls=1314&g=100&h=100&tt=1314&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2059891187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 53C2 7 KB
4 KB 30ms
30ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64289c77638a8b2dd314e8ca26b3da3e15172b4d5b07ad39a2d31bebc386a719

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kgrbtrdk80tybhns6d2py3kq5ap9s3q2fse4h08qvn9tcbd60zz4766xvphjq04a5thbkvz718ae2qb6brzm0vpb3rhyykqz6b5cayw7ev2yq80y9x5r4a9bnp8n7s9wwfhap4ak85f3s81ee16xw6ysfwp96165pebtfrnpfv0yz4rpvywxpqay2kv2rxcdhwk78frkxy83wtxzc7xvqzshavvv4rg2pbtzmqmysmh0tht0jc65ct6k2281v3dddb6qdbrk7as50xf60g8eh2xnsf9wxzwe88pabnyenz84en1t97rbj108bs6zecf6pkn5gbng8x47cs8wjw7bnzpj5rnwjm34t6g788rm5qbz5h16x8bfbjvvv8ajk8vbs8h87jtmt2mcv5an3a30g2hqjqyqt53xcqss9m6aec7grxa5fdke&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%26client%3Dca-pub-2626566186821602%26adurl%3D

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ab5a09559cf1756-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 67AF 6 KB
3 KB 34ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a13fb8261a9d8d1e41d705f921753d3a66dabd6ac90849a1a7a9efe25deeaaa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jy0ty8kk9tmpy98609t1gkzphna2rehs9gh3xbe104a9e58xqj7swj45h7n63tq2bc333pf7y66e8dgdx9e4exn48qqkb6s5zpyqm5dvq3rrktkdmq7sa160r30kravq65cgrp2snweqpbyj057bwkcf5vrb0mt2ygvea57sgerwbwrqn32yn11c6syvxmybzwftm6b5vvwjxn3tep3x0zhzj8s7ga2ftr4zbnytq2e4y1wbnjmc2bf78w73kyhkrtz0a3nt4zqh1ypp4cf1q2ent2damkvp71p2wrq1k7rgtn5fhxqnawbp31vbpsnyc6a4856c9mg1m4yk2de7mcjmng0hn49ka802s5kn2p8m4mqgwk78zx1qj2ht4qrk2zdh634559hzmgt5w149a8ywhk94zkdx8pz71jf3q6w29g1dhrg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%26client%3Dca-pub-2626566186821602%26adurl%3D

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ab5a09559dd1756-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 957A 6 KB
3 KB 28ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac25896839ed33b7473c4590b00d27221ca6d4ea84a37f6e0a18506231eeda9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ghkfn2d4m38d8ve62pqfk22ek3wd0tcaw3qved8jrbxgwq65kmz46zk1vv4cypmnq70y4xpvdvjd66a03s2dp4w3rej9g4q1pkds6sdj8pfywwqwkbaq0eeva0hjdge35kf10ct3das3px6eyk62md0pqkm8391eds0mns036cdgss42py7ch50gsgn9r14kb5eab085tdwgyyzab0jvtnq6atvq74bdzvepgf64wwbbv3hdx9ec2j8dywb32550qbf5rqvfj480x547wkftsmvywj0jwj695p34e678k7v63pee30gx39g79d3pj0cp4p6q0dnb27fzxd7v7ndswp9rd1hvf591azvpq8xjc5q2092221vz1ygj073sr61bkgk18ppf33a2rba2r4xzq29vfxwb9f6wpt24z64cct8pkzyteng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%26client%3Dca-pub-2626566186821602%26adurl%3D

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ab5a09569ea1756-FRA
content-encoding: br

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 53C2 64 KB
8 KB 30ms
29ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1081674
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 27 Oct 2021 19:53:29 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6ab5a0959a2a1756-FRA
cf-bgj: minify

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 53C2 12 KB
12 KB 31ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 315958
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdu2H8EztDRkH7xMxkUi_RR54ZTCPrkYJAbFNV3c3b0sQp7Fc5Lbo0cB4LGAzujpB30IhyXag9KvJxClvmnIQ5zdJ6m09g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTmHZW7gQot3%2Fv7Fv%2BmXz2rHtJM1n3JtvBwsLXHwDqU3%2F7Pdaa3xn1bOEg%2BImGFEmatxjuijfTBZPDay05K24l1OVpf4d7QSFa23%2F3tDjlVicL98hetHdbj4gJwNiZmqiytaeutUxb9gqtzd"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 6ab5a095aa3e1756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 53C2 10 KB
11 KB 24ms
17ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43369
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdsupjCE2Ubz9JpcgIsaUO6eIa9E8oPPNSpgUXPdfVwV25wPdfbmM3AsEjte2j_HuQJK4xo0HLR20wmfgz5rpMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YP9tDlWnI8gaiICK%2FmhorQRqGtSPG%2B3JyCeUZhbAerCVZ83eTrCd1uQNzIJhoodBboa7kUQTvUbU4u4VI0CCF2Zc9pTCK0fynQQWq9KT7SakVQmAtEI9capeD29MA7MokCjg2j0Em5QQ%2Bdb"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 6ab5a095aa401756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 53C2 8 KB
9 KB 33ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41024
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdvdo0azTcM7bgKH_ZV7cWhN5JVbIxsRqU2r_kwvgGeofxNIDpkroAkl6ITJDrTkRwX3DTHPrgysrH2h8RpEHeg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifvBzPt7s4x0ogzinPEbL8pKUTfHGCVhxF8voHlQsDD1Yk1t%2FPj4V%2F075vGC2VQrohjEt3EIl5tPZXsjR%2F%2BxeCZaWNStcFVeWIHilqpVJ8I%2Bwemegy5CDrRVkcPI4hL858Cx1sxHYikeFcNA"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6ab5a095aa3d1756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 53C2 30 KB
30 KB 37ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40389
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycds0nnN9ZOeK1JE34ykokRlmiiyJ3-MPgI0MFUCDqm3zGFg-eha1VUDSMG2heB5dgfBFYUlVdQ-8fQHYbPN_eQNEC4b6tA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjnnpbTyRXBsFO%2BmZdid%2Fu3j2CfaKNwK0VU7RArDkouce8KVzA5VbEBkXURmhYsUO6Ku6BOYs0TMhCNbEoNXmXE5dkz9%2FJAytcD8z6879Y9uNygbmShNwR4xe%2FJhwrM8byAOH0%2BpWPeE23rh"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 6ab5a095aa3f1756-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 53C2
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPPq_tvsivQCFTyIOAodwuEEVg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRot...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1636446083_0690b8f0-4136-11ec-a755-22393e4be327

0
517 B

12ms
1ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1636446083_0690b8f0-4136-11ec-a755-22393e4be327
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:23 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1636446083_0690b8f0-4136-11ec-a755-22393e4be327
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame 53C2 6 KB
7 KB 30ms
24ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42412
cf-polished: origFmt=png, origSize=17428
x-guploader-uploadid: ADPycdsFPSu4ps8ob4R3nCQTZFRR3JOzVssSMJVnIwLJzfvP2u8-YsEnQSPxCCyEQHzVJ8SFsi1h-bjd4sLVdhdTzrDRx5hvPw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6390
last-modified: Wed, 18 Aug 2021 10:34:33 GMT
server: cloudflare
etag: "26c84ef9c719f5cf615a799a8667d2e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2snH5a2IXmpwxMCmJvsWZcBa89s2PQNpif2vdtR62rmpbsg%2FG9N8NnDkjCFtkIAr4hTQzVhy4xrhdw54hoG4B6YC2LRQj72TfpwStiqrLWuGPvkfypK5%2B%2Fy%2FwcW6hBexAFq%2BxDNJAHGVqrEQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629282873725600
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 17428
accept-ranges: bytes
cf-ray: 6ab5a095aa3b1756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame 53C2 28 KB
28 KB 29ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43515
cf-polished: qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid: ADPycdufFQRo7ZOoOjMxoIWoiO4BGSoBB6Rc_TMq36PeGz13kod-IojlsdOKpsM00xPtGtNWFPGzS27nrvdOCaU9U1wXkS74HA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28448
last-modified: Tue, 03 Aug 2021 12:47:14 GMT
server: cloudflare
etag: "6d92776609fcae3d35627b3987f9b1e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfw55bQyDc8R2sK8JnU0rcT8h36qA6XgUbJAyLhyxro5XabY5NnmZbWzHV%2BNncH5bnw8v3IAtowKFo3vwsV38HoNYYCNAX4XEpmXCHy25NS7jmzHTCMf7dSjVo0fgGYJ6f6LimWUQj4hMtMw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1627994834652806
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 82379
accept-ranges: bytes
cf-ray: 6ab5a095aa3a1756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 tsv
neso.r.niwepa.com/ts/i5542019/ Frame 53C2 43 B
462 B 76ms
17ms Image
image/gif 35.187.117.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneid5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1oneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.187.117.15 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

15.117.187.35.bc.googleusercontent.com

Software

nginx/1.13.9 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
last-modified: Tue, 09 Nov 2021 08:21:23 GMT
server: nginx/1.13.9
p3p: policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 67AF 64 KB
8 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1081674
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 27 Oct 2021 19:53:29 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6ab5a095ba581756-FRA
cf-bgj: minify

GET
H2 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame 67AF 6 KB
6 KB 18ms
18ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=hBHCMA==, md5=23TE0/JCZhnuq3Ni+PjppA==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40053
cf-polished: origFmt=png, origSize=12441
x-guploader-uploadid: ADPycdsrCDiRWTcUB7xrSLg5537ED4tW1ashZltX_OSDkisGZrYiC5Qifp0ek6XLXAoCsmC4NA6w85PTh9uQyZi2GwQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5676
last-modified: Wed, 22 Jan 2020 13:02:46 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwYFWgYjnlSF5sJvJCNNFMe6HqTX4AxFeEXC4u5F4E8zRa8IyrgWzF39LsUZmLm7ImuZSH1nGF0lSGUeRggK%2FExt9nmTsVqde%2F7qRJ1SHA9pPrCO8BA1OmndkFwjJewrHdnRSIVWXCUOQU%2FA"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698166841638
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12441
accept-ranges: bytes
cf-ray: 6ab5a095ba591756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame 67AF 37 KB
38 KB 35ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=limNHA==, md5=mmc1zohzhBG1IcVyR5glog==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47808
cf-polished: qual=85, origFmt=jpeg, origSize=98417
x-guploader-uploadid: ADPycduXp7mVLUcRinaW5MZh1S9-Jo89p4vcbphEnox7nCW3YD6R0cvEu2PxmCOPMP_FjsiMzgCT_ZWa_tbplu2jVCw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38376
last-modified: Tue, 30 Jun 2020 10:59:41 GMT
server: cloudflare
etag: "9a6735ce88738411b521c572479825a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXKkicOYM%2BQkAVvhNFqCTrr1PEQFGPpr2W91PygEbbEwsLxCtxYsNWmyYCgUSxVETORWor%2B0ENMD7cYdUDtZ%2FPjJrVMencMsgYqzSHhM7m0gHXGe0EFyemoPdAn5W9bxKYTcoTHYCIh3yNzj"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593514781204583
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 98417
accept-ranges: bytes
cf-ray: 6ab5a095ba5f1756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 view
t.adcell.com/p/ Frame 67AF 42 B
479 B 165ms
125ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneidqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3oneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 67AF 38 KB
38 KB 17ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39268
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdsfyZ7TDwK2_ogVJC0crpi2_x098pUJRtsB7mqY34bKzxWpoxnZMeFKzXNQb04ie4JjNqxcpdkNpDAEU1dys60
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4ulDvBLAoccTFwE6qpoZYe3r3UzluRM%2FYzsqLkP%2FtQWrk3i49qVE54JIQagZ49su6EnfbD%2BHaqddekxTWV4uJ9sjSJSTCuo25yv9OjSosIc5OSwwMMSSpZS%2B2aSRYatMwRfOzjlw5PDVEql"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6ab5a095ba611756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 67AF 84 KB
84 KB 23ms
22ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2182097
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdt0auuVYXxKcOeI32Nv-fvSJQzYQvFVwatuzPsEZD0eRaq_pBpNbp-MnA5kVrbBdCHt3HyAtodlGclxYmOQ7A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85737
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFWkz2L81TGGQ2EuzMdTIUvHgAZedQcaHSKIiMMJb2D6qONxW9Ri1vVh3xdzCjugglKP1ej13LUKdmkYc665OPB6cm%2FJqsVLRPBNwbZ3z69fqpTkNo9Jo1NropFao4SLRQcUyMtGZD1jnRN7"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6ab5a095ba621756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 67AF 53 KB
54 KB 19ms
18ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305466
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdtXugkQNtLzhG-eZlTKKk7AxvzSYQsferS0RbKbCM6vY3blnAtynqyJYqVsyWhKkatTRbe06i6ODnw0vA6T-BY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhr0fBd2vxZcxWY20FxnmVHdZuXPrRc85TNPm2hvFlIK06SHuDx38T4i48NyWIuXGXDeI4EDJyIKlLnvCFUA3YzDY0pbBzYVTH8VCEZpuLSS%2BOm3GRi29GOB8gqRcN2AeK0xwaNUPrg220jJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6ab5a095ba631756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
assets.ad4m.at/product_image/ Frame 67AF 59 KB
59 KB 21ms
20ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 747dca55f3574e0e2e2018f1e7ade84da708f8311d4ef6be6002b20b62e7a5ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=0cfKgg==, md5=CA0MSDnZ60/QjP/qRLEGmg==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1150394
cf-polished: origSize=62182, status=webp_bigger
x-guploader-uploadid: ADPycdtmSs55rFklL7dJEwFGWoaKN31eohfqQlcUMydaCjkv9o8sSKNZKf7fP2sy7rRVSGg1rWzesFbE9SBhmSBKPhg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 59917
last-modified: Wed, 09 Sep 2020 07:43:04 GMT
server: cloudflare
etag: "080d0c4839d9eb4fd08cffea44b1069a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwEayw04it0AVlQCYJDMgtl2ViyGH6RZwb5aC4rvoCIEZrDizCFAtyj8XgmDvs0OqqqFtLhzEaoXHG67ucKOcDPtRYw70R0o5Jez1eY5s5%2FtZhbGOMG%2B5Yx1GvEJvLYmLMPTvAoViXKnNVpJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1599637384558000
content-type: image/jpeg
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 62182
accept-ranges: bytes
cf-ray: 6ab5a095ba641756-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame 67AF
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021110909212358381023095X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaH...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202111090921235838102...

43 B
805 B

30ms
9ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110909212358381023095X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Wetzlar, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110909212358381023095X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 957A 64 KB
8 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1081674
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 27 Oct 2021 19:53:29 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6ab5a095ba5c1756-FRA
cf-bgj: minify

GET
H2 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame 957A 6 KB
6 KB 31ms
30ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=hBHCMA==, md5=23TE0/JCZhnuq3Ni+PjppA==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40053
cf-polished: origFmt=png, origSize=12441
x-guploader-uploadid: ADPycdsrCDiRWTcUB7xrSLg5537ED4tW1ashZltX_OSDkisGZrYiC5Qifp0ek6XLXAoCsmC4NA6w85PTh9uQyZi2GwQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5676
last-modified: Wed, 22 Jan 2020 13:02:46 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dy2ZWntD0zZ%2BT5IFi8NU5zHShfVyDoHtBlRbVCwPBotVk8%2BeBqCeZEmpF6vONh9yz8U654yvdrH%2BFFSj1J4i80GRO6oOsg5%2B7Bw%2FKFQW73vp%2FJIvQMCGBqTAVsAwb6WDdpwuwcxKPuZIYdUk"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698166841638
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12441
accept-ranges: bytes
cf-ray: 6ab5a095ba5d1756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame 957A 37 KB
38 KB 28ms
24ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=limNHA==, md5=mmc1zohzhBG1IcVyR5glog==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47808
cf-polished: qual=85, origFmt=jpeg, origSize=98417
x-guploader-uploadid: ADPycduXp7mVLUcRinaW5MZh1S9-Jo89p4vcbphEnox7nCW3YD6R0cvEu2PxmCOPMP_FjsiMzgCT_ZWa_tbplu2jVCw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38376
last-modified: Tue, 30 Jun 2020 10:59:41 GMT
server: cloudflare
etag: "9a6735ce88738411b521c572479825a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6%2F53M%2F4DXb8qKEp%2BziXcmOUZdDkLdBAttsYHzr9mhVGEJs3DI2S6suKg6cbC7ttGb%2FDoxAMJWd9K07Ix26WkV4O3D6%2BsDcpBVGO0VyDY1zKuakueAPVaBpElz%2BRIlLCUKmGGJHj9s7VqJv3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593514781204583
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 98417
accept-ranges: bytes
cf-ray: 6ab5a095ca671756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 view
t.adcell.com/p/ Frame 957A 42 B
478 B 164ms
127ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:23 GMT
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 957A 38 KB
38 KB 24ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39268
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdsfyZ7TDwK2_ogVJC0crpi2_x098pUJRtsB7mqY34bKzxWpoxnZMeFKzXNQb04ie4JjNqxcpdkNpDAEU1dys60
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvbGu8Cx%2BqLgB3Tdsi7g7i7OqU8i06qKrjgyYwODdesyloCZZPv9E6hIc2O4Vs0QA3QKw%2B0U%2FFO2qvufun%2BvkY%2BMCxdgHx7esjs2wb9MvrOrapzf9QzIeIxmU2WVARtrX57PUKybFqJAlukT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6ab5a095ca6d1756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 957A 84 KB
84 KB 32ms
28ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2182097
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdt0auuVYXxKcOeI32Nv-fvSJQzYQvFVwatuzPsEZD0eRaq_pBpNbp-MnA5kVrbBdCHt3HyAtodlGclxYmOQ7A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85737
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJAuQH8qAyoGA%2FDKpyfCK2u4bGPOLp7x%2F5C%2FgcBkQBDNRpBkxgmhUpTCUXe3pMu1CJQnonnF7t3Q%2FDuXpXmNTlalFn4llzAID57MBsxLtmab9ADChPsdhZEaBQN5w%2BtVgl66q1PRX%2Fb065lf"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6ab5a095ca6e1756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 957A 53 KB
54 KB 26ms
22ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305466
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdtXugkQNtLzhG-eZlTKKk7AxvzSYQsferS0RbKbCM6vY3blnAtynqyJYqVsyWhKkatTRbe06i6ODnw0vA6T-BY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H87%2FdSDQs49P0tHjO5VmtwOFOIh1U0f6r7R1U0NQgHBH%2FUp5mNEoerKT4SXpzYutthIZS%2B7QXffpKtzESL8Wgnd6CNxWeuwYvXypr4m2kHAUZj48QRygunK6oJ03j7gHSUDsoD4cgPhu3HXU"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6ab5a095ca6f1756-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
assets.ad4m.at/product_image/ Frame 957A 59 KB
59 KB 41ms
37ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 747dca55f3574e0e2e2018f1e7ade84da708f8311d4ef6be6002b20b62e7a5ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=0cfKgg==, md5=CA0MSDnZ60/QjP/qRLEGmg==
date: Tue, 09 Nov 2021 08:21:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1150394
cf-polished: origSize=62182, status=webp_bigger
x-guploader-uploadid: ADPycdtmSs55rFklL7dJEwFGWoaKN31eohfqQlcUMydaCjkv9o8sSKNZKf7fP2sy7rRVSGg1rWzesFbE9SBhmSBKPhg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 59917
last-modified: Wed, 09 Sep 2020 07:43:04 GMT
server: cloudflare
etag: "080d0c4839d9eb4fd08cffea44b1069a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOJj5wdAuKYpJrhgglG%2FtgGr9b8k7YwRmxyg%2BxJOzIWXWg5CUlBe1Uuu753lRMjWAJ6WRbowi%2FA%2FgrvVMgzmOZSaPiHrwO2ccdhUxUYjMu9ujmE%2Bi4IHjsQVAme%2FdCvSs4Nn087zVdOONMLC"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1599637384558000
content-type: image/jpeg
expires: Wed, 10 Nov 2021 08:21:23 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 62182
accept-ranges: bytes
cf-ray: 6ab5a095ca701756-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame 957A
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021110909212358381023073X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaH...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202111090921235838102...

43 B
805 B

30ms
8ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110909212358381023073X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Wetzlar, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Tue, 09 Nov 2021 08:21:23 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110909212358381023073X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 53C2 1 KB
2 KB 282ms
121ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 477207c82a97eed3741cf484816b7c89885e1bfd2e55dc5302524c2b60089510

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:23 GMT
Last-Modified: Tue, 09 Nov 2021 08:21:23 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1465
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 67AF 1 KB
2 KB 283ms
124ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 6ecbdfe935f4bbfb706ba4f72627a25bb07e728069afe89338c5404669377c08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:23 GMT
Last-Modified: Tue, 09 Nov 2021 08:21:23 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1442
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 957A 1 KB
2 KB 265ms
117ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=05f4c043691eaef46a81e61abb7ff4d7%2F423113986550916583&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083386&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kjsye1skt6rzttzjxy0z88tdqhnt6x35320c26v1x1vmyry3159qrgwyy8vnvj7mgmrmzyk3ykrmcfp4ddgy1bh8twb6401w3y2mxy3jd6bs9hcgm73tydh1gpbngmy9r53ww2399cvs3ernxp5s1y8xcfqqtwf4cg7eyrfhh6gzjrj7g8m12djqwdhjh4jbn0nqr2w39vh3ssyb1a7vpb3n7b9qmxwm946ak4kmm8a87t2gy7w8hdqejbgkefcjha09029eewdntr51fdg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRVfOgC-KYaa7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0ML5rCes3btfPwe8BHTGn9CAPrkbwtP0ZjD_uL1dFToMZ4iHdpQ00D05TCJ083_Omi4sw1g7QVf71fH8j2XB2r2MopY58tdEdjRTAfQpdiQytiODea9fyZ6M6RXraUyF3RcMuliRmaiMHujOAsDHOiKnHgJVak2Z2gyIFLY9utWCOjXvcrGH5LULLuNdk4C8YJbwDSqnWA6uvTKwC5OVoP3fnf_YcuQpTVl6OQt3kSPOEbV4o43VZGJUsqVOJLMzhhg-i2D9uOKt3Uvv5BkkbDcArY2-kHx7wlEIKjS29hileQnSuLaKhDxv74Uw5WKy4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2smh67e0Buz0pYo9ruo8RH-2s2QA%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: e8993d39974a7d30c541d2e39e83edac73fbd9eeec51c1a48247ca69a89e5630

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:23 GMT
Last-Modified: Tue, 09 Nov 2021 08:21:23 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1442
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 portada-7.png
www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/ 10 KB
10 KB 15ms
14ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/portada-7.png?1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77677515e68f42d83b9e5e307489313a505bd883d271c13a45457c2182e1d99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:23 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4945932
x-cache: HIT
x-cache-hits: 25
x-ah-environment: prod
content-length: 10525
x-request-id: v-091f84d2-11ea-11ec-bf1f-ab729fe75038
last-modified: Thu, 08 Jul 2021 22:18:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a096cdbe4aa3-FRA
expires: Sat, 14 May 2022 08:21:23 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 53C2 51 KB
51 KB 142ms
8ms Script
application/javascript 13.225.78.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-5.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 10308
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 09 Nov 2021 05:29:36 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: fqiyWbwGh3NrAEGEiOnlj1FwBkhpKDGY_0mKHgeOnhyTjEN6dYerVA==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 53C2 25 KB
26 KB 113ms
40ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidogaki-oX683K-n4el43upTBTxLROORVLasuid__suite_Netmix_Reach43_TopRotaMonth&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=88f9707496d3ea0fa789c54ba0cdd0e9%2F7394733863311437295&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083377&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gw9rbt8rbtygf3cegqxqs8vncfdmd2km1ykpk8ccc7qsc81p6yh2vagsj03xedp26jyyjn7t027gz2kh2kpygd9b86tqq26k16g0va4q7xfyfem1dcc8sgd71admmzn534ehqmnx3f32xays8t9pc9n5xeq0vrkneqn4zd5xqyxew7302ax1w6grnyfaf47dhs3bcss3k51fq0mvdgzvnmjdbq4ye5exhadkaxjmyv79sst3wsx8gca2p9yfsew4s87xk5d1tf7092jpjjg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChK8pgC-KYaW7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE9gFP0FC07cmy9rDYvVxboSSVxrBHO8pOw1w8kY8crwchnvBPva5K8zEEkZDztOR9vOGgErbx8PsJjDUdcVSXfkGOmVmrWVnoUTD58_Oxze61zaty-0JDsVAudpm8DyTjMUi0o9tDyR6JJ5a10Dtp-avjJYl7RWCCUSHs8HprlYV3ME5SKC4R1z4NFO1XmJrqJjs-xVAIp8h7n65otJnJIhMp8bClrX0m55Ia09Y90zVc2lqyBEmTtLM8FjMdsayT5YyuZ9EZM1rEDwPEk7N75CKCRlBXLaV6suE7eC-biSXff9e8slTsb2hn1Cy4rIj9BW_x8_BKa2bgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_24bbnYHYUrTsK6o5OBzdEnnIT81Q%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:23 GMT
Last-Modified: Tue, 09 Nov 2021 08:21:23 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 67AF 51 KB
51 KB 128ms
15ms Script
application/javascript 13.225.78.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-5.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 10308
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 09 Nov 2021 05:29:36 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: 5B0vUS2shTACSEF_j12UrB5LF5P9DorX6nkk4v8L6QMngcDintqwWA==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 67AF 85 KB
85 KB 113ms
40ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid6PZTef3fmMVseHmHYtktWQZSYS1T2XwC7oneid__asuidrk2ZX7x8oVQQTXEJ6i1ejexwYzs5Odx_asuid__adf_Netmix_Reach01_TECH&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765%2C24673%2C19457&b=qGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJ&f=R5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2C3bgFpf14UB65t7HrHAtXC997f8TWTRead&c=728&d=90&e=Esw2iaHTd2U_Pe5iy67gANdndkjHG9y-&g=351bcebf6c854aad618171404725fd82%2F16249489484076859423&i=1676%2C20430%2C20774&j=4%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636446083384&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k2pxdrgmrd8ymbhd02ztqs76hrf4pdwjjzv4h6855j125qgtaz7nz0zex0tgdpcgzz0m27xn6j2tfrem0gh5hbfhn9yy44ke31zg9kbtrk9x21m82qn1mkk4194t97re0tvh6kax4z6pexhq2pssjsz6hrdtmv8mdx41h0kcda5gce47q7303te617q8ssstd2bh2yqvhna7c8zqhj4datqrteh9fh6mznzm727d3y5ssqxrh0bm8h654y0xap229zbpeznkcqhm41gdtt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdnuUgC-KYaS7OtHy3wOMg46ABJDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTI2MjY1NjYxODY4MjE2MDKgAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE8QFP0JgjThP8pBPKQE0PCuXNFV5Q6g-puGLVckgSSWTlFwlAYMO_r0PlTOn9gxPVQ2XaeEynoGPBfeQqOG5Ypgb4cWB0LGsO2BcSP7hzjaPX1bI3uUlFU9qnd8rGKvtI-KM2E5H8rwkwRCXunfRBHF6hrKkxRR5qixR-RODA45yes84gnEI66OLl4aNzy-hj3qJ8eZxKV11-FVyMypqkmuZ3Qa8S2ydE7Ecf3fAghgNSM9RUXY-8vI8i7keWxQ9NMcBnZbmCEOax2DNsq98uDmqswdsucyvCu6R-aF0Uf6W4eCSVVJu0OTR5iMVGO5ElBFpA4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0tU5K7lRcr5IjJnp1UvmsHBM_RUw%252526client%25253Dca-pub-2626566186821602%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:23 GMT
Last-Modified: Tue, 09 Nov 2021 08:21:23 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 957A 51 KB
51 KB 127ms
20ms Script
application/javascript 13.225.78.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-5.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 10308
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 09 Nov 2021 05:29:36 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: S37xi5VPQ7QeYS3wHSuMrBrAEYVtoQAqv5SRLwdu3vbOGqEM7WHArA==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 957A 85 KB
85 KB 113ms
40ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid6PZTef3fmMVseHmHYtktWQZSYS1T2XwC7oneid__asuidrk2ZX7x8oVQQTXEJ6i1ejexwYzs5Odx_asuid__adf_Netmix_Reach01_TECH&wglinkid=713569
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:21:23 GMT
Last-Modified: Tue, 09 Nov 2021 08:21:23 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0214 0
0 43ms
42ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch-zBgC-KYZ67OtHy3wOMg46ABKXQ76NmpffXjvAOZBABIK33uB9glYKAgLgHoAHMqLDgA8gBCakCMsDzh492sz7gAgCoAwGqBOoBT9AXDnKsL1GAWmSmw5j3njC5HAtJuS3DpQ2UHkXfCpcPLOBBUMMlzpViKgByzwbf2UT3YL5ITYIHrCuqhqPv-sJa2iY3UyiZBVFGDPbo5MGUBxiVeIfzR5NHFveelOuZlOidfTreV2iztoVG1LUu5WzxTguD3ak74Z1Wxj25v10uPbmoXELrJkzcf_G95It6W64_zUjrzSmCUKaYxHraGuMLDcu0a7xhH02m7ctMOcuQJYxSnmE23NFaSSnoEN09q3ccFGo_OBboe0LbejgY67VYv4d7k5bFCDwNF6Svgmo1XmdaNi78zOKhwATGl_uE3QPgBAGSBQQIBBgBkgUECAUYBKAGLoAHnPKyIKgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD7ixHSCAkIgOGAEBABGB2ACgPICwGYDJupqMj2A7gToQTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItMjYyNjU2NjE4NjgyMTYwMhit7Rg&sigh=L5EH6ybJmrc&vt=1&template_id=545&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0214 42 B
174 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNw1iLzU57C66Y1MDCFe2fwdfvthVTNGG1JPMzLxEGpdukZDiJb4u6lnlDmhK0G01ei9-2ZOyXNtIJobn2geHwU-1INIXNqNVKLdB6xe_e4qEfm6m8AAfP-uP4UZ9riWHsuPdoSERmFwDaUJeJsd8qUppE-zPDeA&sai=AMfl-YTgmKZkdMrNlwrvc5347Ml_FN4sK0QhAQ85XMzsk8Di0A23iy4fLPedTnUL13izo-NXT6i3Dk3oo_FkV5edgcjx4KuxPJzV67436_z5b3jCS-DtMoE4bKV1cMGI&sig=Cg0ArKJSzLA06syeNFnzEAE&cid=CAASF-RoM2odARou1ARY8Ss_8bNKutO1256f&id=lidar2&mcvt=1001&p=1069,288,1319,588&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=0.52&if=1&app=0&itpl=22&adk=2051797624&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&pay=1&rst=1636446081191&rpt=1473&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0214 0
54 B 556ms
255ms Ping
image/gif 2800:3f0:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~kvrtquk0&c=460252161816&slotId=230126080908&qqid=CJ775drsivQCFVH5dwodjIEDQA&dm=20085&event_name=first_play&asset_bytes=411727&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=15&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=4&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.kvrtqurs
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:81d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 35F2 0
54 B 374ms
255ms Ping
image/gif 2800:3f0:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kvrtqu97&c=4828774747984&slotId=2414387373992&qqid=CKH75drsivQCFVH5dwodjIEDQA&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:81d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AA78 0
54 B 369ms
253ms Ping
image/gif 2800:3f0:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kvrtqu8s&c=2653672992870&slotId=1326836496435&qqid=CJ_75drsivQCFVH5dwodjIEDQA&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f8b2bdb732dad463b772cb50ae38401b.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:81d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 53C2 16 B
232 B 92ms
91ms Fetch
application/json 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Nov 2021 08:21:25 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 103ms
29ms Preflight 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 09 Nov 2021 08:21:25 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 67AF 16 B
232 B 77ms
76ms Fetch
application/json 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Nov 2021 08:21:25 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 84ms
29ms Preflight 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 09 Nov 2021 08:21:25 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 957A 16 B
232 B 80ms
78ms Fetch
application/json 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Nov 2021 08:21:25 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 63ms
28ms Preflight 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 09 Nov 2021 08:21:25 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 videojuegos.jpg
www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/10/30/ 6 KB
6 KB 19ms
19ms Image
image/jpeg 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/styles/imghome292x144_/public/articulos/2021/10/30/videojuegos.jpg?itok=qTiPu0hs

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d44098ad9d6a41ceb2e9a545b4cb75ea9838aed851b0e7ad54da33ac282c4110

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:25 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 811337
x-cache: HIT
last-modified: Sat, 30 Oct 2021 22:56:34 GMT
x-cache-hits: 4
x-ah-environment: prod
content-length: 5869
x-request-id: v-af5584fc-39d4-11ec-8f56-7f5ac5b695ed
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0a2da214aa3-FRA
expires: Sat, 14 May 2022 08:21:25 GMT

GET
H2 200 portada-8.png
www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/ 10 KB
10 KB 14ms
14ms Image
image/png 2606:4700::6811:8936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnotas.com.mx/sites/default/files/publicidad/cklassBotonera/2021-1/portada-8.png?1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:8936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9ad79d604565d5791a1dca11d34f02262c37f977ce37ed55e4bdaacf34385f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvnotas.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:21:26 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10638432
x-cache: HIT
x-cache-hits: 14
x-ah-environment: prod
content-length: 9898
x-request-id: v-d9011696-e073-11eb-9058-af673b54ba5a
last-modified: Thu, 08 Jul 2021 22:18:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 6ab5a0a98e384aa3-FRA
expires: Sat, 14 May 2022 08:21:26 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0214 42 B
108 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:21:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESELlsbzc4XfEVcrRArVRVfWE&google_cver=1&google_push=AYg5qPKM3jpf0oQT88PIy5E1OvVEg1irKxuBeZp5mpgAV0q143zOfDMLNqLQAKJflMlbdgNFX79S6xexSCxIx8dbFZAa7AqPJ8vV

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tvnotas.com.mx/	1969-12-31 23:59:59	Name: has_js Value: 1
.scorecardresearch.com/	1970-01-20 15:50:54	Name: UID Value: 1HJUYVSGYJCZ4ZNACSZJSGg1636446080
.tvnotas.com.mx/	1970-01-20 16:05:18	Name: _ga Value: GA1.3.163100912.1636446080
.tvnotas.com.mx/	1970-01-19 22:35:32	Name: _gid Value: GA1.3.2137527990.1636446080
.tvnotas.com.mx/	1970-01-19 22:34:06	Name: _gat_UA-4955940-4 Value: 1
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
www.tvnotas.com.mx/	1970-01-19 23:17:18	Name: ActivePubCookies Value: 1
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.adnxs.com/	1970-01-20 00:43:42	Name: icu Value: ChgIw9NjEAoYASABKAEwgN-ojAY4AUABSAEQgN-ojAYYAA..
.adnxs.com/	1970-01-20 00:43:42	Name: uuid2 Value: 119006339864346590
.doubleclick.net/	1970-01-20 07:55:42	Name: IDE Value: AHWqTUkfztpYZhbqaODgmLQGE-HRUaD74LcujHbuWfRjOLoD823WIflHtVg7bdH8V1U
.rubiconproject.com/	1970-01-20 07:19:42	Name: khaos Value: KVRTQSZZ-S-II4L
.rubiconproject.com/	1970-01-20 07:19:42	Name: audit Value: 1\|naVuGyos1qp34PhJh4BUGeMH05QULE/jV/G9Z/GRzTz24WPzaViPwelzfbun4hcGOjdnJXmAAtjQYX1R7beuxdHfSARxGczVblsMkxPOzpvQD5U7tEfUTQ==
www.tvnotas.com.mx/	1970-01-20 07:19:42	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D67950498-1729-42c4-b9f4-c553a2000364-tuct883b500
www.tvnotas.com.mx/	1969-12-31 23:59:59	Name: cert_Origin Value: directo
.tapad.com/	1970-01-20 00:00:30	Name: TapAd_TS Value: 1636446081375
.tapad.com/	1970-01-20 00:00:30	Name: TapAd_DID Value: c0cc217e-7cac-4922-9890-9d9a717be822
.spotxchange.com/	1970-01-20 07:19:46	Name: audience Value: 0543bc3f-4136-11ec-97fe-1fd522ee0306
.spotxchange.com/	1970-01-19 22:34:06	Name: sl Value: eyJnIjp0cnVlLCJzIjoiMjAyMTAwIiwic3AiOjEsImkiOnRydWUsImxwIjo3MDI1LCJnY3MiOiIke2dkcHJfY29uc2VudH0iLCJwbCI6WzcwMjgsNjY1Myw4NDU5LDc1NzcsNjQwOSw2NDY1XSwic2lkIjoiMDU0M2JjODktNDEzNi0xMWVjLTk3ZmUtMWZkNTIyZWUwMzA2Iiwic29sIjo3LCJzbCI6Nn0=
.tvnotas.com.mx/	1970-01-20 07:55:42	Name: __gads Value: ID=a4f878678e5ee7bd:T=1636446080:S=ALNI_Ma6xuV3Pj_AyoE-NwcIqInngNLQGQ
.adsrvr.org/	1970-01-20 07:19:42	Name: TDID Value: f47c1eae-3417-4452-abb3-7c4af8cd03da
.adsrvr.org/	1970-01-20 07:19:42	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjowsSf_tiROhAFGAUgASgCMgsI1o-My5TZkToQBTgB
.tapad.com/	1970-01-20 00:00:30	Name: TapAd_3WAY_SYNCS Value: 1!7520
.doubleclick.net/	1970-01-19 22:34:09	Name: DSID Value: NO_DATA
.sharethrough.com/	1970-01-20 07:19:42	Name: stx_user_id Value: d7003b15-84a9-44ef-bfc5-f71524370a4b
.adfarm1.adition.com/	1970-01-20 00:43:42	Name: UserID1 Value: 7028482403865720987
.ads.avads.net/	1970-01-20 08:14:25	Name: av-mid Value: 8ffe2c81-1c3b-4cd5-abf0-43a1d5fa53fa
.ads.avads.net/	1970-01-19 22:54:15	Name: av-tp-gadx Value: 1
fksnk.com/	1970-01-19 22:44:10	Name: AWSALBCORS Value: BsxtUl2GpyiNn5gkv8f06wj/rGycTlhsscmmPjxtEKb8J4ksbCNPUlc2emgyGe+2LfAyOSEJRqFLrBCB5FxPDkMBudtCxljJjPiYx8pDzjSPIUZtO8OgFBpUbalW
.fksnk.com/	1970-01-20 00:43:42	Name: f_001 Value: F83006775254480C
.fksnk.com/	1970-01-19 22:35:32	Name: g_001 Value: 1
.quantserve.com/	1970-01-20 00:43:42	Name: d Value: EGsBCQHXJIEA
.quantserve.com/	1970-01-20 08:04:20	Name: mc Value: 618a2f82-b7b3d-3f368-858ff
.pubmatic.com/	1970-01-19 22:35:32	Name: KTPCACOOKIE Value: YES
.yahoo.com/	1970-01-20 07:20:03	Name: A3 Value: d=AQABBIIvimECEPI2HvqtQwSpL302ye9wCwIFEgEBAQGBi2GUYQAAAAAA_eMAAA&S=AQAAAi_hovWGnu6MS8_uGuH1P94
.sniperlog.ru/	1970-01-20 16:05:18	Name: guid Value: D3C91EEFF6B1A58D
.m6r.eu/	1970-01-19 22:34:09	Name: test Value: true
sync.srv.stackadapt.com/	1970-01-20 07:19:42	Name: sa-user-id Value: s%3A0-861df49c-304b-484f-4bd3-7550467b9477.EJw3kltbx8Gnu%2B0%2Fq35RTUcpZSoJPb1H%2BppaGy9SwbA
.srv.stackadapt.com/	1970-01-20 07:19:42	Name: sa-user-id-v2 Value: s%3A0-861df49c-304b-484f-4bd3-7550467b9477%24ip%24136.243.198.80.545e81MrxdHX73vAF0XQelsFIQKFDUS3XSmSRwh5ccw
.adhigh.net/	1970-01-20 07:19:42	Name: gi_u Value: u7sCqSdXmNzt.AikABlF9A8mXBw
.everesttech.net/	1970-01-20 07:19:42	Name: everest_g_v2 Value: g_surferid~YYovggADNnHHWQAz
.pubmatic.com/	1970-01-20 00:43:42	Name: KADUSERCOOKIE Value: A26B7559-A87C-4335-AFBF-1B89EF75C095
.m6r.eu/	1970-01-20 00:43:42	Name: cct Value: 1636446082971
.m6r.eu/	1970-01-20 00:43:42	Name: id Value: a9047d5cefe786eb357e661966e8aaef
.mathtag.com/	1970-01-20 08:00:01	Name: uuid Value: 6b07618a-2f83-4d00-9cd7-1da60f4c7b51
.mathtag.com/	1970-01-19 23:17:18	Name: mt_mop Value: 4:1636446083
.3lift.com/	1970-01-20 00:43:42	Name: tluid Value: 5421928046225137755
.openx.net/	1970-01-20 07:19:42	Name: i Value: a519c3b4-a465-4a14-83b6-df4949969814\|1636446083
.ctnsnet.com/	1970-01-20 07:19:42	Name: cid_6f61ed40d73844b385eaf8c0f3dc7748 Value: 1
.simpli.fi/	1970-01-20 07:21:08	Name: suid Value: BC0DFEEAF9014937A1D3C4474FE7C607
.advertising.com/	1970-01-20 07:21:08	Name: APID Value: UP06430e59-4136-11ec-9ce2-0228d03d97ac
.lijit.com/	1970-01-20 07:19:42	Name: ljt_reader Value: 7e03891c2017d4ea83bd147f
.turn.com/	1970-01-20 02:53:18	Name: uid Value: 3447242245808601134
.mts.ru/	1970-01-20 07:06:44	Name: dspid Value: 3689b9bb-f0a6-4033-8e59-2771e32ef693
.analytics.yahoo.com/	1970-01-20 07:21:08	Name: IDSYNC Value: "18yx~21fk:18wq~21fk"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP06430e59-4136-11ec-9ce2-0228d03d97ac
.yahoo.com/	1970-01-19 22:35:32	Name: APIDTS Value: 1636446083
.360yield.com/	1970-01-20 00:43:42	Name: tuuid_lu Value: 1636446083
.360yield.com/	1970-01-20 00:43:42	Name: tuuid Value: d5373a76-2e6e-4314-83a3-06582c6c398b
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjIzMjc1NjUxNDE1sjQ0MDEyNxbiM9T1C3IqCjD1DHILyHQEAKBQisAlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dXazNCrzyk53MQxzzSo18fF0ys91NAAAyykVFR4AAAA
.rfihub.com/	1970-01-20 07:55:42	Name: rud Value: H4sIAAAAAAAAAOMSNjIzMjc1NjUxNDE1sjQ0MDEyNxbiM9T1C3IqCjD1DHILyHSU4jU0MzYzMTEzsDA2NDUEAO_FGIU0AAAA
.rfihub.com/	1970-01-20 07:55:42	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA12dXazNCrzyk53MQxzzSo18fF0ys91NAjiNTQzNjMxMTOwMDY0NXzFiMoHAOkx2S89AAAA
.mts.ru/	1970-01-23 12:58:06	Name: mts_id Value: 0f891d66-b3ab-4fb5-b4f1-a4bbd5aca90d
.mts.ru/	1970-01-23 12:58:06	Name: mts_id_last_sync Value: 1636446083
.tribalfusion.com/	1970-01-20 00:43:42	Name: ANON_ID Value: a0nseFS3n0hryoxDnS6DNhABB5Wl1V2k2BhZc78W4HxIqLB0ObYUp1KHR2ZbhZdZbbYu9aleYdRmQhMhuEViNpXv
.zemanta.com/	1970-01-20 07:19:42	Name: zuid Value: 8BeeU7J0BGhhvV_4nmjn
.travelaudience.com/	1970-01-20 08:02:54	Name: _tracker Value: %7B%22UUID%22%3A%22F048BBE8-39CF-451E-B4AF-3B01746DB686%22%7D
.r.niwepa.com/	1970-01-20 07:19:42	Name: tsv Value: kE4!HUwZ6rhQRiA!AQ\|CkIw!A!~isgmc5A*3b
.awin1.com/	1970-01-19 22:44:10	Name: awpv11938 Value: 412871\|1636446083\|0690b8f0-4136-11ec-a755-22393e4be327
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-19 22:44:14	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1636446083_0690b8f0-4136-11ec-a755-22393e4be327%22%2C%22sp%22%3A%22awin%22%7D
t.adcell.com/	1970-01-19 22:38:25	Name: ADCELLvpid2945 Value: 164800-46690-oneidqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3oneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth%23%23%23%23%40%40%40%401636446083
www.lead-alliance.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 800u49t5fba80q9u7ok4h64efc
.lead-alliance.net/	1970-01-19 22:44:10	Name: ppv1226 Value: 2021110909212358381023095X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth
.o2online.de/	1970-01-19 22:44:10	Name: nscQ485 Value: V
.o2online.de/	1970-01-19 22:44:10	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTYzNjQ0NjA4M3ZsZWExZGUyMDIxMTEwOTA5MjEyMzU4MzgxMDIzMDk1WDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZGJ3cVRRZllac3hnS2hZSGJIenRLdHd3OFV4VEpUSlBTSm9uZWlkX19hc3VpZEVzdzJpYUhUZDJVX1BlNWl5NjdnQU5kbmRrakhHOXktYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY3OQ
.o2online.de/	1970-01-19 22:44:10	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110909212358381023095X117679V1226132702MSoneidbwqTQfYZsxgKhYHbHztKtww8UxTJTJPSJoneid__asuidEsw2iaHTd2U_Pe5iy67gANdndkjHG9y-asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
.c.appier.net/	1970-01-19 23:17:18	Name: _gu Value: CAESEK0dMiT2cKms3sreFl3ACh0
.c.appier.net/	1970-01-20 07:19:42	Name: _auid Value: Pg5HCE5sA3KyDeRvgy-KYQ

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKu5vEEBF7iLRe2aeFU_eiuwe07499u6bBHprE_yN_Keq6WFV9LsVxy7xWALzcEYiDcssMQuQ_BWMOl__MBv6W1VF-2j4nO Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Tc6di5uQxSDowZYLGw5iw&google_push=AYg5qPKhpxiBAxkwyY4TilmYPe2Uzoh6lhq8uTDq_4T7Kkt1mhHUwGuM01IyU8F-fzXLFpLfPvZpkKnVaMaP37322mIgRlMuCpU Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

82f6843c94e5114e20535bbed45c68e6.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avads.net
ads.travelaudience.com
ads.us.e-planning.net
ads.yieldmo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets-tracking.crazyegg.com
assets.ad4m.at
b1sync.zemanta.com
banner.congstar.de
c.eu1.dyntrk.com
cc.adingo.jp
cdn.ampproject.org
cdn.taboola.com
cds.taboola.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
cse.google.com
csi.gstatic.com
d9.flashtalking.com
dsp.adfarm1.adition.com
dsp.adkernel.com
eb2.3lift.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
match.adsrvr.org
match.sharethrough.com
media.giphy.com
mts0.google.com
neso.r.niwepa.com
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
pandg.tapad.com
partner.o2online.de
pghub.io
pips.taboola.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prg.smartadserver.com
prod-rtb.ad4mat.net
px.adhigh.net
r.turn.com
rr4---sn-4g5ednsk.googlevideo.com
rr4---sn-4g5lznez.googlevideo.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.crazyegg.com
securepubads.g.doubleclick.net
services.sunmedia.tv
sm.rtb.mts.ru
ssbsync.smartadserver.com
static-de.ad4mat.net
static.cloudflareinsights.com
static.sunmedia.tv
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync3.sniperlog.ru
t.adcell.com
tag.researchnow.com
tech.rtb.mts.ru
tpc.googlesyndication.com
tps.doubleverify.com
track.sunmedia.tv
track.webgains.com
tracking.crazyegg.com
tracking.m6r.eu
trc.taboola.com
tvnotas.com.mx
um.simpli.fi
ups.analytics.yahoo.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.tvnotas.com.mx
cm.g.doubleclick.net
google2waycm.netmng.com
104.111.239.217
104.18.144.3
13.224.186.112
13.224.186.120
13.224.186.18
13.225.78.39
13.225.78.5
13.248.245.213
141.226.224.32
141.94.102.46
142.250.184.194
142.250.185.130
142.250.186.166
148.251.139.77
151.101.193.44
151.101.66.49
168.119.149.178
169.50.137.182
172.104.105.5
174.137.133.49
178.162.133.149
18.157.150.79
18.197.47.23
185.29.134.248
185.86.139.103
185.86.139.95
185.94.180.125
193.0.160.129
198.47.127.19
199.232.194.2
2001:678:cb4:bbbb::11
213.254.244.12
213.87.44.187
217.66.147.166
2600:1901:0:76b9::
2600:9000:20eb:a600:1b:5138:8a40:93a1
2602:803:c003:200::61
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6810:5e41
2606:4700::6811:8936
2606:4700::6812:d05
2606:4700::6813:9308
2620:116:800d:21:5a23:9c4e:e774:96c1
2800:3f0:4001:81d::2003
2a00:1450:4001:11::9
2a00:1450:4001:6f::9
2a00:1450:4001:801::2001
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:400c:c0c::9a
2a02:cb40:200::242
2a04:4e42:600::300
2a05:d018:d29:3605:5c5f:6ed9:45fe:73d4
3.126.56.137
3.33.220.150
31.172.81.158
34.249.212.247
34.252.163.14
34.254.8.42
35.186.193.173
35.187.117.15
35.190.0.66
35.205.207.25
35.227.248.159
35.227.252.103
35.241.45.217
37.252.172.123
44.193.191.16
44.194.225.67
46.236.13.147
46.249.52.249
50.31.142.95
51.178.20.140
51.91.154.17
52.69.203.30
54.75.239.54
66.155.71.25
69.173.144.139
72.251.244.141
72.251.249.13
78.46.85.162
82.113.101.132
84.200.5.215
85.114.159.118
91.207.59.213
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
01d665ea8eeb59da66764a223dd0b1c51cefd2ea19602b92f372b46b81591a27
051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
06fcec6e4efcad104fa5c203db8222811f0ccec5f5e00691931857032e5c7efc
076a495c35dd0459bc89ca7c0e41e3df926dcf1b6417c4746db91661fc78da83
07b4f2cad7cf3190654734460a7779988028e80b0bbe895a01d016a5fbbf8737
084af254855b572ff9e0a9dabdf939965d0fce14c35bc59ec3bbf669f46db57d
08b13e9bd202db706536afa6af63bdf52d90b660021f3eb3297f139d49ceb049
096530f6ea0a009a1176b10da6aef453bafe74262168bf70b253f92fa54c8cbc
0a302180f9bc9ae0ee882e6e00d42194e03b575ceea1157d0e706b2525b5c60d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ca02fac72990e728f0e9e35a31827150217c346157e5eb8cbcef15e2ebcc6ff
0fed71387540e635122ec14d3388e7042bc3d9e2323b884f9e3c3dff3a91a49b
100e91777465230ff0bb4bc3bc77919bca7fbad1ef3db6e2b120444eecccaf56
10db159beec8c943ec30743d0164a1bd093f36631dea6bd5d372a6f7409bf706
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc
13b372e2b0863964dd9db5375f4d591e07b213bc2cdb3c2730f4b7531e37a104
13f475b9e03b95b703495be8b6349d6673d2d954b57c51bbe5727fa2d35482ff
19e0b67132775a2bade81336bc279eef0b949e824a1fb61a132d9f50aeaf60fe
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1b954896bf8b9d1bf0261f148e0936a333af7484a5e14a124999c0df63cfdc88
1c8c3b357098a8321f15fe466f8c4780c66b16d4a89a94c51848da70a8c9ed7e
1e0f747495aabad9af0b329dc544f039e4fdc85c4236df97f236e03cb7c2695b
241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556
24631c39c0daf31d1af47e59c21461b617dffde481c0196213934ead19179ac7
2512558d33186fad2b9dc1ab14298f54ae7982fd4120d20aa081e2caa09d0969
26118521af76c02bcc66aa9cc30f3846c28f89cafb472a066e31a926911b7b35
262fd74571b20241b0506bdb49bccddce8305437ce67b136556cca4694bc2a58
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
27607ce059833d89e33757f9c609eddd6e16b2571f451c8e58eebaa6fca28a4f
291b64b8338385723a5648d6938bb10ee552d453a81bc7a6e8866bc9560a0187
2a73645879b5640812f5dd4caf1e59ece2ca93fe93849090edfc64604876f4d1
2a7605a2dee36609d3f20fed8c78d2f9ce0404dcf67c0adc41bfc422704a8283
2c36a1740bc1d43a47b89cb8f462ddcf28c6d8c05060b14d2eeed79850401b41
2e050b7f1da783cce5a7be35e632698dc49ca9013802a48414f080cc861b4574
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f7c29e46a5d39465d2cd1e2e13de3e7a87ed21cd99ca01371332d4600ec9e72
2fb9d0a062f3f0f927b7df8255df418814c6ebfe37bb18f3d8d5138fffc795b5
313ac0bd3ec8cd4aaf9b8a1d11335f0852592cf671c129bc6bbb15d7d1b8021d
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3368e90b1dd9b3619427ee06846b07bb55a38e77129d23f95c7288620b847a73
33bcc4ae8ad427ca347e1e26a3c8f9840ba13f35f9ad0e47a0830a26409558de
3656a15190137a5ccb1e28c8a02d52e2fff6989f87c98090c493154545da518f
385a1f1f3189cd58add920c45fd141dbc95ec5badf58d98dd14464100cce303b
38743be62c3c6384da933b785f689933c1bc3b0fe33af64d40027ca84d44a834
3a25a935d6eb096aaa7ffcce2d8d136efeb7e816554ab66776bda54cd68f6509
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed0e45f8d183566a84ed1ea28ae3520dc3539e5c8a6fe0b581627dab7f56d21
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7
40848c6a73d95d40e4e72a6cc045cdb17fc2f0597fa0b4e66644ef1561f916ff
40e0abb4ea1c6939f435018be2ed0eb094e125d72897af16e089acf3602f8f88
413ba49bacb91bd3138d6dc09319eede0c983fc45e25915fb62c26f58d87f9b4
41fda325ddb8facb9047eb62577313cd8a2c40e2362ed7d4b4e74528fdfc933f
4261830bfb35520d06bb9377708fbe2c09d6c9f02a795a4527f9c7127561377c
4468a542db9ce765e14124f6e2f764ca5c83c07e2a5f35f75c0d86103603a4f6
44eed2267226d833c1bcf7ac9c22e3eac37854cc8a29b2d5b31f55202b26b52f
457e03a28ddee72006bf009b56c2787c2d9114693fe108d75130f48d81f19e7c
4613c96134e35717eb618fc97d7bfb500262dbf9d97c9e23d7af5883191e0102
477207c82a97eed3741cf484816b7c89885e1bfd2e55dc5302524c2b60089510
479dee5a43f5b229e97220566d7794ae9851b20e5fe336443e5474e2d68280bf
47d52142995562cb3ca7041f6f9655b9e27f1334cf6308ba4b7a1872d0b245cc
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
4890e5b7eb989f05cc1d732c5234a5262b834a7346032609aee3342fa4481f3d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
49090c57c6ae2ee7b23a3a774bd2e8a36234907d259afb693adc74ac4e7a8855
4a8ca5410056865c939c9a2e387de0e5bf6caefe11b952fae8f278d435a1c14d
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4bd854a9f3ebad6b4fb0a218e0ec267bb476cc304e5164d5ad82f287ec64b3ae
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4d7f9743fa348b074c0b3c174bb7c816e967d0cced94d8706f339685889baac7
4f08e97da466fd47c68bc8697ad4d55cb9d90b5cdcfb52f0821f7b3a318169e9
4f7f49fcc4a983c71ef7655177aa6284d3ab2d2602bec2523f95de2cc3f48b40
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
505da6cc307a0d76869801bae0138a8094463314cc92863a153920136a57de45
51d050f01300287d2fef16479c54235fc7cbb547bb6f7bfb860d92ba5cc37532
52c01e873e5b1680e54cbfd57dcfb5df97a056c8d2bb5f3ef17cd0ff40f60b22
5324d408309ab64919f322e40a8eca21afa787f42cbfca58494bb8741f91e964
532cb27bb136f201aa1a2f5078f6420b8a56745002cead186510c7d9c0ef2b88
5561a1664911e01e2d30903b3c2ff0a2ff1d031688f8c4b4dc108cdcaf238c90
5875e3f31b21546abc711253279a237138e042a6fc8d37189afc6166e10e2ce4
5ad27ed9db8b2b9cae2d9c309dc825fab56dd206b54099e172299703085e22dd
5c0b6781c2413c25157d7f05cf5693932dd23c18744e771e48c24e8fd2d427c5
5c0d311aac850dfee3af744c1fc77002ae4299d8fd1aed6d45961cf0e7dfe3d7
5daa89cd4139169a652a65b7dcb6d5560e20b004b7ddfd4d217e5d96974bfd97
5fa975f0655492facb9cffacabc234cd303c83704b3a60799a8643964df081ce
6034e5ee0510f90b538cb59205702151396dda15fc431432b7fc95e4ecde8886
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
61933628047dde949b3bc30028784a760937e3bfb81a49c22e8bbb3e188cb5fe
61938731203d2e6048637f46c8e1fc963c2b4250aa48bf87d6c697d0a158c9eb
62dbb0b4a976523372beedd3a017314028239b6ee73eae6b8c59003d4ae0458d
631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25
64289c77638a8b2dd314e8ca26b3da3e15172b4d5b07ad39a2d31bebc386a719
64755916bfcc7b6b2d39982af788b37ee5ea30c6763fac8f3248e9bb79184c43
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e
65062a8b5c46a8d0d6467b94e7047f9de07b8375fe009e0e101a0f1328a839c9
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
6701b217489fd9cd7664822a0a08a93f60b4eacb89b04f72232b83913429bc13
68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a
696dbebe21edbe3c98e74ff84939b241da4b6235f64cf3ee3dedc8062b1583b7
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
69bdb96417cb215a9d39bcc5b1c3349b77fe5ded27f8ce8eadbe6bc0950295cf
69ce34da3624469b20eda77ac3a70edbb70eb673eaad906f0eb4def0cf660a41
6a791a1b6056a6f28fe7db5641b4cfcf962c025a5abe553cbae468b6b1aa08f9
6ecbdfe935f4bbfb706ba4f72627a25bb07e728069afe89338c5404669377c08
7048198560df757d3fb92ec37b29beb7f2ce5164f4bb91881d265a572c5708f6
704da48d5b3f4bfee21c81011f872b25b103573eb084649e7f7a0fae626cf91b
709a17b3c7dd76a90f0481730ba8c06ca43f25bc29d7806d63dd8d035a1871df
71044970e802b0cf12ff5cb2e20a5910192e473a2968385f99c2987d3a4d0231
71fa4f65cfdb2fc305fbd468d04b4de0e66d29fad8e2ceb00f3b45400e12c0ac
747dca55f3574e0e2e2018f1e7ade84da708f8311d4ef6be6002b20b62e7a5ab
77677515e68f42d83b9e5e307489313a505bd883d271c13a45457c2182e1d99f
77bcfc717ce521c6cbad20e6024ceef0ec185ec46649be1712d1b623adf03880
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
78aa3aa1f9c6d18b973eef072a1aea8791fc49cedb3e3c9a925773d819a4781e
7ab45c56aae1128da7fce45215deefa926ab040adbbbe2c7cc38450bc17ce7d8
7b6a813c482532a65dcf60f04ced05766145b33a2b90063bca32cff6548f5778
7c118a310fc1d51f3d625dfcafe48532dac304dbc14b1a33572e7d15706a9118
7d49abbf71fb284004d438dc67735e7458f3d7c7fd9ae65e324ddc17413d86e8
7df31e4733b865c23a80d130d486123997faeba4e02be8a1853b9e6bf6304ede
7e596f20e4a58f3d7efe66ed56d6546b51f1d3b31995bebf279f62f6c46be7a5
7ef3dbd4ca9faf2fa20400e088d2c36969c9ccb5631decd1a3a0f4c8bb91ec94
7f884a9e28b795c31f1ee006fb65236f6db89c36be4b8f2e80171925df7c250a
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
813fa733b750e2c72ac80fbea1deaa1ef56e6fa35e4b1ae53a79b97f057b3910
81b3eb7b9b53370b135c51c8872c49b5bd8a64758884508ce0485fbfb0a96c42
81cb17391f926236e3ec7b1265a405e29be35d8fe932905149488402cd93cd5c
81f128557c130233e4a323d6e6a8db5695406de666c6e552510dffa23a4bbc24
823a0e0f5431b532cd44cc7f37ba79667d89c7ab4bb7360847a6b77dd6bcdcbf
82871cb36d8c4111339a96f648883f57fc559aa8dd9ab05aeffb911f3ffada4c
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84907bb5ce5a7dd0c2c4589145cca44742c19b311d656755810517f0f138c6cb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
880b0d5c6cc140c8340ac0a5ec769abcedd36a40a54f307ff213c42b8e0df99b
882abb0d23f884ba343ce89cf0aed22164916345537120a5afdf53a3ef9fbb67
89606a78230b37d48cc989c3ed2e95538c259559c409db625d76a13267507d57
896cf3346496edd4818b0c4416a75906dfca3d1fc64b537c5abffe052ca647ee
89fc111ae2ffa1e972be07be00dd91ed48ba295afdc625438186159d04fb1cf1
8a13fb8261a9d8d1e41d705f921753d3a66dabd6ac90849a1a7a9efe25deeaaa
8c8b9c9d93c9c1fbb0228d3ce1161dc18b9439b85b8d8320bd435d585ca65250
8d07be28312a414a182aece0bf82b55bdecbca0a3a2094d784f3326fa87b05ef
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e03e2a17b3a13f4d92f645d5a352973db7d8f430e27097a1f776cbe4be9742a
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
93aaa6beafa756a441dbcff6a9af23ffbfa2d057d18eb412e3e6892434ade16f
93cf91407923a2c77bdf11879b36b1c7507ae277f5538fd727b4114b15948c70
93d81838023c62940eac4372f27459bdfadb1b2dee20ba67a4ee6962e69dade4
9437330a068bc501a2c027e44d44ac56f0a6d65fcd24b7b371a3510d52315e95
94daffa6d63f891fd4b7bb558e8438b8e15d0019801d0e2a442e36db48153cbd
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
988198efc2085822c472b6bdcf09c93384f89ae53eb934f9432ba12903907ec6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e2dd137dd89ec831ca44d2d1a640f2c681700edb6c7fa4d638e6d0f52bb1e61
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1787ab8d40da449efdbdf1f7b345f0b0371b1a63487e860a61454ee04881832
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a461bd4b17917ded8236779772e1ad83836eaeb62e2e89d5fcd0e5c3263fa263
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4afd5fee7e1aba29eb04bf1dcec40ed6df475e2c1ed02fec0ef99bfcd1a8990
a52995d1eb5aea06a7b76d2c6aa8d4a8d7dceba3d112ae8a406543512232fc96
a5427d66ff82e5d0deedccb5f7f701aeed58df68ab3298e872f1200e4dd96cb6
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a643e1831e2eeae41225ac5eaefc0e4392eb9813687a2bab3c20140211e0b5b2
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a76138e20faabd59089f5f82cf5826f96a1f6acfd355eb05cd52d8baf4ea05a9
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
a7cc6468b5795829f0c09021c3300035bb3831cda0ef69e2b5a4efa2cf463432
a7e5281574e6e5ba28b107dec9fa7c070dcce1a426efe96a2f4bf584bf49914c
a99b49f6d75d4331a8b852638fae0d5622bf16cd386f6e6515faccd9e9613794
a99d6394646da60d3f67dd7c7abebf9262d443446eaa940b5a9c10d508a0c28b
aa12553670d364ca41d3b6208081aeb622080fad742d3f492379630a8c3f6688
ab5560bd8499ddb4360addde9e482174031a640e62c9d2f2c88cd065a57dfa5e
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
af99bd04fa76e903683f0c2ad030cf2bcde3a17e19113a7d7d51b4d48928ee59
afb58c8bdc1998c8ee55565638d73bfc69f9dde1f7c8c61bbfae3683f2be57f5
b07078e1d217db7542348cd323f33a5086dc04400f50873614ab2011f85a431c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b48107b94a47d728c596c027a3b8cddac923523892124095b7089142976e185f
b52e648cc1409fa9366dc3dcd7a5a18ea6f51222b1af64a7ac17c79cf25ab6a1
b5a0e6e2fa3625713132fdd57a1e0bdc847927c9c26ae15fc93bde02fd4269e8
b69967c0d0795c59adbf5770fb6891760d3b8e2d0934aa54a165ae44de87447b
b8a0b832427239eb43b492a22a969e4c892593eb19d85504c5713a413ed48452
b905788fcdcfdf44675d26d55de9ce8f23e0e0768433c7e67693ff78101c8afd
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
c2c961f9ca5a5911105bbeaba9857838c6a061764c0c4d3b9ead322842d540fb
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
c5033c550a9e9f128815eb9546e4ebb571284f53cebc6e12bc568777efdd8953
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5edccb0da5837f7f09fd780c4153631276e054592641ff5a7fd1f856fb8bdac
c68f11353b82b40fce102891589900c36c6b1e7dcfd7eaed59d329655d0b0b86
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c71cf1c852a3b6f41e35c3c13e0ced73d2c1d8fdf5026f36b6b5ccfe012ded75
c72549f71592898dea7e587d9774c5f35bd4e3acd80916b8f9a2c71019a7db4b
c896b3c3ed1eac859c4cb0f8ec3c8ce899dad6056dc4eae46901966af0fa51e3
c90a116c464866630f6296e9538cd46c23bd74fe16167259781cf9e559bce1f3
c921d597ce0bdc38edf3a39e4a49064b50ebb188aec23d078ff8950ab8de37d3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af
cd42bd6edf633812dfe233f63c11f2edfbf216e6e70d3aaadc4e0046d6352b5c
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1242e277f47a2a995145bb8e7833540318a9e39583a46fd13c1f86ec3a455a6
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d21caa1f2d673d9c4c9fd5b9135a25482e2d43510825f5eb9e01f46eb882eb23
d2d688afedee2facbb82380151f061c32f513f97ab4c82126da8fd504f89e527
d44098ad9d6a41ceb2e9a545b4cb75ea9838aed851b0e7ad54da33ac282c4110
d4ab582a7d4f13d53d24ff435e8225666bbd0541edaf5149a88359fdf5fc77c0
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da07037d6ee41cb7085b2278066dbace51b9922c562069b100ec72c1c1df840a
da8a860ba8620ad47b5700943e6d4a99a01c033b8b59aa4684b31f2f0ee98104
db4d9e3404ab026c8c936501189065b5306b06a020074319e65c576fee62ad63
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
ddf930b10b42e5c71c3f755fbdb6493c310cb4a1fce6d7bd7717ec1d863675f8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e326a55ab976f779958c7322915a65a56bf73c14b0924b8545b07abc562c5967
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1
e457a1f5c855a40b853c0f8f6421db58c3e7b443444389e3ac1cb128bb02fc97
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e53ce85d473549ff2e78cb85f4dacdbeee008dfc755c8c50eb92735a92405753
e53f4dbacd00d4b932dfc1492ba4a4aa4fe0fdf21a36247d8495b6c152cd6e22
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8993d39974a7d30c541d2e39e83edac73fbd9eeec51c1a48247ca69a89e5630
e91898cafbfceb433dc0d470a5dd7879612e49af30aacd467986b5aa72130239
e95829fa1e6cf74f092dd04142a372cb66a82156d12b60650781ae6f9c774d87
ea561643a794c538c2cdc9c7388c70e1b6320c1a47f6f97eb7186406b4628346
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
eb2f5127deeb5be506aa1180377eb2070ce9aa2ae81da178a1be9e3811c2aafb
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ecba73703f7842ce16befbdcbc8a78b2fee971c6b74960904f8ce99b01dd7acc
ede2d6dce91de3e1e3327757caaed43e9fb2d4729f07c9b2449a697b7e6ad341
ef05bf8a415a04e48cdbacb52c7ad2ab37e6a9d4497ea2dcd0c4f281a118b403
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc476b6a43cab31464290eed24e58b2eeabc86b08c6f136298c8ae8aa3a13b6
f3099b61be93b3feba3b52f2c1e0eeba8bee41448dded7b52b0e37721528ec43
f52e9bc44b650b2e7dcfde527f74f7ec62b85876164333239d586b817020c370
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b3330e882d2801191a7e880030830a551633f8334e0e819d064eae2a41dc1b
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f82689b2e3f582299f166f06fd184549ac2ad49d9ef9fd9353570d114054085a
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
f8ce0d868b04686994caae0a66bb97f3975040018ea07d497fe89cca2f88d366
f9336ae85e841f52b759c04c50c40ff743a4c82ab42f2bf5627ca8123de4c625
f987277481bdb5e15f013fbb0e7036478e6f820c0a6220f68e4726779ca883dd
fac25896839ed33b7473c4590b00d27221ca6d4ea84a37f6e0a18506231eeda9
fb3b2320d479040eaa88bae6c01bbe1f14d3976128b154163bcd7f79a9a7336a
fc9ad79d604565d5791a1dca11d34f02262c37f977ce37ed55e4bdaacf34385f

www.tvnotas.com.mx Open in urlscan Pro 2606:4700::6811:8936 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

518 Requests

89 %HTTPS

34 %IPv6

76 Domains

111 Subdomains

66 IPs

11 Countries

11364 kBTransfer

20835 kBSize

80 Cookies

26 Outgoing links

Page URL History

Redirected requests

518 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tvnotas.com.mx Open in urlscan Pro
2606:4700::6811:8936 Public Scan

Screenshot
Live screenshot

Full Image

518
Requests

89 %
HTTPS

34 %
IPv6

76
Domains

111
Subdomains

66
IPs

11
Countries

11364 kB
Transfer

20835 kB
Size

80
Cookies

518 HTTP transactions
19 data transactions