ya.co.ve Open in urlscan Pro
198.54.116.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ya.co.ve/
Submission: On February 06 via manual (February 6th 2023, 2:41:01 pm UTC) from US — Scanned from DE

Summary HTTP 265 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 10 countries across 47 domains to perform 265 HTTP transactions. The main IP is 198.54.116.103, located in United States and belongs to NAMECHEAP-NET, US. The main domain is ya.co.ve.

This is the only time ya.co.ve was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	198.54.116.103 198.54.116.103	22612 (NAMECHEAP...) (NAMECHEAP-NET)
26	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3037::6815:5653	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
6	40.114.178.124 40.114.178.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3030::ac43:d31d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
20	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
51	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 28	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	213.155.156.164 213.155.156.164	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
2 2	52.29.198.232 52.29.198.232	16509 (AMAZON-02) (AMAZON-02)
4	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 1	2600:9000:223... 2600:9000:223f:5a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.73.214.250 3.73.214.250	16509 (AMAZON-02) (AMAZON-02)
2 3	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:d8ac:1edd:aee1:32b6	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	142.251.208.102 142.251.208.102	15169 (GOOGLE) (GOOGLE)
2 2	104.103.100.111 104.103.100.111	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.42.68.116 13.42.68.116	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:19b0:b513:2440:3cab	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.50 18.66.15.50	16509 (AMAZON-02) (AMAZON-02)
2	18.169.219.247 18.169.219.247	16509 (AMAZON-02) (AMAZON-02)
265	39

18 198.54.116.103 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium34-4.web-hosting.com

ya.co.ve	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:5653 (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 40.114.178.124 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

icons.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

gloaphoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d31d (United States)

ASN13335 (CLOUDFLARENET, US)

inklinkor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.164 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.41 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.198.232 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-198-232.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:5a00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.214.250 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-214-250.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.120.206 (Hessen, Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:d8ac:1edd:aee1:32b6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.103.100.111 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-100-111.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.68.116 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-68-116.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:19b0:b513:2440:3cab (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-50.vie50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.169.219.247 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-219-247.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	790 KB
52	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 ad.doubleclick.net — Cisco Umbrella Rank: 184	300 KB
32	gstatic.com www.gstatic.com fonts.gstatic.com	891 KB
18	ya.co.ve ya.co.ve	124 KB
15	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	95 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27638 ad4m.at — Cisco Umbrella Rank: 9391 assets.ad4m.at — Cisco Umbrella Rank: 39464	573 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	481 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	9 KB
6	duckduckgo.com icons.duckduckgo.com — Cisco Umbrella Rank: 145941	27 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 733	2 KB
4	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	300 B
4	rsms.me rsms.me — Cisco Umbrella Rank: 12151	307 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19463 api.webgains.io — Cisco Umbrella Rank: 57676	31 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 725	825 B
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414	1 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1733	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 568	2 KB
3	blismedia.com 2 redirects tr.blismedia.com — Cisco Umbrella Rank: 1836	585 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 409	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 748 r.turn.com — Cisco Umbrella Rank: 3187	869 B
2	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 15368	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 507	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 592	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416	1 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1634	485 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2166	791 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4143	653 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 767	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 84938 static-de.ad4mat.net — Cisco Umbrella Rank: 113105	4 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8741	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 58936	15 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1854	297 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 47375	2 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 57500	671 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 82288	549 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1006	356 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	576 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 685	445 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	863 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	601 B
1	bedrapiona.com bedrapiona.com — Cisco Umbrella Rank: 46859	454 B
1	inklinkor.com inklinkor.com — Cisco Umbrella Rank: 76987	25 KB
1	gloaphoo.net gloaphoo.net — Cisco Umbrella Rank: 77580
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	43 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
265	47

	Domain	Requested by
51	tpc.googlesyndication.com	googleads.g.doubleclick.net ya.co.ve pagead2.googlesyndication.com tpc.googlesyndication.com
28	cm.g.doubleclick.net	2 redirects ya.co.ve googleads.g.doubleclick.net
26	pagead2.googlesyndication.com	ya.co.ve pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ya.co.ve
20	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
18	ya.co.ve	ya.co.ve
13	www.google.com	1 redirects ya.co.ve www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	fonts.gstatic.com	www.google.com ya.co.ve fonts.googleapis.com
10	www.googletagservices.com	googleads.g.doubleclick.net
10	fonts.googleapis.com	googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	icons.duckduckgo.com	ya.co.ve
4	ad4m.at	as.ad4m.at ad4m.at
4	image6.pubmatic.com	4 redirects
4	ssbsync.smartadserver.com	googleads.g.doubleclick.net
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	rsms.me	ya.co.ve rsms.me
3	onetag-sys.com	2 redirects ya.co.ve
3	c1.adform.net	3 redirects
3	tr.blismedia.com	2 redirects googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	secure.adnxs.com	2 redirects
2	www.awin1.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	sync.1rx.io	2 redirects
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	match.360yield.com	2 redirects
2	d5p.de17a.com	2 redirects
2	um.simpli.fi	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	r.turn.com	ya.co.ve
1	ad.turn.com	1 redirects
1	track.webgains.com	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	s.ad.smaato.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	prod-rtb.ad4mat.net	ya.co.ve
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bedrapiona.com	inklinkor.com
1	inklinkor.com	ya.co.ve
1	gloaphoo.net	ya.co.ve
1	www.googletagmanager.com	ya.co.ve
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
265	59

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-20`	a year	crt.sh
gloaphoo.net R3	`2022-11-28` - `2023-02-26`	3 months	crt.sh
bedrapiona.com R3	`2022-12-13` - `2023-03-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 37 frames:

Primary Page: http://ya.co.ve/
Frame ID: E7A1DD0C80983506299ECF0DB9F95E00
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
Frame ID: 4EE8312EBCA55F36AE694B55C69BD61F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0&co=aHR0cDovL3lhLmNvLnZlOjgw&hl=en&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&cb=e8gbqnic1m8
Frame ID: 991A4E4CDB169C200B0F7B8858391D37
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&adk=1812271804&adf=3025194257&lmt=1675694456&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x540_r&format=0x0&url=http%3A%2F%2Fya.co.ve%2F&ea=0&pra=5&wgl=1&dt=1675694455974&bpp=7&bdt=749&idt=351&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5674341855858&frm=20&pv=2&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=377
Frame ID: 42082B7A4301313D1BAB909AA2AD7CB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1678500048~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694456&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694455981&bpp=2&bdt=755&idt=376&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eNgYjAy4lb&p=http%3A//ya.co.ve&dtd=379
Frame ID: 641725F31D88C571A5CE43A0F1B7C7FE
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0
Frame ID: E94890104646B25FC64D09A7BD29FC94
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=1347205284&pi=t.aa~a.2433027837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zjoFU5oKBh&p=http%3A//ya.co.ve&dtd=6
Frame ID: 8171F396C11962B947D34484E46A928C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1418185256&adf=667648791&pi=t.aa~a.2433027837~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=GVPLPopkaZ&p=http%3A//ya.co.ve&dtd=10
Frame ID: 7A15013D1EDCA3751AD99C9669E62C3D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13
Frame ID: B77A184208C7341B575966D7AEFD9220
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15
Frame ID: FA777EA3EFE7178CB8FC24C1A9F4250D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=90&adk=3249661183&adf=4046099473&pi=t.aa~a.2104307421~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1108x90&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=0&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=246&ady=3998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=yB7MphqZb6&p=http%3A//ya.co.ve&dtd=18
Frame ID: FAEE11AAE02634EED8120910F6E80804
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Frame ID: F0AE7355159C4752595FF9BEC60B2B02
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Frame ID: DDEF8B4B1C31086F2A0B31F57DA3AA89
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Frame ID: A1E9EAB71022CCE6908B59E9C856B1F4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Frame ID: A4169D4F4D20A6C90476E5BA7F10BF08
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1159B3DFFEAEDD2DEEA8CBE15FFFE367
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6C8E8AD601502F2FE007266F62B866A3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: BE8735DCEBB33C3629D2D196B25528F2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 17ED33BD54CB22CDA83DB67E484D2F70
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: B45B5C745255E42BD8EE45A982E54921
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: E8580E84CD48F73CE69F9B17167960B4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 0289ED4E62ADDCFC6C4258227C47D399
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 62897F3DC4F0E12E8572AA11BD7DF67E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CcfseeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEtQFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci0w65_sREDNcqe_aXqS3BZUMBQ2Lu5980m0Cc20SUUS0Rl4c8R6A2gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTExNzg4OTk1OTY0MzM3OTYYAA&sigh=IyIBdX8eTAQ&uach_m=[UACH]&cid=CAQSOwDUE5ym-SV4rzd31QEFSNKWXnRhwkNbi-UUXqA5maTixNBAuZDin2e-usyHaNqJA_UcEAegDwMlqqBNGAE
Frame ID: D467B7BF757567D155EA33EDE4D67141
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gg8pzh2qym3e6cqyb0mk2j4qe3nm0gpw22xx800z3239zb5drnxvf898c91xj69gty9m0ad8dxwhhd8g1t599rd6gygks66vxz0m470zhb0k20bc90c8t58ms49zmy4y1ympfvm7735kytbf846mj5ckd7dc86btjw70ehm5ajjxxnbc1rf0559j3zdk7x0488sarw0mywa61x1y5w0j89272svnxvqs87y28eca8v5qqn02vqfdh9912y7acva77k9wzwgbtt9dydp2hv085pgwpcwzx5zytmb9ma876885rnsp9ch7fhzpfzwv08dyf2vpzeyh7sexnsjb835djr41q5gm1x6mxnkttsw3ksq8r6wbn00q3877c9b06f8ryxqsjntkvq5j6122y13j3m5krs51nv0cgtgkw6g0ekyckjexvy4763s35b0e0ghr1bcv64g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%26client%3Dca-pub-1178899596433796%26adurl%3D
Frame ID: 94264B14E8B82354805FC5706D4FC942
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 34F1D8A58D79093E0F779EFC45E243A6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 9DD146EFDD873A193D41836CEE329A5B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 85ED5D5571136C5F9489D62101BEF378
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C7962418964E9966A3A3ECED9F15B074
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 76ECB1C3F58B71ED53FB8F8A5F8755AA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: C2DE35B3772B05A577EC1CB8B4DA7DE8
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Frame ID: 6ADDC7518F3661F0286A50186D3DD656
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: B01A4F007D41FE51E2B18D616D4FB459
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1800DB1E8D31E463A9F6FACCAED7A11A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 407F7164D7BE9BC1C904DAADFFFEC470
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A9FC2EACB43ACE4FFD4DA6F79B625AE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1458BE3D574CCC6013C23EC4F8EBC337
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

YACOVE - Acortador de URL - URL Shortener

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

265
Requests

83 %
HTTPS

46 %
IPv6

47
Domains

59
Subdomains

39
IPs

10
Countries

3743 kB
Transfer

8430 kB
Size

44
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/ya_co_ve

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 134

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 160

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAtetY57uIyPat3E0fFmCig&google_cver=1&google_push=Aa02lx_xo0T5_lOTnQVoUhYOhUB-kJulRluF6lYped_rmsU6iRVOwxA9Mgg6lw7LtvfOGGjGk_zkCbbannAXVTWCg7SjZ-QOXbiOFKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_xo0T5_lOTnQVoUhYOhUB-kJulRluF6lYped_rmsU6iRVOwxA9Mgg6lw7LtvfOGGjGk_zkCbbannAXVTWCg7SjZ-QOXbiOFKQ

Request Chain 161

https://um.simpli.fi/gp_match?google_gid=CAESED0oiLPfPKdUVrlsgiBh_BM&google_cver=1&google_push=Aa02lx-K3HJInEAJczK6JUncLQw4jLo5uJMTN2mRjXOyencS8CfnOV-mqga9fKYtQki-JmQEvh3xQrqf58OYWXSdSBcQYlD_CxkaQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4F1E925D03A44F2BBEADA8254A8C7DE&google_push=Aa02lx-K3HJInEAJczK6JUncLQw4jLo5uJMTN2mRjXOyencS8CfnOV-mqga9fKYtQki-JmQEvh3xQrqf58OYWXSdSBcQYlD_CxkaQA

Request Chain 163

https://d5p.de17a.com/cookies/google?google_gid=CAESEGvJ1F1q_e_VnHoi1pkkcgA&google_cver=1&google_push=Aa02lx8h-TWwgrd3r6Cfh3Yw6UrU5Ashu6wUt28OTwXoHxX8Lr4MfzFSaxnjadD5BhKLTuiJqM068RACJY4V1BclLVfdhTwE_DSz4jE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGvJ1F1q_e_VnHoi1pkkcgA&google_cver=1&google_push=Aa02lx8h-TWwgrd3r6Cfh3Yw6UrU5Ashu6wUt28OTwXoHxX8Lr4MfzFSaxnjadD5BhKLTuiJqM068RACJY4V1BclLVfdhTwE_DSz4jE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8h-TWwgrd3r6Cfh3Yw6UrU5Ashu6wUt28OTwXoHxX8Lr4MfzFSaxnjadD5BhKLTuiJqM068RACJY4V1BclLVfdhTwE_DSz4jE

Request Chain 164

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBsZRMDqdPeVa3UqVGCgw10&google_cver=1&google_push=Aa02lx-8DM7unDQWtdINL1epyU1fkaHQPGZQ2RMYhQdEvvGUUONUL5Vm3a54hEsJguP96Rfa6dqBe9qhuT20l3gA9ngSYLsb7t5u6Q8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBsZRMDqdPeVa3UqVGCgw10&google_cver=1&google_push=Aa02lx-8DM7unDQWtdINL1epyU1fkaHQPGZQ2RMYhQdEvvGUUONUL5Vm3a54hEsJguP96Rfa6dqBe9qhuT20l3gA9ngSYLsb7t5u6Q8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxMzk4NzkzMTE5OTQzMTExMA&google_push=Aa02lx-8DM7unDQWtdINL1epyU1fkaHQPGZQ2RMYhQdEvvGUUONUL5Vm3a54hEsJguP96Rfa6dqBe9qhuT20l3gA9ngSYLsb7t5u6Q8

Request Chain 165

https://match.360yield.com/match/ebda?google_gid=CAESELGSs_1dIuCDejSLZj9u8Yo&google_cver=1&google_push=Aa02lx-3VjXa6681HsicwWeyYMXEFeVbRU-ZUDY77NTVXRDty4dVYJIAFW53_3POJTdLMwiG0Pj0oSN668eiO9Zi1gWweekPQCn6PQ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELGSs_1dIuCDejSLZj9u8Yo&google_cver=1&google_push=Aa02lx-3VjXa6681HsicwWeyYMXEFeVbRU-ZUDY77NTVXRDty4dVYJIAFW53_3POJTdLMwiG0Pj0oSN668eiO9Zi1gWweekPQCn6PQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=5zIejmQSSxKgkKr2L47cRg&google_push=Aa02lx-3VjXa6681HsicwWeyYMXEFeVbRU-ZUDY77NTVXRDty4dVYJIAFW53_3POJTdLMwiG0Pj0oSN668eiO9Zi1gWweekPQCn6PQ

Request Chain 169

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOh3VFT1qt2XDkTpXzpp5_4&google_cver=1&google_push=Aa02lx9WqDRhFCHq74Uzme1m0moirxsGW6i4AOP9-eBLiWY2IRDVVvExsrf_2nZxz26NwZPZrySGK-VjYJTZOq5QjiXua8krO0KB3w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9WqDRhFCHq74Uzme1m0moirxsGW6i4AOP9-eBLiWY2IRDVVvExsrf_2nZxz26NwZPZrySGK-VjYJTZOq5QjiXua8krO0KB3w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOh3VFT1qt2XDkTpXzpp5_4&google_cver=1&google_push=Aa02lx9WqDRhFCHq74Uzme1m0moirxsGW6i4AOP9-eBLiWY2IRDVVvExsrf_2nZxz26NwZPZrySGK-VjYJTZOq5QjiXua8krO0KB3w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9WqDRhFCHq74Uzme1m0moirxsGW6i4AOP9-eBLiWY2IRDVVvExsrf_2nZxz26NwZPZrySGK-VjYJTZOq5QjiXua8krO0KB3w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 171

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFCWgECyG7b2-WNtPI2lh7A&google_cver=1&google_push=Aa02lx_IIoUvB1YARtfIxIBnHPdAYYxMuUIeEzYFpgOwNxKSC256mHfVDSDnnfmC1u9O2PW3KnILyLd9-tj7sonmMRx5soM7MVO-gA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFCWgECyG7b2-WNtPI2lh7A&google_cver=1&google_push=Aa02lx_IIoUvB1YARtfIxIBnHPdAYYxMuUIeEzYFpgOwNxKSC256mHfVDSDnnfmC1u9O2PW3KnILyLd9-tj7sonmMRx5soM7MVO-gA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_IIoUvB1YARtfIxIBnHPdAYYxMuUIeEzYFpgOwNxKSC256mHfVDSDnnfmC1u9O2PW3KnILyLd9-tj7sonmMRx5soM7MVO-gA

Request Chain 172

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE9d-fRfUnF7h5tjnadr3V4&google_cver=1&google_push=Aa02lx9vm93YiAzWPHfmE5uzV655fcqbqr8cR2ncwhz8_D2VgOJJ4QUYBQ-8C3wBdHqEc3vM8g7e0mK8Wf7PGz9dKEJPTvWbtaV5Wg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEE9d-fRfUnF7h5tjnadr3V4&google_push=Aa02lx9vm93YiAzWPHfmE5uzV655fcqbqr8cR2ncwhz8_D2VgOJJ4QUYBQ-8C3wBdHqEc3vM8g7e0mK8Wf7PGz9dKEJPTvWbtaV5Wg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE9d-fRfUnF7h5tjnadr3V4&google_hm=Y-ERegdKp35XVs1G6EgLQgAABG0AAAIB&google_nid=index&google_push=Aa02lx9vm93YiAzWPHfmE5uzV655fcqbqr8cR2ncwhz8_D2VgOJJ4QUYBQ-8C3wBdHqEc3vM8g7e0mK8Wf7PGz9dKEJPTvWbtaV5Wg

Request Chain 173

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPipVr-lbHSn8mTN7gk9abc&google_cver=1&google_push=Aa02lx8AjbjuccG_nPLw1-CPoJHEGPjUR1CPByi-gh_-4_MDRdNMcLfRJRrtSXLnK0ztojm3ctZpbQt-2UiVLfuR-r0VJpXYWMGC8A HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPipVr-lbHSn8mTN7gk9abc&google_cver=1&google_push=Aa02lx8AjbjuccG_nPLw1-CPoJHEGPjUR1CPByi-gh_-4_MDRdNMcLfRJRrtSXLnK0ztojm3ctZpbQt-2UiVLfuR-r0VJpXYWMGC8A&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8AjbjuccG_nPLw1-CPoJHEGPjUR1CPByi-gh_-4_MDRdNMcLfRJRrtSXLnK0ztojm3ctZpbQt-2UiVLfuR-r0VJpXYWMGC8A&google_hm=GHJwvGZHjzbRHxjnQNucF7UH

Request Chain 174

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOewJs7ep0ADW_RvirVI74o&google_cver=1&google_push=Aa02lx_CnfqGknjnwKcTWHoQHbMaOWT7J67H4uLU1Gu2DcO_5XAE_zEU9aysojX0xTUN6IPyJU2Dzp7ovdmD965K7dYxn4h3xMyFFl0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_CnfqGknjnwKcTWHoQHbMaOWT7J67H4uLU1Gu2DcO_5XAE_zEU9aysojX0xTUN6IPyJU2Dzp7ovdmD965K7dYxn4h3xMyFFl0

Request Chain 175

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMf6dcYSzBQimH7DHx6FmYg&google_cver=1&google_push=Aa02lx_5obacEPV9muhTCLGuppqhGSIDzBCMknV_Vl0NKYBlIg8_ghPprrDOwngFaIt5k-6t7zCIwyOH0pCEiOs3uVEzSyTqpIaG_gVT HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMf6dcYSzBQimH7DHx6FmYg&google_cver=1&google_push=Aa02lx_5obacEPV9muhTCLGuppqhGSIDzBCMknV_Vl0NKYBlIg8_ghPprrDOwngFaIt5k-6t7zCIwyOH0pCEiOs3uVEzSyTqpIaG_gVT&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WMTQ3Llg5RTJ1RnJJd1lSSVFyX19zREFKRHZtdTc5eH5B&google_push=Aa02lx_5obacEPV9muhTCLGuppqhGSIDzBCMknV_Vl0NKYBlIg8_ghPprrDOwngFaIt5k-6t7zCIwyOH0pCEiOs3uVEzSyTqpIaG_gVT

Request Chain 212

https://um.simpli.fi/gp_match?google_gid=CAESED0oiLPfPKdUVrlsgiBh_BM&google_cver=1&google_push=Aa02lx9FGZOBuYjosAjBNaVE1dfQbRNi9C0c4BKqBricb2kHD65KmnhAbk1lmA95rmYjfybUSGyqT7XljtCU50TX2OqBnFnoOQ2fhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4F1E925D03A44F2BBEADA8254A8C7DE&google_push=Aa02lx9FGZOBuYjosAjBNaVE1dfQbRNi9C0c4BKqBricb2kHD65KmnhAbk1lmA95rmYjfybUSGyqT7XljtCU50TX2OqBnFnoOQ2fhg

Request Chain 213

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJKV0YSLYP6H6p1AZgnFxEk&google_cver=1&google_push=Aa02lx-R4MrvgiEfTshZSYxYXibKuDSvn9ONNUTtQZE0Xx7wVg3NMfZPVl-C_9FKGjmAKOhUVkV1NohVA1Uh2WIpPynK_i6p-5qjcw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJKV0YSLYP6H6p1AZgnFxEk&google_cver=1&google_push=Aa02lx-R4MrvgiEfTshZSYxYXibKuDSvn9ONNUTtQZE0Xx7wVg3NMfZPVl-C_9FKGjmAKOhUVkV1NohVA1Uh2WIpPynK_i6p-5qjcw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-R4MrvgiEfTshZSYxYXibKuDSvn9ONNUTtQZE0Xx7wVg3NMfZPVl-C_9FKGjmAKOhUVkV1NohVA1Uh2WIpPynK_i6p-5qjcw&google_hm=WFMtg6A-RSuYDMx8K9nOSQ==

Request Chain 214

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBsZRMDqdPeVa3UqVGCgw10&google_cver=1&google_push=Aa02lx-qLtODC1NTNS-_hcGtuwEOrP95tzq5wbrkxfgHJeFkzIuUe0HSGpy1wHzBEGW75T4M5brZqb_bOc6WfOK4W7cXfuKsKmsaWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxMzk4NzkzMTE5OTQzMTExMA&google_push=Aa02lx-qLtODC1NTNS-_hcGtuwEOrP95tzq5wbrkxfgHJeFkzIuUe0HSGpy1wHzBEGW75T4M5brZqb_bOc6WfOK4W7cXfuKsKmsaWg

Request Chain 215

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBNwb0MFGlFgpQWgWafBEjQ&google_cver=1&google_push=Aa02lx_a80FxtN2G3RemMAwZR1-d5wC_1ta1M-RC5gs1XXYzU7PcSF2HL_qP_xaa-tkIymrZyOOa9o5NAxhRSyLM6_utjXuwYAQa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_a80FxtN2G3RemMAwZR1-d5wC_1ta1M-RC5gs1XXYzU7PcSF2HL_qP_xaa-tkIymrZyOOa9o5NAxhRSyLM6_utjXuwYAQa

Request Chain 216

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM79IFwD9dwEs0I7ukwDZjo&google_cver=1&google_push=Aa02lx9ZOFk5eIYSsbXd9MZ1STf26j0DJYTlrN_t0IJWh_GmrfeRLyniKZMLCv0FGJeQCLy9jwSjj44xVPgnvtyDiHoueQYfzkbSVA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx9ZOFk5eIYSsbXd9MZ1STf26j0DJYTlrN_t0IJWh_GmrfeRLyniKZMLCv0FGJeQCLy9jwSjj44xVPgnvtyDiHoueQYfzkbSVA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675694458736 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-728ffea3-4f0e-4f77-85b4-b04ae5e14e34-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx9ZOFk5eIYSsbXd9MZ1STf26j0DJYTlrN_t0IJWh_GmrfeRLyniKZMLCv0FGJeQCLy9jwSjj44xVPgnvtyDiHoueQYfzkbSVA%26google_hm%3DA3KP_qNPDk93hbSwSuXhTjQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9ZOFk5eIYSsbXd9MZ1STf26j0DJYTlrN_t0IJWh_GmrfeRLyniKZMLCv0FGJeQCLy9jwSjj44xVPgnvtyDiHoueQYfzkbSVA&google_hm=A3KP_qNPDk93hbSwSuXhTjQ

Request Chain 221

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH4to0hZjsmzVv0njtge3zk&google_cver=1&google_push=Aa02lx-PueF6UTZ5-9ItvpaYNQQCTPoURkJULEXECQyLEp31JMR9o39adj4CYZUMQODkn5DSXgOXdjb3Yr_ZMTCgp26DzObarX3Qkj4 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx-PueF6UTZ5-9ItvpaYNQQCTPoURkJULEXECQyLEp31JMR9o39adj4CYZUMQODkn5DSXgOXdjb3Yr_ZMTCgp26DzObarX3Qkj4&google_hm=hmPhEXpyp0r_u_sR-g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63E1117A72A74AFFBBFB11FABLIS

Request Chain 222

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEoL2EQpzimNXSN_WMjCT1g&google_cver=1&google_push=Aa02lx_ETUilTGq_2f6r4L3hURZ52f1KUSezywB2Rc1v0ku6BhJvoqhkT9S0sFVi1mGHWnvjIS4tT-MTctUEAlDOiW1cssq6FI-lSE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_ETUilTGq_2f6r4L3hURZ52f1KUSezywB2Rc1v0ku6BhJvoqhkT9S0sFVi1mGHWnvjIS4tT-MTctUEAlDOiW1cssq6FI-lSE0&google_hm=eS1HOTVka250RTJwSE1hdklWazFuRzNzZlRoc2lzNEp4Sn5B

Request Chain 225

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFCWgECyG7b2-WNtPI2lh7A&google_cver=1&google_push=Aa02lx9nt91KS31nooAud3IKBddLk_AEJmX47iDJ2Bo0YBF4vAd5wqL-95wTX1eDOrH-7u4XdQgHr9LSmxdQkD6-8ZS0fGPczWifKCI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9nt91KS31nooAud3IKBddLk_AEJmX47iDJ2Bo0YBF4vAd5wqL-95wTX1eDOrH-7u4XdQgHr9LSmxdQkD6-8ZS0fGPczWifKCI

Request Chain 248

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CI_Z6aeQgf0CFXXouwgdVSQMEQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675694459_4563e5a0-a62c-11ed-acb0-22645d5ed731

Request Chain 253

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1675694458_45436551-a62c-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 260

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAIQstS6XDGN_PJxaja1cyI&google_cver=1&google_push=Aa02lx_4NwhU8tMNqZCIXvz79To9zDPgKeyHj-Lt8dQm2UsG43gz1aZYzt2vDWAUadOZzmF7pMWO5s0D8sDacRlP-0kjRK2pggEZCw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUzNzM4MDIwNjcwNDg5MjM4Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAIQstS6XDGN_PJxaja1cyI&google_cver=1

Request Chain 261

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH4to0hZjsmzVv0njtge3zk&google_cver=1&google_push=Aa02lx8AIpSxjizOC1ynWOxOIdzT24tZnSuoIlWOyeNsPBu5CJbfm39UyJfInFjmG1p6_PSFF8J384Fe_pwmEyCcCalOMteVK12TFA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx8AIpSxjizOC1ynWOxOIdzT24tZnSuoIlWOyeNsPBu5CJbfm39UyJfInFjmG1p6_PSFF8J384Fe_pwmEyCcCalOMteVK12TFA&google_hm=hmPhEXpyp0r_u_sR-g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63E1117A72A74AFFBBFB11FABLIS

Request Chain 262

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFCWgECyG7b2-WNtPI2lh7A&google_cver=1&google_push=Aa02lx-QwjC2EFWsqpeDq4BAbZ0iz8OSKQ8pUXCO4bTmN6QwNN3ONq2aGdPu5TknxPJivgOEaZHG0YW8zBirTk1zlGy0NAZZNEde7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-QwjC2EFWsqpeDq4BAbZ0iz8OSKQ8pUXCO4bTmN6QwNN3ONq2aGdPu5TknxPJivgOEaZHG0YW8zBirTk1zlGy0NAZZNEde7A

Request Chain 265

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBNwb0MFGlFgpQWgWafBEjQ&google_cver=1&google_push=Aa02lx-NfQOoawjpcWzJ4z0gO5GKGzx3zHfg96f02NpsbKH2V9OaaHHTddnvk0XX33PMku11W6xftaWSsZ3GwuHFOV4QEYtNaL7u8xc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-NfQOoawjpcWzJ4z0gO5GKGzx3zHfg96f02NpsbKH2V9OaaHHTddnvk0XX33PMku11W6xftaWSsZ3GwuHFOV4QEYtNaL7u8xc HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 266

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKmV_Cqvpph8oLMkRILLhrc&google_cver=1&google_push=Aa02lx-N-3ewTfuemXMCR-na7Hkf8IYgQQi2Ji4fAUYjGKHMFTGPO6x3YxDuLXsUftMp-fwEn3Ecfh9hw0NYPuGALeJ8VW-kx7wYkQ HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKmV_Cqvpph8oLMkRILLhrc%26google_cver%3D1%26google_push%3DAa02lx-N-3ewTfuemXMCR-na7Hkf8IYgQQi2Ji4fAUYjGKHMFTGPO6x3YxDuLXsUftMp-fwEn3Ecfh9hw0NYPuGALeJ8VW-kx7wYkQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg1MDM2ODcyODQ0NTQ0MDY5&google_gid=CAESEKmV_Cqvpph8oLMkRILLhrc&google_cver=1&google_push=Aa02lx-N-3ewTfuemXMCR-na7Hkf8IYgQQi2Ji4fAUYjGKHMFTGPO6x3YxDuLXsUftMp-fwEn3Ecfh9hw0NYPuGALeJ8VW-kx7wYkQ

265 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ya.co.ve/ 127 KB
20 KB 411ms
260ms Document
text/html 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 3a1d788b819964d32bd9f8d5d0225a7be9f621479a811a1d2b55f6ac8186d161

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Feb 2023 14:40:55 GMT
keep-alive: timeout=5, max=100
server: LiteSpeed
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK app.js Show response
ya.co.ve/js/ 194 KB
69 KB 306ms
152ms Script
application/javascript 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://ya.co.ve/js/app.js
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0f5a5f43d8e1396449a739fd18ba0fdaca450859f97d82e53761256f050a4e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 13:24:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 70324
expires: Mon, 13 Feb 2023 14:40:55 GMT

GET
H/1.1 200
OK app.css
ya.co.ve/css/ 87 KB
21 KB 302ms
153ms Stylesheet
text/css 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://ya.co.ve/css/app.css
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 80edc9e43f46e7b2168bbaa7092c98cf98b85db231d9d334cf060b0b4a60b7d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 20:02:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 20851
expires: Mon, 13 Feb 2023 14:40:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
50 KB 210ms
92ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1178899596433796

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

861831a5c0962e90644a878e614f48f8076b9902a8d5f4cd046ff80a235b846b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Origin: http://ya.co.ve
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50258
x-xss-protection: 0
server: cafe
etag: 4698133004622051556
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 14:40:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 138ms
51ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117430059-1

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30776e71b000155b607daa63dfb1b0526e120458fc909a1da5a26ebf64676ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43880
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 14:40:55 GMT

GET
H2 200 inter.css
rsms.me/inter/ 5 KB
2 KB 48ms
18ms Stylesheet
text/css 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-fastly-request-id: 0d414b386689b03d4c059065a3073aef48c45c37
date: Mon, 06 Feb 2023 14:40:55 GMT
via: 1.1 varnish
content-encoding: br
expires: Tue, 24 Jan 2023 23:09:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 561
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-hhn-etou8220058-HHN
last-modified: Tue, 04 Oct 2022 15:53:21 GMT
server: cloudflare
x-github-request-id: CAB2:0C3D:7E002D:A46EA4:63C9194D
x-timer: S1674169377.308558,VS0,VE1
etag: W/"633c56f1-1490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDb4Yr%2BY%2BkvY11%2BM467HuoELOh%2FOjPfjj4fxNk8Ka%2B9E%2Fzrou3ddYw6l42m5f%2BjvdLjdUWOqZInI%2FKOdLFYE9%2BCQxr%2FJlUcywYN1rTeddcY5zx1HEiMFP0hIe%2FWhFBYxeD%2FjlbB0"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7954a4c95e246951-FRA
x-cache-hits: 2

GET
H/1.1 200
OK wQ0EDzYJv5Je3ZLtJjeSqpY1iUOAJfrZ3L2yrtfN.png
ya.co.ve/uploads/brand/ 3 KB
3 KB 159ms
152ms Image
image/png 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/uploads/brand/wQ0EDzYJv5Je3ZLtJjeSqpY1iUOAJfrZ3L2yrtfN.png
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 67aadddb523e357eec0c4a6c519d6a00df940242ac81e7f0170b83768f4aef44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
last-modified: Sat, 25 Jun 2022 00:02:12 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 2820
expires: Mon, 13 Feb 2023 14:40:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
873 B 139ms
48ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cad6dc25a593ca6887a2698a08246928b73f9d4dd714976a4990886d8b6dadce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 553
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 14:40:55 GMT

GET
H2 200 apple.com.ico
icons.duckduckgo.com/ip3/ 22 KB
3 KB 65ms
14ms Image
image/x-icon 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icons.duckduckgo.com/ip3/apple.com.ico

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e4bdf72e2f803f7e19907c12f407ac7f7cd5f1f94bfd730b9be24b0d49191b48

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
content-encoding: br
x-duckduckgo-moreinfo: See https://help.duckduckgo.com/duckduckgo-help-pages/privacy/favicons/
x-xss-protection: 1;mode=block
x-duckduckgo-locale: de_DE
referrer-policy: origin
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
expires: Wed, 08 Mar 2023 14:40:55 GMT

GET
H2 200 microsoft.com.ico
icons.duckduckgo.com/ip3/ 17 KB
2 KB 66ms
16ms Image
image/x-icon 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icons.duckduckgo.com/ip3/microsoft.com.ico

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
content-encoding: br
x-duckduckgo-moreinfo: See https://help.duckduckgo.com/duckduckgo-help-pages/privacy/favicons/
x-xss-protection: 1;mode=block
x-duckduckgo-locale: de_DE
referrer-policy: origin
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
expires: Wed, 08 Mar 2023 14:40:55 GMT

GET
H2 200 youtube.com.ico
icons.duckduckgo.com/ip3/ 1 KB
2 KB 77ms
27ms Image
image/x-icon 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icons.duckduckgo.com/ip3/youtube.com.ico

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
content-encoding: br
x-duckduckgo-moreinfo: See https://help.duckduckgo.com/duckduckgo-help-pages/privacy/favicons/
x-xss-protection: 1;mode=block
x-duckduckgo-locale: de_DE
referrer-policy: origin
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
expires: Wed, 08 Mar 2023 14:40:55 GMT

GET
H2 200 messenger.com.ico
icons.duckduckgo.com/ip3/ 68 KB
17 KB 79ms
29ms Image
image/x-icon 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icons.duckduckgo.com/ip3/messenger.com.ico

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

ace07af67895a64072c91508f5908659c7b573bbafaaa1f22ad05208fa563492

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
content-encoding: br
x-duckduckgo-moreinfo: See https://help.duckduckgo.com/duckduckgo-help-pages/privacy/favicons/
x-xss-protection: 1;mode=block
x-duckduckgo-locale: de_DE
referrer-policy: origin
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
expires: Wed, 08 Mar 2023 14:40:55 GMT

GET
H2 200 yahoo.com.ico
icons.duckduckgo.com/ip3/ 2 KB
2 KB 77ms
27ms Image
image/x-icon 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icons.duckduckgo.com/ip3/yahoo.com.ico

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

c6f7ee2cadae2e121342a8c4245141175bfe887776206deb17149d46cf3aa827

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
content-encoding: br
x-duckduckgo-moreinfo: See https://help.duckduckgo.com/duckduckgo-help-pages/privacy/favicons/
x-xss-protection: 1;mode=block
x-duckduckgo-locale: de_DE
referrer-policy: origin
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
expires: Wed, 08 Mar 2023 14:40:55 GMT

GET
H/1.1 200
OK us.svg
ya.co.ve/images/icons/countries/ 4 KB
1 KB 154ms
154ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/countries/us.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
content-encoding: gzip
last-modified: Thu, 02 Jan 2020 12:18:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 964
expires: Mon, 13 Feb 2023 14:40:55 GMT

GET
H/1.1 200
OK windows.svg
ya.co.ve/images/icons/platforms/ 205 B
540 B 245ms
153ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/platforms/windows.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: fa1523249f496acde1e810dd4c5ff9ec9aef5dafa279fb55eb99b325411b184f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
last-modified: Thu, 02 Jan 2020 09:31:44 GMT
server: LiteSpeed
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 205
expires: Mon, 13 Feb 2023 14:40:55 GMT

GET
H/1.1 200
OK chrome.svg
ya.co.ve/images/icons/browsers/ 5 KB
2 KB 298ms
155ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/browsers/chrome.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: d44e1597028e1112888029e2c7a518a1d9d59aa92986226c2095f926b6538f39

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
content-encoding: gzip
last-modified: Thu, 02 Jan 2020 11:55:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 1379
expires: Mon, 13 Feb 2023 14:40:55 GMT

GET
H2 200 www.youtube.com.ico
icons.duckduckgo.com/ip3/ 1 KB
2 KB 15ms
14ms Image
image/x-icon 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icons.duckduckgo.com/ip3/www.youtube.com.ico

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
content-encoding: br
x-duckduckgo-moreinfo: See https://help.duckduckgo.com/duckduckgo-help-pages/privacy/favicons/
x-xss-protection: 1;mode=block
x-duckduckgo-locale: de_DE
referrer-policy: origin
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
expires: Wed, 08 Mar 2023 14:40:55 GMT

GET
H/1.1 200
OK desktop.svg
ya.co.ve/images/icons/devices/ 406 B
625 B 291ms
150ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/devices/desktop.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: b31dc3260a12863796a1231374c1034bf539ec10a54b239a4e9a80ad4dd698b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 08:38:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 243
expires: Mon, 13 Feb 2023 14:40:55 GMT

GET
H/1.1 200
OK 20dbe5c498222ff7f33e9314b19b7f92.svg
ya.co.ve/images/icons/pixels/ 1 KB
1 KB 212ms
151ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/pixels/20dbe5c498222ff7f33e9314b19b7f92.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 00979234d7059d57941107032785304e95b5ccdaac387c024a3ba8a4963484f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
content-encoding: gzip
last-modified: Sat, 30 Jan 2021 10:12:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 692
expires: Mon, 13 Feb 2023 14:40:55 GMT

GET
H/1.1 200
OK 50f09d94fd93abc76a0d2c0267060b28.svg
ya.co.ve/images/icons/pixels/ 465 B
675 B 177ms
157ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/pixels/50f09d94fd93abc76a0d2c0267060b28.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: d4cf528f02a7963154d2fc4011a60401416f796e0e38fec6e65e14050b834b9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 06:38:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 293
expires: Mon, 13 Feb 2023 14:40:56 GMT

GET
H/1.1 200
OK 842153204d5b65983fca3464e84b943f.svg
ya.co.ve/images/icons/pixels/ 455 B
678 B 151ms
151ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/pixels/842153204d5b65983fca3464e84b943f.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0eb1bfb7312ab752e1e6ab39a808bd8236f700b38b4ebdfd2a61a37cec5dd7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
last-modified: Sat, 30 Jan 2021 10:12:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 296
expires: Mon, 13 Feb 2023 14:40:56 GMT

GET
H/1.1 200
OK 26cae7718c32180a7a0f8e19d6d40a59.svg
ya.co.ve/images/icons/pixels/ 594 B
755 B 150ms
150ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/pixels/26cae7718c32180a7a0f8e19d6d40a59.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: a96c8ffad4445e16abf4e2eb9ef4f0f3d07d7d6e8293b04548afa61b8d99ae8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
last-modified: Sat, 30 Jan 2021 10:12:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 373
expires: Mon, 13 Feb 2023 14:40:56 GMT

GET
H/1.1 200
OK 738aa8d3bc02eb8712acd0eb2cf6dfd5.svg
ya.co.ve/images/icons/pixels/ 301 B
573 B 150ms
150ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/pixels/738aa8d3bc02eb8712acd0eb2cf6dfd5.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6907b3dfa45e8c11e1519650f8562544805f9173f23fc510644574235f974a82

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
last-modified: Sat, 30 Jan 2021 10:12:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 191
expires: Mon, 13 Feb 2023 14:40:56 GMT

GET
H/1.1 200
OK b73c2d22763d1ce2143a3755c1d0ad3a.svg
ya.co.ve/images/icons/pixels/ 581 B
729 B 151ms
151ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/pixels/b73c2d22763d1ce2143a3755c1d0ad3a.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6752edb05b430580b4c993b4fa5c6ff7e6de5090fb970f707f966dc1b42a90d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
last-modified: Sat, 30 Jan 2021 10:12:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 347
expires: Mon, 13 Feb 2023 14:40:56 GMT

GET
H/1.1 200
OK bb6ec8dcea15643283afe386156af82e.svg
ya.co.ve/images/icons/pixels/ 753 B
833 B 151ms
151ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/pixels/bb6ec8dcea15643283afe386156af82e.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: d53128e662c0fae928fe7eba829b6f8d148d0a6a69b3a85296c9c51891740bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 12:41:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 451
expires: Mon, 13 Feb 2023 14:40:56 GMT

GET
H/1.1 200
OK f1576406b382b7d1c8c2607f7c563d4f.svg
ya.co.ve/images/icons/pixels/ 674 B
767 B 152ms
152ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/pixels/f1576406b382b7d1c8c2607f7c563d4f.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 184cbd0d5847bbae759a641150736f6a4c4d39f44c08137f6f2e7684b466cb70

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
last-modified: Sat, 30 Jan 2021 10:12:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 385
expires: Mon, 13 Feb 2023 14:40:56 GMT

GET
H/1.1 200
OK 2afabc8d52b1b1fe7e38f426784ab0ef.svg
ya.co.ve/images/icons/pixels/ 633 B
787 B 152ms
152ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/pixels/2afabc8d52b1b1fe7e38f426784ab0ef.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: faca5d0e19134d373265f92c5c6d4d88579a13484899afe09e106ce72c58c70b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
last-modified: Sat, 30 Jan 2021 10:12:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 405
expires: Mon, 13 Feb 2023 14:40:56 GMT

GET
H/1.1 200
OK 8ac4807464cace143c37c2204494139c.svg
ya.co.ve/images/icons/pixels/ 474 B
707 B 152ms
151ms Image
image/svg+xml 198.54.116.103
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ya.co.ve/images/icons/pixels/8ac4807464cace143c37c2204494139c.svg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: HTTP/1.1
Server: 198.54.116.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium34-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4a5ec454554e61f349f4893dbe41461bd8a847f4d668d5e2be4304b3620a1bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 10:36:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 325
expires: Mon, 13 Feb 2023 14:40:56 GMT

GET
H2 200 5698708 Show response
gloaphoo.net/401/ 0
0 57ms
14ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gloaphoo.net/401/5698708
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 tag.min.js Show response
inklinkor.com/ 73 KB
25 KB 45ms
15ms Script
text/javascript 2606:4700:3030::ac43:d31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://inklinkor.com/tag.min.js
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d31d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976c850ea45f5b66b189249d6b96cfd966dd9fe80ae9e3c58759a3c9dff815da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5026
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trace-id: c769fefe05b30483fe654aad7bdee918
pragma: no-cache
last-modified: Mon, 06 Feb 2023 12:53:02 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwpuUFNfvK5Unx4tmYR7PPns90jXYC7Lh0QmHTjDxby1bRzsWA7JwHjEEGrKMQ6Q2Xk73eupWLFFMQfvxm9NO54AVuMLUJiQTfiYs54aC79SDsGolG7bQv3fpr%2F8Ou4QxmvL3%2BJbVsSOfnOW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
cf-ray: 7954a4cccd173655-FRA
expires: Tue, 07 Feb 2023 13:17:09 GMT

GET
H3 200 Inter-Regular.woff2
rsms.me/inter/font-files/ 97 KB
97 KB 27ms
18ms Font
font/woff2 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Regular.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: http://ya.co.ve
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-fastly-request-id: 6ca07101d30da26ac2793700e0b23c7dcd7deed9
date: Mon, 06 Feb 2023 14:40:55 GMT
via: 1.1 varnish
expires: Mon, 06 Feb 2023 11:50:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98868
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 04 Oct 2022 15:53:17 GMT
server: cloudflare
x-github-request-id: 56D0:129C3:6AE5B9:6F63C3:63E0E72C
x-timer: S1675694456.722189,VS0,VE1
etag: "633c56ed-18234"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTXV6G8FcdWq2Z272ygHH5cf7WK5R03xdp4vMI16UwD187WZd60US%2FfSGyEk%2FW49TD7mBKX28WTaYT2RvUKlHvVyggr8GbqX5ii00BO%2B8OkYcWA7GQupIjWfXKx6Vgt3ccbaLO2F"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 7954a4cc3be435df-FRA
x-cache-hits: 5

GET
H3 200 Inter-Medium.woff2
rsms.me/inter/font-files/ 103 KB
104 KB 45ms
37ms Font
font/woff2 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Medium.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: http://ya.co.ve
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-fastly-request-id: fcd2e8f53797e41769374b960d94469f3ed536ef
date: Mon, 06 Feb 2023 14:40:55 GMT
via: 1.1 varnish
expires: Mon, 16 Jan 2023 22:47:20 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: HIT
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105924
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Tue, 04 Oct 2022 15:53:17 GMT
server: cloudflare
x-github-request-id: 3DE8:2C9D:1E5E587:28FFF22:63C5D1C9
x-timer: S1675694456.724160,VS0,VE0
etag: "633c56ed-19dc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNJa2TKoppxQhFvMVhfWaaf%2Bk9bq3ixhNjAv3Lgxqv5gIDCrU0dcfkCiqJcMuW4BS5ESu6q0N0TtVC2U%2BfeTBdR77%2FGbYcWQ8QIiwiKEG%2BQJTBvFnlNHIRuzMw4yk4lbyG1kC09U"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 7954a4cc3be635df-FRA
x-cache-hits: 2

GET
H3 200 Inter-Bold.woff2
rsms.me/inter/font-files/ 104 KB
104 KB 51ms
43ms Font
font/woff2 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Bold.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: http://ya.co.ve
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-fastly-request-id: 0e0168ed87fbf5aa64232f0d064183fd3457859c
date: Mon, 06 Feb 2023 14:40:55 GMT
via: 1.1 varnish
expires: Mon, 06 Feb 2023 00:22:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: HIT
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106140
x-served-by: cache-hhn-etou8220086-HHN
last-modified: Tue, 04 Oct 2022 15:53:17 GMT
server: cloudflare
x-github-request-id: 322A:3122:19BAD4:25585D:63E04612
x-timer: S1675694456.725587,VS0,VE1
etag: "633c56ed-19e9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmgYef7jQhnxRLwRavmvXtRswzV%2FxW%2BEmDy9hMXfPKzZnll96pjdxfbafefct%2F8oxsjozojFn2b%2BWT2fvviZ7khQktnO4NPMr76dswRxSvhnZaYNk6GyUxtBTSeTQtttQtUir%2Fj1"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 7954a4cc3be735df-FRA
x-cache-hits: 5

GET
H2 200 / Show response
bedrapiona.com/5/5698693/ 0
454 B 54ms
13ms XHR
text/plain 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/5698693/?oo=1&js_build=iclick-v1.482.0
Requested by: Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 06 Feb 2023 14:40:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://ya.co.ve
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 402 KB
161 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Origin: http://ya.co.ve
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163841
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 15:39:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117430059-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6365
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 06 Feb 2023 14:54:50 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 361 KB
118 KB 202ms
108ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1178899596433796&plah=ya.co.ve&bust=31071855

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1178899596433796

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfcb6f12c9cc2edc2d7a10d6ec33281d7bf94b0cf647e70ec7daef4496883e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121186
x-xss-protection: 0
server: cafe
etag: 457184166230494144
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 14:40:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/ Frame 4EE8 10 KB
5 KB 114ms
35ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1178899596433796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 21:44:24 GMT
etag: 10353107486223812946
expires: Sun, 19 Feb 2023 21:44:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
201 B 42ms
42ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=955212308&t=pageview&_s=1&dl=http%3A%2F%2Fya.co.ve%2F&ul=en-us&de=UTF-8&dt=YACOVE%20-%20Acortador%20de%20URL%20-%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=401949673&gjid=146088527&cid=1831056427.1675694456&tid=UA-117430059-1&_gid=1610548423.1675694456&_r=1&_slc=1&gtm=457e3210&z=1815136841

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ya.co.ve/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ya.co.ve
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 991A 43 KB
23 KB 60ms
60ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0&co=aHR0cDovL3lhLmNvLnZlOjgw&hl=en&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&cb=e8gbqnic1m8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ee0199ee9777e4379736b5e281cb09ad3d647efb607fa361c34e6a839a87a3b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FQkZ7a0kz6C6PZsHtZgJfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23174
content-security-policy: script-src 'report-sample' 'nonce-FQkZ7a0kz6C6PZsHtZgJfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 991A 55 KB
24 KB 116ms
39ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0&co=aHR0cDovL3lhLmNvLnZlOjgw&hl=en&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&cb=e8gbqnic1m8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 11:54:48 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 991A 402 KB
160 KB 136ms
59ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163841
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 15:39:52 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
601 B 144ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ya.co.ve&callback=_gfp_s_&client=ca-pub-1178899596433796

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1178899596433796&plah=ya.co.ve&bust=31071855

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

284d22b819f185f7cb3176d093bf0c3e645c582db41b00a87369bc5fbd10b4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 196ms
69ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ya.co.ve

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 124ms
44ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ya.co.ve

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fya.co.ve%2F&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4208 550 KB
96 KB 976ms
975ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&adk=1812271804&adf=3025194257&lmt=1675694456&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x540_r&format=0x0&url=http%3A%2F%2Fya.co.ve%2F&ea=0&pra=5&wgl=1&dt=1675694455974&bpp=7&bdt=749&idt=351&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5674341855858&frm=20&pv=2&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=377

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

300ddacc354768759a4e6c8bbb3d760cd09fc824c788e017bc3ff13172e34aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 98449
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:57 GMT
expires: Mon, 06 Feb 2023 14:40:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6417 82 KB
30 KB 933ms
933ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1678500048~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694456&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694455981&bpp=2&bdt=755&idt=376&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eNgYjAy4lb&p=http%3A//ya.co.ve&dtd=379

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3221168d7b2423d5f6ebb66ac8d235d4fd403b58e82a08af624cf69967c4ef01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30530
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:57 GMT
expires: Mon, 06 Feb 2023 14:40:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 991A 2 KB
2 KB 38ms
38ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:40:39 GMT
x-content-type-options: nosniff
age: 565217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 07 Feb 2023 01:40:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 991A 15 KB
16 KB 118ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 501569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 991A 15 KB
15 KB 126ms
45ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 418332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:28:44 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 991A 102 B
133 B 47ms
46ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2b9fdf8ec5c4a71d39191e9fb067ac1d8be6df56eb2e0d620a6947df0bf35615

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0&co=aHR0cDovL3lhLmNvLnZlOjgw&hl=en&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&cb=e8gbqnic1m8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 14:40:56 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E948 7 KB
1 KB 50ms
49ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8d7395caa4ae0903d7ce0e5627d795178b8e3f127d8e8236db6c5431b1c06cf8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d-DKmvo2OdOQMriewpq7vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-d-DKmvo2OdOQMriewpq7vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame E948 55 KB
24 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 11:54:48 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame E948 402 KB
160 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163841
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 15:39:52 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame E948 39 KB
24 KB 86ms
86ms XHR
application/json 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81d30fb582691635279f903da8b22f2ee63f475a5c247d08a25c325e93e0a41f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24353
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 14:40:56 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame E948 600 B
624 B 40ms
39ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 08:44:59 GMT
x-content-type-options: nosniff
age: 453357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 08 Feb 2023 08:44:59 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame E948 530 B
554 B 40ms
39ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 23:42:15 GMT
x-content-type-options: nosniff
age: 572321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 06 Feb 2023 23:42:15 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame E948 665 B
689 B 40ms
40ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:32:43 GMT
x-content-type-options: nosniff
age: 169693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 11 Feb 2023 15:32:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E948 15 KB
15 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 501569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E948 15 KB
15 KB 51ms
50ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 07:57:55 GMT
x-content-type-options: nosniff
age: 110581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 07:57:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E948 15 KB
15 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 418332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:28:44 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame E948 45 KB
45 KB 49ms
49ms Image
image/jpeg 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFY_a8VdZwUfQRwWQhpPvk5m3hYT3699_8vZ_p36yQTw2wRmt0FsQaR47D_okr6-21XilvqoRDogH5e4JTTKO5hy8GILCryxwx6Oir0D3R_UwsOFO4EUEMzqwoiigFriBQ0DPF1Ya0ef4bCk_5or5fJ5D80fMJU-L40iCLZ2aB3AGZT9rlY3OXK0WGz8-XJhLqvRRYjfGbLdRIWnscNaVpEe0ny6xNSzRQ&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a5f1efaee4688e510e16074ede276d5a66ef670d358e635ffa4b3ce87bfebe2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6Ldkip4gAAAAAFJEa73okF6fS4gujQkFDlWZOH-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:56 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46026
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 14:40:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6417 6 KB
1 KB 184ms
69ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1678500048~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694456&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694455981&bpp=2&bdt=755&idt=376&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eNgYjAy4lb&p=http%3A//ya.co.ve&dtd=379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 14:14:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 6417 2 KB
818 B 127ms
47ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6417 0
0 79ms
78ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkV0CeBHhY636F-KDmwe51qaIDcyD7eRuqeuOt_gQu8Lq_JEOEAEgy7iUdWCV4pCCoAegAeCB8PgoyAEJqQKe8ZHHdRCyPqgDAcgDywSqBMYBT9Adnw8gNDHrg4WBet0KTJ3u9q-_0cxPUnJOBwXIhW1iRcGekrXXGcOSagpofYQRoC4uaZjfN0ar-A44EgNYIvu9mBSxKr2Y7fNdz7FfwG5nA2mLQR4Reydb3jgLhKdEDV8b-NNJkCd8ksXrz1xGGnRss8k0GU-DEOwDmhKg4061Xv7rJRX9NgVO7wQZuQS-3MTDJ32d-xBJ9ZDw2h_nVNGGmHavt9ZinKEszKIEooXQQMaW2WXNE-wuBiPAytcaQmRDMwQ-wASaovCoggSSBQQIBBgBkgUECAUYBKAGLoAH4LnA2AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCqtA7SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMTE3ODg5OTU5NjQzMzc5NhgA&sigh=ePz8Q1pqJ2M&uach_m=[UACH]&cid=CAQSGwDUE5ymF3n1KaMEqXsMQHogBzc2hoPdkPOPshgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1678500048~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694456&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694455981&bpp=2&bdt=755&idt=376&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eNgYjAy4lb&p=http%3A//ya.co.ve&dtd=379
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 14:40:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16466493746143053049/ Frame 6417 19 KB
20 KB 126ms
48ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16466493746143053049/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

633ba6ee8e1070849e92229fe6eb4df88edaf431230d8b13a31f0d2115775037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:37:00 GMT
x-content-type-options: nosniff
age: 277437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19966
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:33:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Feb 2024 09:37:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 6417 22 KB
9 KB 108ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 6417 3 KB
1 KB 118ms
47ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 14:37:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 6417 18 KB
8 KB 112ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6417 157 KB
49 KB 232ms
103ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 6417 33 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 150 KB
51 KB 97ms
97ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/reactive_library_fy2021.js?bust=31071855

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7667680a24cb72c63719522b7aa3a44dbee2c9b6b95af822920c733335cd89bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52194
x-xss-protection: 0
server: cafe
etag: 14151536435800075326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 71ms
70ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ya.co.ve

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 46ms
45ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ya.co.ve

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8171 83 KB
29 KB 735ms
735ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=1347205284&pi=t.aa~a.2433027837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zjoFU5oKBh&p=http%3A//ya.co.ve&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

791248613b6f6f9d85296ed7efb8ac37b407bfcf1fe8611c4035deb167bf366e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 29540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A15 98 KB
35 KB 1298ms
1298ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1418185256&adf=667648791&pi=t.aa~a.2433027837~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=GVPLPopkaZ&p=http%3A//ya.co.ve&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dd5b7c59494011f04143a911185d0fd40750679d814f112726ccc9f5316051c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 35302
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B77A 106 KB
36 KB 1062ms
1062ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

766253b7e6f6e41142ee3983ecbcebdec175ba8ed7657796171e82de70ce0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 36717
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA77 98 KB
34 KB 1029ms
1028ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

643195cb8c43666c87b415dc98e3ce7084bbbebf091ad6267553b13e4639fb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 35191
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAEE 32 KB
13 KB 833ms
832ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=90&adk=3249661183&adf=4046099473&pi=t.aa~a.2104307421~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1108x90&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=0&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=246&ady=3998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=yB7MphqZb6&p=http%3A//ya.co.ve&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9a8745a0516c6e08a1edc1bc26430ac21ec89c3e0153f932ea9b1664f32e4bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12903
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6417 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c706ddcf3f76777400e3ee0497fffc3c598ca49e08f70b0737d06bd13862d733

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/ Frame F0AE 10 KB
4 KB 36ms
36ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 19:44:49 GMT
etag: 10353107486223812946
expires: Sun, 19 Feb 2023 19:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/ Frame DDEF 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 19:44:49 GMT
etag: 10353107486223812946
expires: Sun, 19 Feb 2023 19:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/ Frame A1E9 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 19:44:49 GMT
etag: 10353107486223812946
expires: Sun, 19 Feb 2023 19:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/ Frame A416 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 19:44:49 GMT
etag: 10353107486223812946
expires: Sun, 19 Feb 2023 19:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F0AE 4 KB
709 B 74ms
74ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:49:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F0AE 205 B
229 B 39ms
38ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:47:10 GMT
x-content-type-options: nosniff
age: 24827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Feb 2024 07:47:10 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F0AE 604 B
628 B 39ms
38ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:40:28 GMT
x-content-type-options: nosniff
age: 3629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Feb 2024 13:40:28 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame F0AE 20 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
server: cafe
etag: 8727046649480766555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:29:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DDEF 8 KB
968 B 71ms
71ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 14:38:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame DDEF 2 KB
799 B 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame DDEF 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame DDEF 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 14:37:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame DDEF 18 KB
8 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDEF 157 KB
48 KB 95ms
94ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame DDEF 33 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A1E9 6 KB
745 B 70ms
70ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 14:12:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A1E9 2 KB
799 B 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame A1E9 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A1E9 3 KB
1 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 14:37:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A1E9 18 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1E9 157 KB
48 KB 149ms
148ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame A1E9 33 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A416 8 KB
968 B 71ms
71ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 14:34:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A416 2 KB
799 B 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame A416 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A416 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 14:37:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A416 18 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A416 157 KB
48 KB 126ms
125ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame A416 33 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6417 15 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 293488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 05:09:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6417 15 KB
15 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 10:32:46 GMT
x-content-type-options: nosniff
age: 187691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 10:32:46 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6417 15 KB
15 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 47511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 01:29:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1159 8 KB
895 B 70ms
70ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 13:55:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 1159 2 KB
765 B 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 1159 22 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 1159 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 14:11:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 1159 18 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1159 157 KB
48 KB 127ms
126ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 1159 33 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17604757383778700810/ Frame DDEF 9 KB
9 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17604757383778700810/14763004658117789537?w=195&h=102

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6cdefb0b38784ac15851018adde9ddf346452343a88c8e2dc7571220c113f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 04:29:54 GMT
x-content-type-options: nosniff
age: 295863
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8911
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 10:36:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Feb 2024 04:29:54 GMT

GET
DATA 200
OK truncated
/ Frame DDEF 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DDEF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DDEF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c407dc4146c3b2ae5bd8519f33dce96e39abf6b7ff19345b0c210f10956c0084

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6C8E 143 B
166 B 36ms
35ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:29:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame BE87 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 17ED 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DDEF 0
18 B 83ms
82ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnCdPeBHhY9XkG--k5LcP9fGvgALLoPupa8X38ZuMEM_33Zi6ARABIMu4lHVgleKQgqAHoAHOsv7bA8gBCakCRzmmm7YPsj6oAwHIA8sEqgS8AU_QkwgOEj397q5rOcOMzHAZZ65NSQ4RFseF6CKsAgibIS63L2zhi-gLDfSHDHYZM9gXLyl2rTCllrnyvdK4uHr_9UU0kg-mt9Ln4FuUvQAO2S9LZWLFq_wvKlKHvHy2zdGkrPW2BLhOnM_noeYa03qckt_qZBJa-_gXgFornY4XJ4MLgHo493F5b0AHwXrjf03c0y1PQ8aDh5Pr5SIysDP6caJkmiXdl0bMe_6NGsGIRX5rmOMUVVHuYGIawAS-2ojSgQSgBi6AB_2khCSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCR_AHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0xMTc4ODk5NTk2NDMzNzk2GAA&sigh=TwcRom6MZ4M&uach_m=[UACH]&cid=CAQSGwDUE5ymNuHbnsARhDqDaVaLaDR4cCzWFkfhYxgB&template_id=5000&vis=1

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 14:40:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/4165319128741995548/ Frame A1E9 25 KB
25 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4165319128741995548/2076313506083323656

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3f4c8e3f3faee70760aa305dee9290b1b1c2a2ee7c6235cb59f76782c7e4387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 11:03:13 GMT
x-content-type-options: nosniff
age: 358664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25774
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 11:00:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Feb 2024 11:03:13 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5464191738451213027/ Frame A1E9 849 B
876 B 48ms
48ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5464191738451213027/14763004658117789537?w=100&h=100

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b87ca4eac003cd6ce3de71a45066a941d08f14b4b970b2bf627695d47f566147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 11:02:30 GMT
x-content-type-options: nosniff
age: 358707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 23:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Feb 2024 11:02:30 GMT

GET
DATA 200
OK truncated
/ Frame A1E9 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A1E9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ef05d95753d718a7f23286ee14398674890bef980d24b49893e824d8b1b45c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame B45B 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame E858 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A1E9 0
18 B 79ms
79ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSgQXeBHhY9bkG--k5LcP9fGvgAK7zpXibsTuw_XjELnu8MiqARABIMu4lHVgleKQgqAHoAH-u7XbA8gBCakCRzmmm7YPsj6oAwHIA8sEqgS8AU_QeRdD91jXTsFmMnFQHIwsbHKlF98IpT5n0cb6wvOOpDNBsEB_l5bjS5FjHsM3QGfbPWCMjYB2Z3yP78iv0b4fKZW8Hji3zCJ9WCkt5bstd9pW5rMpk000FsVFaW8oL4lAcv-_md0eERXaflOQhbogPsUEfifdHXDiIJRMUY1fzttYtyliO8-p6DwetF6ygoDTHKuCI2aJx82dyTZE-daN3SfLLBOHnt7eoG7gzkBl8ne8Wga32KFXNAxywATqoomNjQSgBi6AB-rDyiSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCvkQPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwOIFATQFQGYFgGAFwGyFxwKGggAEhRwdWItMTE3ODg5OTU5NjQzMzc5NhgA&sigh=NwjZ1tOCKLc&uach_m=[UACH]&cid=CAQSGwDUE5ymNuHbnsARhDqDaVaLaDR4cCzWFkfhYxgB&template_id=484&vis=1

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 14:40:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6C8E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:58 GMT
expires: Mon, 06 Feb 2023 14:40:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0289 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8171 8 KB
895 B 71ms
70ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=1347205284&pi=t.aa~a.2433027837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zjoFU5oKBh&p=http%3A//ya.co.ve&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 14:16:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:40:58 GMT

GET
H3 200 delayed_impression_vu_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/impression/ Frame 8171 18 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/impression/delayed_impression_vu_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbe0fa4e265250008da7c7bf0315512cb9ea61d02c55dc49f3e809546bd31856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8024
x-xss-protection: 0
server: cafe
etag: 14455502957334989559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:49:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 8171 2 KB
765 B 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 8171 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 8171 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 14:11:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 8171 18 KB
7 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8171 0
0 46ms
46ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSt0CHXzbJ0J5V0ZTcww0lAqNO1IguDQaq3ELlkWbjDFbWZhXkkwuVZhqq5AOTo43StspFmunkEjL7q1fgQkHLPER0Eeg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=1347205284&pi=t.aa~a.2433027837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zjoFU5oKBh&p=http%3A//ya.co.ve&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8171 157 KB
48 KB 84ms
84ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:58 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 8171 33 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6289 1 KB
643 B 47ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 06:14:03 GMT
etag: 48472445140208031
expires: Tue, 07 Feb 2023 06:14:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3107904734133062114/ Frame 8171 68 KB
68 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3107904734133062114/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ad98434364c15d810f792900ea5ab20bf36f1c6b65312312c5ebad2e7c6bb37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 08:23:59 GMT
x-content-type-options: nosniff
age: 195419
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69812
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 15:03:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 08:23:59 GMT

GET
DATA 200
OK truncated
/ Frame 8171 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8171 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7b314b033ccc128c639447f1fbeedc40f2080b3f90df25fd8a0dde9a8f7bf81

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D467 0
0 79ms
78ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcfseeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEtQFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci0w65_sREDNcqe_aXqS3BZUMBQ2Lu5980m0Cc20SUUS0Rl4c8R6A2gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTExNzg4OTk1OTY0MzM3OTYYAA&sigh=IyIBdX8eTAQ&uach_m=[UACH]&cid=CAQSOwDUE5ym-SV4rzd31QEFSNKWXnRhwkNbi-UUXqA5maTixNBAuZDin2e-usyHaNqJA_UcEAegDwMlqqBNGAE

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=90&adk=3249661183&adf=4046099473&pi=t.aa~a.2104307421~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1108x90&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=0&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=246&ady=3998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=yB7MphqZb6&p=http%3A//ya.co.ve&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 14:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D467 0
0 155ms
21ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kte9r59fc6b6h84cv02y6bdj9vez675ks0dkyg9s577bnt1c3derwwn2rcznr152h0khy3ap2my4g94ycg25nbphvv3nx9gxc2y5zz0xaq24czwkmbj3yt2zyswgta9s5x794nfwknp6cxj7mf2gx62fpbdhxeg6q0956jaz024q6rswkayre09j19jetxcz8s9jdjng1cqhssw941vcra5bnrxn1zngvmr7pazse8m17cwwdcpj2stfypbk04mjzheny7gk1nb8nb89g4dbxvttd1bv8w41stbrdhfx61t4556wv8vc22ka1d8rbsxpyhw68p9rynvvrwbz8m4dswnj4j7fq1hg8wqs0e0qx3tkcc0gdrzq9xjy1vytzr87zxhfrc2kt4w120&b=Y-EReQAHuDYIFVRWAAJokw23ipkPlIQKxy8yrg
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Feb 2023 14:40:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 9426 2 KB
2 KB 159ms
28ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gg8pzh2qym3e6cqyb0mk2j4qe3nm0gpw22xx800z3239zb5drnxvf898c91xj69gty9m0ad8dxwhhd8g1t599rd6gygks66vxz0m470zhb0k20bc90c8t58ms49zmy4y1ympfvm7735kytbf846mj5ckd7dc86btjw70ehm5ajjxxnbc1rf0559j3zdk7x0488sarw0mywa61x1y5w0j89272svnxvqs87y28eca8v5qqn02vqfdh9912y7acva77k9wzwgbtt9dydp2hv085pgwpcwzx5zytmb9ma876885rnsp9ch7fhzpfzwv08dyf2vpzeyh7sexnsjb835djr41q5gm1x6mxnkttsw3ksq8r6wbn00q3877c9b06f8ryxqsjntkvq5j6122y13j3m5krs51nv0cgtgkw6g0ekyckjexvy4763s35b0e0ghr1bcv64g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%26client%3Dca-pub-1178899596433796%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=90&adk=3249661183&adf=4046099473&pi=t.aa~a.2104307421~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1108x90&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=0&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=246&ady=3998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=yB7MphqZb6&p=http%3A//ya.co.ve&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ae5aa4abd2384e4bfc6198818841b80b71c6c695cc61cca207b182514687f81

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7954a4dd4e98bbf7-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:58 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D467 3 KB
1 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 14:11:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 34F1 1 KB
643 B 48ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 06:14:03 GMT
etag: 48472445140208031
expires: Tue, 07 Feb 2023 06:14:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D467 18 KB
7 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D467 0
0 49ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSkiYacP_4NTVRPXOiPtNGY5gs-vhK9lZOtoCPJ1HIJB1VXTpveIm3d7juF_0mZXtTTX6K2F5A0ry-Kp4FJnMfx9QY9A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=90&adk=3249661183&adf=4046099473&pi=t.aa~a.2104307421~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1108x90&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=0&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=246&ady=3998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=yB7MphqZb6&p=http%3A//ya.co.ve&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D467 157 KB
48 KB 109ms
107ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:58 GMT

GET
DATA 200
OK truncated
/ Frame D467 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2ac7caaadde175726f5e50d1c23a54611dff91ec8b914735cdb4de0b6fe0e72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8171 28 KB
28 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 77801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 17:04:17 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6289
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAtetY57uIyPat3E0fFmCig&google_cver=1&google_push=Aa02lx_xo0T5_lOTnQVoUhYOhUB-kJulRluF6lYped_rmsU6iRVOwxA9Mgg6lw7LtvfOGGjGk_zkCbbannAXVTWC...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_xo0T5_lOTnQVoUhYOhUB-kJulRluF6lYped_rmsU6iRVOwxA9Mgg6lw7LtvfOGGjGk_zkCbbannAXVTWCg7SjZ-QOXbiOFKQ

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_xo0T5_lOTnQVoUhYOhUB-kJulRluF6lYped_rmsU6iRVOwxA9Mgg6lw7LtvfOGGjGk_zkCbbannAXVTWCg7SjZ-QOXbiOFKQ

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 06 Feb 2023 14:40:58 GMT
Server: MT3 441 9053ffc master zrh-pixel-x4 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_xo0T5_lOTnQVoUhYOhUB-kJulRluF6lYped_rmsU6iRVOwxA9Mgg6lw7LtvfOGGjGk_zkCbbannAXVTWCg7SjZ-QOXbiOFKQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 06 Feb 2023 14:40:57 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6289
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESED0oiLPfPKdUVrlsgiBh_BM&google_cver=1&google_push=Aa02lx-K3HJInEAJczK6JUncLQw4jLo5uJMTN2mRjXOyencS8CfnOV-mqga9fKYtQki-JmQEvh3xQrqf58OYWXSdSBcQYlD_CxkaQA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4F1E925D03A44F2BBEADA8254A8C7DE&google_push=Aa02lx-K3HJInEAJczK6JUncLQw4jLo5uJMTN2mRjXOyencS8CfnOV-mqga9fKYtQki-JmQEvh3xQrqf58OYWXS...

170 B
232 B

69ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4F1E925D03A44F2BBEADA8254A8C7DE&google_push=Aa02lx-K3HJInEAJczK6JUncLQw4jLo5uJMTN2mRjXOyencS8CfnOV-mqga9fKYtQki-JmQEvh3xQrqf58OYWXSdSBcQYlD_CxkaQA

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Feb 2023 14:40:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4F1E925D03A44F2BBEADA8254A8C7DE&google_push=Aa02lx-K3HJInEAJczK6JUncLQw4jLo5uJMTN2mRjXOyencS8CfnOV-mqga9fKYtQki-JmQEvh3xQrqf58OYWXSdSBcQYlD_CxkaQA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 05 Feb 2023 14:40:58 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6289 0
173 B 84ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH4to0hZjsmzVv0njtge3zk&google_cver=1&google_push=Aa02lx-AY-Cr7d-VwyvWyTQBrg-Cm3P9ANU4XXMMn2Assct-dL8hRRfo6XXsb0xcuFad3bjS1CIGxNjoG_0nSRdWBPby-vl2HHHDcOU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=1347205284&pi=t.aa~a.2433027837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zjoFU5oKBh&p=http%3A//ya.co.ve&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6289
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGvJ1F1q_e_VnHoi1pkkcgA&google_cver=1&google_push=Aa02lx8h-TWwgrd3r6Cfh3Yw6UrU5Ashu6wUt28OTwXoHxX8Lr4MfzFSaxnjadD5BhKLTuiJqM068RACJY4V1BclLVfdhTw...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGvJ1F1q_e_VnHoi1pkkcgA&google_cver=1&google_push=Aa02lx8h-TWwgrd3r6Cfh3Yw6UrU5Ashu6wUt28OTwXoHxX8Lr4MfzFSaxnjadD5BhKLTuiJqM068RACJY4V1BclLVfdh...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8h-TWwgrd3r6Cfh3Yw6UrU5Ashu6wUt28OTwXoHxX8Lr4MfzFSaxnjadD5BhKLTuiJqM068RACJY4V1BclLVfdhTwE_DSz4jE

170 B
232 B

46ms
46ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8h-TWwgrd3r6Cfh3Yw6UrU5Ashu6wUt28OTwXoHxX8Lr4MfzFSaxnjadD5BhKLTuiJqM068RACJY4V1BclLVfdhTwE_DSz4jE

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8h-TWwgrd3r6Cfh3Yw6UrU5Ashu6wUt28OTwXoHxX8Lr4MfzFSaxnjadD5BhKLTuiJqM068RACJY4V1BclLVfdhTwE_DSz4jE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6289
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBsZRMDqdPeVa3UqVGCgw10&google_cver=1&google_push=Aa02lx-8DM7unDQWtdINL1epyU1fkaHQPGZQ2RMYhQdEvvGUUONUL5Vm3a54hEsJguP96Rfa6dqBe9qh...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBsZRMDqdPeVa3UqVGCgw10&google_cver=1&google_push=Aa02lx-8DM7unDQWtdINL1epyU1fkaHQPGZQ2RMYhQdEvvGUUONUL5Vm3a54hEsJguP96Rfa6dq...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxMzk4NzkzMTE5OTQzMTExMA&google_push=Aa02lx-8DM7unDQWtdINL1epyU1fkaHQPGZQ2RMYhQdEvvGUUONUL5Vm3a54hEsJguP96Rfa6dqBe9...

170 B
232 B

46ms
46ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxMzk4NzkzMTE5OTQzMTExMA&google_push=Aa02lx-8DM7unDQWtdINL1epyU1fkaHQPGZQ2RMYhQdEvvGUUONUL5Vm3a54hEsJguP96Rfa6dqBe9qhuT20l3gA9ngSYLsb7t5u6Q8

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxMzk4NzkzMTE5OTQzMTExMA&google_push=Aa02lx-8DM7unDQWtdINL1epyU1fkaHQPGZQ2RMYhQdEvvGUUONUL5Vm3a54hEsJguP96Rfa6dqBe9qhuT20l3gA9ngSYLsb7t5u6Q8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6289
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESELGSs_1dIuCDejSLZj9u8Yo&google_cver=1&google_push=Aa02lx-3VjXa6681HsicwWeyYMXEFeVbRU-ZUDY77NTVXRDty4dVYJIAFW53_3POJTdLMwiG0Pj0oSN668eiO9Zi1gWwee...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELGSs_1dIuCDejSLZj9u8Yo&google_cver=1&google_push=Aa02lx-3VjXa6681HsicwWeyYMXEFeVbRU-ZUDY77NTVXRDty4dVYJIAFW53_3POJTdLMwiG0Pj0oSN668eiO9Zi...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=5zIejmQSSxKgkKr2L47cRg&google_push=Aa02lx-3VjXa6681HsicwWeyYMXEFeVbRU-ZUDY77NTVXRDty4dVYJIAFW53_3POJTdLMwiG0Pj0oSN668eiO9Z...

170 B
232 B

45ms
45ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=5zIejmQSSxKgkKr2L47cRg&google_push=Aa02lx-3VjXa6681HsicwWeyYMXEFeVbRU-ZUDY77NTVXRDty4dVYJIAFW53_3POJTdLMwiG0Pj0oSN668eiO9Zi1gWweekPQCn6PQ

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=5zIejmQSSxKgkKr2L47cRg&google_push=Aa02lx-3VjXa6681HsicwWeyYMXEFeVbRU-ZUDY77NTVXRDty4dVYJIAFW53_3POJTdLMwiG0Pj0oSN668eiO9Zi1gWweekPQCn6PQ
access-control-allow-origin: *
date: Mon, 06 Feb 2023 14:40:58 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 6289 0
75 B 205ms
26ms Image
text/plain 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEG48kFn7Wuj6eEbf06AIqcQ&google_cver=1&google_push=Aa02lx_UhKI_UG_LDQcvUBImKJNirJjPeHOf3QQLOqI1Af6bWNhbxKSeoJnsF7ZentnY8qkhdfUaeM7IVPz0ysFn0LruFgD86Dxg9Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=1347205284&pi=t.aa~a.2433027837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zjoFU5oKBh&p=http%3A//ya.co.ve&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:57 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6289 0
40 B 146ms
53ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LytlsQ9w8wfhTCgFTwiN3zFfs3wHbaVYfRnX1xCtpDp5ZVs06kzqdYiniEZ_wZkrAhXBw2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8171 0
18 B 80ms
79ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtxFSeRHhY9OSHteJ1fAPqo-tsAqSw6znbqf7mLGNEZHbkNvnDRABIMu4lHVgleKQgqAHoAG_hdngA8gBCakCnvGRx3UQsj6oAwHIA8sEqgS_AU_Q9YIxMzGFE6PKk9YBbldr7ds_SJHISfvTNoKzoQbFh_Tjqbcr6LluV5IbYjb1UdH6su-UAsLNp0HP6lDRQMEsV2o82hlktBuKvYezQajPX3Dv_iNW3PQHhACWlZPoywuox4cQaoUpHBuv3mpbCgylsauw7I4vQJUKxTJ-fbES96MtvpCzvIt7QHxCjMwZj5GgH1vzwHyy4jiQln4K0P542wtMdrzgos3hksY339Jei8mBGNVn9j1m5CLQpt-OwATHuai4nASSBQQIBBgBkgUECAUYBKAGLoAHqfqmH6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJ7QAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTExNzg4OTk1OTY0MzM3OTYYAA&sigh=3ZVW81d7uao&uach_m=[UACH]&cid=CAQSOwDUE5ymwQvzWILfcVdVnX2v51-yZ2t4UUFDpD2-F47DiaTELGwct0z-SfiUv_zhOI42UtoNCYZPttUHGAE&template_id=5000&cbvp=2&vis=1

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=1347205284&pi=t.aa~a.2433027837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zjoFU5oKBh&p=http%3A//ya.co.ve&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 14:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 34F1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOh3VFT1qt2XDkTpXzpp5_4&google_cver=1&google_push=Aa02lx9WqDRhFCHq74Uzme1m0moirxsGW6i4AOP9-eBLiWY2IRDVVvExsrf_2nZxz26NwZPZrySGK-VjYJTZOq5QjiXua8krO0KB3...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOh3VFT1qt2XDkTpXzpp5_4&google_cver=1&google_push=Aa02lx9WqDRhFCHq74Uzme1m0moirxsGW6i4AOP9-eBLiWY2IRDVVvExsrf_2nZxz26NwZPZrySGK-VjYJTZOq5QjiXua8krO0K...

43 B
408 B

173ms
162ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOh3VFT1qt2XDkTpXzpp5_4&google_cver=1&google_push=Aa02lx9WqDRhFCHq74Uzme1m0moirxsGW6i4AOP9-eBLiWY2IRDVVvExsrf_2nZxz26NwZPZrySGK-VjYJTZOq5QjiXua8krO0KB3w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9WqDRhFCHq74Uzme1m0moirxsGW6i4AOP9-eBLiWY2IRDVVvExsrf_2nZxz26NwZPZrySGK-VjYJTZOq5QjiXua8krO0KB3w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=90&adk=3249661183&adf=4046099473&pi=t.aa~a.2104307421~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1108x90&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=0&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=246&ady=3998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=yB7MphqZb6&p=http%3A//ya.co.ve&dtd=18
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7954a4dedad839e5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 22
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOh3VFT1qt2XDkTpXzpp5_4&google_cver=1&google_push=Aa02lx9WqDRhFCHq74Uzme1m0moirxsGW6i4AOP9-eBLiWY2IRDVVvExsrf_2nZxz26NwZPZrySGK-VjYJTZOq5QjiXua8krO0KB3w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9WqDRhFCHq74Uzme1m0moirxsGW6i4AOP9-eBLiWY2IRDVVvExsrf_2nZxz26NwZPZrySGK-VjYJTZOq5QjiXua8krO0KB3w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7954a4dda8cc39e5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 34F1 43 B
350 B 89ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENblyZCAEXyNHnYqyhfUla0&google_cver=1&google_push=Aa02lx9NLw82cxhvG1gFzjwX5gGgskzoVxvhuF0dg3Dz3cWZMcOE-xVn4f_8A0gcGEvtVl4p365t6-6uHe0CT8zfUbh7k51yUced57k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=90&adk=3249661183&adf=4046099473&pi=t.aa~a.2104307421~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1108x90&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=0&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=246&ady=3998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=yB7MphqZb6&p=http%3A//ya.co.ve&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:57 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 8ni460modj04tnj8ovi6cci7e9upsule

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 34F1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

46ms
46ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_IIoUvB1YARtfIxIBnHPdAYYxMuUIeEzYFpgOwNxKSC256mHfVDSDnnfmC1u9O2PW3KnILyLd9-tj7sonmMRx5soM7MVO-gA

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_IIoUvB1YARtfIxIBnHPdAYYxMuUIeEzYFpgOwNxKSC256mHfVDSDnnfmC1u9O2PW3KnILyLd9-tj7sonmMRx5soM7MVO-gA
date: Mon, 06 Feb 2023 14:40:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 34F1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE9d-fRfUnF7h5tjnadr3V4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEE9d-fRfUnF7h5tjnadr3V4&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE9d-fRfUnF7h5tjnadr3V4&google_hm=Y-ERegdKp35XVs1G6EgLQgAABG0AAAIB&google_nid=index&google_push=Aa02lx9vm93YiAzWPHfmE5uzV655fcqbqr8cR...

170 B
232 B

46ms
45ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE9d-fRfUnF7h5tjnadr3V4&google_hm=Y-ERegdKp35XVs1G6EgLQgAABG0AAAIB&google_nid=index&google_push=Aa02lx9vm93YiAzWPHfmE5uzV655fcqbqr8cR2ncwhz8_D2VgOJJ4QUYBQ-8C3wBdHqEc3vM8g7e0mK8Wf7PGz9dKEJPTvWbtaV5Wg

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BFRMcOE0COR9zp%2FyFcjEiWff1MJIS5HfWYkEA06z84jcTcTFMbxGy6l0VmrqPYeERXBXDka2%2FzsSRuoiBMOptBkQZ3mJnT%2Bjd8U4897GjwKkan8M20TTAKAhqcBZ2KRPKd94Rsez6EZFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE9d-fRfUnF7h5tjnadr3V4&google_hm=Y-ERegdKp35XVs1G6EgLQgAABG0AAAIB&google_nid=index&google_push=Aa02lx9vm93YiAzWPHfmE5uzV655fcqbqr8cR2ncwhz8_D2VgOJJ4QUYBQ-8C3wBdHqEc3vM8g7e0mK8Wf7PGz9dKEJPTvWbtaV5Wg
cache-control: no-cache
cf-ray: 7954a4de4944381f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 34F1
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPipVr-lbHSn8mTN7gk9abc&google_cver=1&google_push=Aa02lx8AjbjuccG_nPLw1-CPoJHEGPjUR1CPByi-gh_-4_MDRdNMcLfRJRrtSXLnK0ztojm3ctZpbQt-2UiVLfuR-...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPipVr-lbHSn8mTN7gk9abc&google_cver=1&google_push=Aa02lx8AjbjuccG_nPLw1-CPoJHEGPjUR1CPByi-gh_-4_MDRdNMcLfRJRrtSXLnK0ztojm3ctZpbQt-2UiVLfuR-...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8AjbjuccG_nPLw1-CPoJHEGPjUR1CPByi-gh_-4_MDRdNMcLfRJRrtSXLnK0ztojm3ctZpbQt-2UiVLfuR-r0VJpXYWMGC8A&google_hm=GHJwvGZHjzbRHxjnQNuc...

170 B
232 B

47ms
44ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8AjbjuccG_nPLw1-CPoJHEGPjUR1CPByi-gh_-4_MDRdNMcLfRJRrtSXLnK0ztojm3ctZpbQt-2UiVLfuR-r0VJpXYWMGC8A&google_hm=GHJwvGZHjzbRHxjnQNucF7UH

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 06 Feb 2023 14:40:58 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8AjbjuccG_nPLw1-CPoJHEGPjUR1CPByi-gh_-4_MDRdNMcLfRJRrtSXLnK0ztojm3ctZpbQt-2UiVLfuR-r0VJpXYWMGC8A&google_hm=GHJwvGZHjzbRHxjnQNucF7UH
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 34F1
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOewJs7ep0ADW_RvirVI74o&google_cver=1&google_push=Aa02lx_CnfqGknjnwKcTWHoQHbMaOWT7J67H4uLU1Gu2DcO_5XAE_zEU9aysojX0xTUN6IPyJU2Dzp7ovdmD965K...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_CnfqGknjnwKcTWHoQHbMaOWT7J67H4uLU1Gu2DcO_5XAE_zEU9aysojX0xTUN6IPyJU2Dzp7ovdmD965K7dYxn4h3xMyFFl0

170 B
329 B

88ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_CnfqGknjnwKcTWHoQHbMaOWT7J67H4uLU1Gu2DcO_5XAE_zEU9aysojX0xTUN6IPyJU2Dzp7ovdmD965K7dYxn4h3xMyFFl0

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Feb 2023 14:40:58 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_CnfqGknjnwKcTWHoQHbMaOWT7J67H4uLU1Gu2DcO_5XAE_zEU9aysojX0xTUN6IPyJU2Dzp7ovdmD965K7dYxn4h3xMyFFl0
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: jMbC9jQPFu5dYuxUlyBtbxdx24N3pXmzgQ6EDB5ryp5RKkF8I7C4NA==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 34F1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMf6dcYSzBQimH7DHx6FmYg&google_cver=1&google_push=Aa02lx_5obacEPV9muhTCLGuppqhGSIDzBCMknV_Vl0NKYBlIg8_ghPprrDOwngFaIt5k-6t7z...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMf6dcYSzBQimH7DHx6FmYg&google_cver=1&google_push=Aa02lx_5obacEPV9muhTCLGuppqhGSIDzBCMknV_Vl0NKYBlIg8_ghPprrDOwngFaIt5k-6t7z...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WMTQ3Llg5RTJ1RnJJd1lSSVFyX19zREFKRHZtdTc5eH5B&google_push=Aa02lx_5obacEPV9muhTCLGuppqhGSIDzBCMknV_Vl0NKYBlIg8_ghPpr...

170 B
232 B

46ms
45ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WMTQ3Llg5RTJ1RnJJd1lSSVFyX19zREFKRHZtdTc5eH5B&google_push=Aa02lx_5obacEPV9muhTCLGuppqhGSIDzBCMknV_Vl0NKYBlIg8_ghPprrDOwngFaIt5k-6t7zCIwyOH0pCEiOs3uVEzSyTqpIaG_gVT

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WMTQ3Llg5RTJ1RnJJd1lSSVFyX19zREFKRHZtdTc5eH5B&google_push=Aa02lx_5obacEPV9muhTCLGuppqhGSIDzBCMknV_Vl0NKYBlIg8_ghPprrDOwngFaIt5k-6t7zCIwyOH0pCEiOs3uVEzSyTqpIaG_gVT
date: Mon, 06 Feb 2023 14:40:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 34F1 0
139 B 132ms
52ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iqp8CA82GB8KQeuZgPUU3BjIc9Ps-RpWTdcM3KnyJTfVHPexr6l3LwXcekYUnNDfndB8tTNw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DD1 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 9426 94 KB
12 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gg8pzh2qym3e6cqyb0mk2j4qe3nm0gpw22xx800z3239zb5drnxvf898c91xj69gty9m0ad8dxwhhd8g1t599rd6gygks66vxz0m470zhb0k20bc90c8t58ms49zmy4y1ympfvm7735kytbf846mj5ckd7dc86btjw70ehm5ajjxxnbc1rf0559j3zdk7x0488sarw0mywa61x1y5w0j89272svnxvqs87y28eca8v5qqn02vqfdh9912y7acva77k9wzwgbtt9dydp2hv085pgwpcwzx5zytmb9ma876885rnsp9ch7fhzpfzwv08dyf2vpzeyh7sexnsjb835djr41q5gm1x6mxnkttsw3ksq8r6wbn00q3877c9b06f8ryxqsjntkvq5j6122y13j3m5krs51nv0cgtgkw6g0ekyckjexvy4763s35b0e0ghr1bcv64g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%26client%3Dca-pub-1178899596433796%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gg8pzh2qym3e6cqyb0mk2j4qe3nm0gpw22xx800z3239zb5drnxvf898c91xj69gty9m0ad8dxwhhd8g1t599rd6gygks66vxz0m470zhb0k20bc90c8t58ms49zmy4y1ympfvm7735kytbf846mj5ckd7dc86btjw70ehm5ajjxxnbc1rf0559j3zdk7x0488sarw0mywa61x1y5w0j89272svnxvqs87y28eca8v5qqn02vqfdh9912y7acva77k9wzwgbtt9dydp2hv085pgwpcwzx5zytmb9ma876885rnsp9ch7fhzpfzwv08dyf2vpzeyh7sexnsjb835djr41q5gm1x6mxnkttsw3ksq8r6wbn00q3877c9b06f8ryxqsjntkvq5j6122y13j3m5krs51nv0cgtgkw6g0ekyckjexvy4763s35b0e0ghr1bcv64g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%26client%3Dca-pub-1178899596433796%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 257705
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yv%2BYcMN0qFP6%2F0ABZ6ZUNrQNpbaU32COcCFIRdkBRBnP%2F1LjryJluDIcgslfQZOD0x9NCJUlAVOeWNrybTyhozj%2FfYqnkEHd4c%2FCHZVkfllPMT5oiywSc%2BkuOxuiLjtRbh0W9TEP%2Bes%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 7954a4ddaf21bbf7-FRA
expires: Mon, 06 Feb 2023 15:40:58 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 9426 35 KB
12 KB 33ms
19ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gg8pzh2qym3e6cqyb0mk2j4qe3nm0gpw22xx800z3239zb5drnxvf898c91xj69gty9m0ad8dxwhhd8g1t599rd6gygks66vxz0m470zhb0k20bc90c8t58ms49zmy4y1ympfvm7735kytbf846mj5ckd7dc86btjw70ehm5ajjxxnbc1rf0559j3zdk7x0488sarw0mywa61x1y5w0j89272svnxvqs87y28eca8v5qqn02vqfdh9912y7acva77k9wzwgbtt9dydp2hv085pgwpcwzx5zytmb9ma876885rnsp9ch7fhzpfzwv08dyf2vpzeyh7sexnsjb835djr41q5gm1x6mxnkttsw3ksq8r6wbn00q3877c9b06f8ryxqsjntkvq5j6122y13j3m5krs51nv0cgtgkw6g0ekyckjexvy4763s35b0e0ghr1bcv64g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%26client%3Dca-pub-1178899596433796%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 403837
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqFCur8CGoXJJqGO4ndrnO6REsQE02l7hNkkbFssB7TJic4vrYP4l59PmKV63dLJkoBK%2FK0AQclmuY2tisJlgkmyilssM4heZ0xNvhFNK%2F2qh2cEKvkKxB3Ggz1Wx14GjC7i2mU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7954a4ddbf3fbbf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:04:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FA77 8 KB
895 B 74ms
71ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 14:10:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:40:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame FA77 2 KB
765 B 38ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame FA77 22 KB
9 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame FA77 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 14:11:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame FA77 18 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FA77 0
0 46ms
45ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4ymPd9P1mutlLvfSy5ea9f4vaE_h-p6YW3HFr-Y2CXGLa3es77F98Yz0ANXcrceaWlaYwjXIE2DuuRWRoxhjj1GkI8w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA77 157 KB
48 KB 154ms
153ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:58 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame FA77 33 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FA77 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxOhSeRHhY8PRHv7I1fAPlpW1oAOSw6znbqf7mLGNEZHbkNvnDRABIMu4lHVgleKQgqAHoAG_hdngA8gBCakCnvGRx3UQsj6oAwHIA8sEqgS_AU_QfZwo_WuQPhDEqezp-st_nliL5o9inJpUoQIPZio1KPENrlbjZe-FIZoxwlSD1t7zIUYDaV2y3IfKyckZS-jqObaf4D_xA7rKgTF1QFhqg6P6KURD6iFhGjAWC8LlrTpLn8qoIDnGL-n4iM_dZCWkWIo_gp6IM2TaXwsSQdeQCPvTDDGbBU-Ou57Mxx9i1Mr5m31pTzglVjz4xQe4KqI1PWSMtyInEUvY6BtE5Xi-H44qSbiNupRrQeiIqgGBwATHuai4nASSBQQIBBgBkgUECAUYBKAGLoAHqfqmH6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELX0AdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTExNzg4OTk1OTY0MzM3OTYYAA&sigh=xhLo3PE1ON4&uach_m=[UACH]&cid=CAQSOwDUE5ymzldBPjn1RIMIuaYnLH7bnV8PAimnHWrSn60r9oxFOqtgjAiXKhVX1sUYm7IAMvLOkX3EKLxWGAE&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 14:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2586741188411109988/ Frame FA77 38 KB
38 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2586741188411109988/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce706ad7a292e2b904e9db205e48bc2fd146428a61c2fea5bea785a3e889790d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 13:15:27 GMT
x-content-type-options: nosniff
age: 177931
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38676
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 15:03:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 13:15:27 GMT

GET
DATA 200
OK truncated
/ Frame FA77 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FA77 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame B77A 8 KB
895 B 72ms
71ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 13:41:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:40:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame B77A 2 KB
765 B 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B77A 0
0 78ms
78ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkqKZeRHhY5HEHtLK1fAPtbWxkAz2k_2mYvqoq9nFD5CDhZ4LEAEgy7iUdWCV4pCCoAegAe-nh_8DyAEJqQKe8ZHHdRCyPqgDAcgDywSqBLsBT9B5svByDllR0mRPLK3fyQ0oZvxF5WXRdqmaiRpu-QDWhA3OaGuQQvuwaQVXW2OS7XIPKaMiXWJzzmcyFCtWxKr5NDnAC_jp28mLnOXghJJjgDf4g9dA1K9B8w569ttzBZfEcjgNxxttYIsn60KheLFTw06Wrq1RD-Wugtc9snAWJBQJACbLUpvYEleNjc-OedvRvZ2MCr55WE66oZcGQJTLYaDPuNgmp0kJc9I3H1o9BfVUguip7F4c-8AEtbGOoeQDkgUECAQYAZIFBAgFGASgBi6AB_nXeKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKXVAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTExNzg4OTk1OTY0MzM3OTYYAA&sigh=sT-4UzvIAxc&uach_m=[UACH]&cid=CAQSOwDUE5ymrTZ_WEsvkNHfazSMigpi6BVHQqKOduwZWppnOvoTerrh2tTxxRU8laEKmvCu9GbfvFAGz--jGAE&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 14:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame B77A 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame B77A 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 14:11:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame B77A 18 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B77A 0
0 48ms
46ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5r3pSVSenZKfF6MuaJzz3QdFP88ddPZ_wgFdtisFX8VSBisEG2RCsscb2wym_WqnlsXov4HbBX0TqOxnR5N7wUT4OgA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B77A 157 KB
48 KB 166ms
163ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:58 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame B77A 33 KB
14 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8672925588126370030/ Frame B77A 15 KB
15 KB 38ms
36ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8672925588126370030/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d7873e6a2c087d69f7964baf2e48fc9b52997edc124e2b6bc3bd6c83661e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 12:47:51 GMT
x-content-type-options: nosniff
age: 93187
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15697
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 02:47:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 12:47:51 GMT

GET
DATA 200
OK truncated
/ Frame B77A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B77A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9426 3 KB
4 KB 78ms
34ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 280
x-guploader-uploadid: ADPycds1SLdGXbfm0r3qDGy8sfwZXQfpj1kJA4sERetf1LIRiVzV7g41c7a-EwZMzWmu5dxBmhh2VgdQIymIU8Old3wWOUTyb-2i
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFGSyfRlEgAWvMn4oUR2G8H6ggp1qXwpdPslt5raKvt%2BAhCi62w6MSwHdDMYywMAF0lNdGODbIJtcg2oeSnIqdbXZAU8LEoH5orZgufaYtHMlV9Yf1SWUKBWn1tDBuClloIRHqoYdyueAJkeCpKlaD8V"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7954a4de9c902c71-FRA
expires: Mon, 06 Feb 2023 15:20:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 85ED 1 KB
643 B 47ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 06:14:03 GMT
etag: 48472445140208031
expires: Tue, 07 Feb 2023 06:14:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FA77 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0784f089613304ac54a946ce23b86d06f1244658cca55318548e6fc7ce96bc96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame C796 2 KB
1 KB 25ms
24ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 227730
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7954a4de6aaf9a2d-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 06 Feb 2023 14:40:58 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgUkFYoNMYmTEp2TlYRt3CX8s3IhnSPyZa83MKa6ZQ2S895K80InqmH8sab%2BQScLn7syBS7E3KDeVeNtaTaDjSv9o1XHvXyfv11eaP8eGXB95oCHuVC%2FiRDa9qp5KFDxSKR5Coo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 76EC 1 KB
643 B 47ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 06:14:03 GMT
etag: 48472445140208031
expires: Tue, 07 Feb 2023 06:14:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B77A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7301c5bdaec36fc4c5f77dd6a3626de51df6d1866841772122ebe2541b0b5e65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 rs Show response
ad4m.at/ Frame 9426 1 KB
2 KB 32ms
31ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 912cac637c5200a6f415460a4d536cf2e647d840ecdc93176a5deafcab49a616

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i58NvQILrYu9z8iDG%2F%2FDSqvfHQBGnnTv8A%2B%2BS513grE6a6v4x79vrgiUiF6K9%2Bq3u%2BlF59T%2BU69%2BO2%2B%2BTY95dLyZAbhCxbOUoh3JzworjQkXRzl3MEtdUBddd5QXLyUwQyklKOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7954a4deefd29b1f-FRA
x-backend-server: aa-reachservice-group-europe-west1-b74t
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 48ms
37ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7954a4debf199b1f-FRA
content-length: 24
content-type: text/plain
date: Mon, 06 Feb 2023 14:40:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKxHEp4%2F0WzbUESCRdkh5ljRsYKT%2F0uBEnJ7YyR7XQtdBMD2qzC51BoQhe717Tdp7mQJvn4n%2Bss9NnchV3f7xdmjTPr4CHAVgcklov0b89hWqOR%2F1Zx9%2B8bRxChQEAIJqWprnqg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-62xx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85ED
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESED0oiLPfPKdUVrlsgiBh_BM&google_cver=1&google_push=Aa02lx9FGZOBuYjosAjBNaVE1dfQbRNi9C0c4BKqBricb2kHD65KmnhAbk1lmA95rmYjfybUSGyqT7XljtCU50TX2OqBnFnoOQ2fhg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4F1E925D03A44F2BBEADA8254A8C7DE&google_push=Aa02lx9FGZOBuYjosAjBNaVE1dfQbRNi9C0c4BKqBricb2kHD65KmnhAbk1lmA95rmYjfybUSGyqT7XljtCU50T...

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4F1E925D03A44F2BBEADA8254A8C7DE&google_push=Aa02lx9FGZOBuYjosAjBNaVE1dfQbRNi9C0c4BKqBricb2kHD65KmnhAbk1lmA95rmYjfybUSGyqT7XljtCU50TX2OqBnFnoOQ2fhg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Feb 2023 14:40:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F4F1E925D03A44F2BBEADA8254A8C7DE&google_push=Aa02lx9FGZOBuYjosAjBNaVE1dfQbRNi9C0c4BKqBricb2kHD65KmnhAbk1lmA95rmYjfybUSGyqT7XljtCU50TX2OqBnFnoOQ2fhg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 05 Feb 2023 14:40:58 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85ED
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJKV0YSLYP6H6p1AZgnFxEk&google_cver=1&google_push=Aa02lx-R4MrvgiEfTshZSYxYXibKuDSvn9ONNUTtQZE0Xx7wVg3NMfZPVl-C_9FKGjmAKOhUVkV1NohVA1Uh2WIpPynK...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJKV0YSLYP6H6p1AZgnFxEk&google_cver=1&google_push=Aa02lx-R4MrvgiEfTshZSYxYXibKuDSvn9ONNUTtQZE0Xx7wVg3NMfZPVl-C_9FKGjmAKOhUVkV1NohVA1Uh2W...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-R4MrvgiEfTshZSYxYXibKuDSvn9ONNUTtQZE0Xx7wVg3NMfZPVl-C_9FKGjmAKOhUVkV1NohVA1Uh2WIpPynK_i6p-5qjcw&google_hm=WFMtg6A-RSuYDMx8K9nOSQ==

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-R4MrvgiEfTshZSYxYXibKuDSvn9ONNUTtQZE0Xx7wVg3NMfZPVl-C_9FKGjmAKOhUVkV1NohVA1Uh2WIpPynK_i6p-5qjcw&google_hm=WFMtg6A-RSuYDMx8K9nOSQ==

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-R4MrvgiEfTshZSYxYXibKuDSvn9ONNUTtQZE0Xx7wVg3NMfZPVl-C_9FKGjmAKOhUVkV1NohVA1Uh2WIpPynK_i6p-5qjcw&google_hm=WFMtg6A-RSuYDMx8K9nOSQ==
date: Mon, 06 Feb 2023 14:40:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85ED
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBsZRMDqdPeVa3UqVGCgw10&google_cver=1&google_push=Aa02lx-qLtODC1NTNS-_hcGtuwEOrP95tzq5wbrkxfgHJeFkzIuUe0HSGpy1wHzBEGW75T4M5brZqb_b...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxMzk4NzkzMTE5OTQzMTExMA&google_push=Aa02lx-qLtODC1NTNS-_hcGtuwEOrP95tzq5wbrkxfgHJeFkzIuUe0HSGpy1wHzBEGW75T4M5brZqb...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxMzk4NzkzMTE5OTQzMTExMA&google_push=Aa02lx-qLtODC1NTNS-_hcGtuwEOrP95tzq5wbrkxfgHJeFkzIuUe0HSGpy1wHzBEGW75T4M5brZqb_bOc6WfOK4W7cXfuKsKmsaWg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxMzk4NzkzMTE5OTQzMTExMA&google_push=Aa02lx-qLtODC1NTNS-_hcGtuwEOrP95tzq5wbrkxfgHJeFkzIuUe0HSGpy1wHzBEGW75T4M5brZqb_bOc6WfOK4W7cXfuKsKmsaWg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85ED
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBNwb0MFGlFgpQWgWafBEjQ&google_cver=1&google_push=Aa02lx_a80FxtN2G3RemMAwZR1-d5wC_1ta1M-RC5gs1XXYzU7PcSF2HL_qP_xaa-tkIymrZyOOa9o5NAxhR...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_a80FxtN2G3RemMAwZR1-d5wC_1ta1M-RC5gs1XXYzU7PcSF2HL_qP_xaa-tkIymrZyOOa9o5NAxhRSyLM6_utjXuwYAQa

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_a80FxtN2G3RemMAwZR1-d5wC_1ta1M-RC5gs1XXYzU7PcSF2HL_qP_xaa-tkIymrZyOOa9o5NAxhRSyLM6_utjXuwYAQa

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_a80FxtN2G3RemMAwZR1-d5wC_1ta1M-RC5gs1XXYzU7PcSF2HL_qP_xaa-tkIymrZyOOa9o5NAxhRSyLM6_utjXuwYAQa
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85ED
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx9ZOFk5eIYSsbXd9MZ1STf26j0DJYTlrN_t0IJWh_GmrfeRLyniKZMLCv0FGJeQCLy9jwSjj44xVPgnvtyDiHoueQYfzkbSVA&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-728ffea3-4f0e-4f77-85b4-b04ae5e14e34-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx9ZOFk5eIYSsbXd9MZ1S...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9ZOFk5eIYSsbXd9MZ1STf26j0DJYTlrN_t0IJWh_GmrfeRLyniKZMLCv0FGJeQCLy9jwSjj44xVPgnvtyDiHoueQYfzkbSVA&google_hm=A3KP_qNPDk93hbSwSuXhTjQ

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9ZOFk5eIYSsbXd9MZ1STf26j0DJYTlrN_t0IJWh_GmrfeRLyniKZMLCv0FGJeQCLy9jwSjj44xVPgnvtyDiHoueQYfzkbSVA&google_hm=A3KP_qNPDk93hbSwSuXhTjQ

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9ZOFk5eIYSsbXd9MZ1STf26j0DJYTlrN_t0IJWh_GmrfeRLyniKZMLCv0FGJeQCLy9jwSjj44xVPgnvtyDiHoueQYfzkbSVA&google_hm=A3KP_qNPDk93hbSwSuXhTjQ
date: Mon, 06 Feb 2023 14:40:58 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX728ffea34f0e4f7785b4b04ae5e14e34003
content-type: text/html

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 85ED 0
75 B 18ms
17ms Image
text/plain 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEG48kFn7Wuj6eEbf06AIqcQ&google_cver=1&google_push=Aa02lx_7C8VsVOL0fd189BztdQUrqw1ySkio77FNLTagRnyqZWPKQkz0fiOVTKbgeh56S9BG86VvlAIeOOBDHQmfqqojpgWFo95q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
content-length: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 85ED 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 85ED 0
40 B 43ms
43ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LgyS8KRsNtf857Jxzo9ji7zfZAYoPtxcXGYHU0KDTYvwUVQMvKa4HwnZ1TRrW2TnZQKOc2Gg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 i.match
a.tribalfusion.com/ Frame 76EC 43 B
383 B 186ms
182ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEOh3VFT1qt2XDkTpXzpp5_4&google_cver=1&google_push=Aa02lx9BDFslt5MOi7l4mJ0Eb93M7enNpZh73q_Fmq80nbLVESJASXxVyS7J0sD7ocotJDV8Kz4xm51vJV3WorFwG4JAwtz_o3nh4w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9BDFslt5MOi7l4mJ0Eb93M7enNpZh73q_Fmq80nbLVESJASXxVyS7J0sD7ocotJDV8Kz4xm51vJV3WorFwG4JAwtz_o3nh4w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7954a4dedac939e5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76EC
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH4to0hZjsmzVv0njtge3zk&google_cver=1&google_push=Aa02lx-PueF6UTZ5-9ItvpaYNQQCTPoURkJULEXECQyLEp31JMR9o39adj4CYZUMQODkn5DSXgOXdjb3Yr_ZMT...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx-PueF6UTZ5-9ItvpaYNQQCTPoURkJULEXECQyLEp31JMR9o39adj4CYZUMQODkn5DSXgOXdjb3Yr_ZMTCgp26DzObarX3Qkj4&google_hm=hmPhEXpyp0r_u_...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx-PueF6UTZ5-9ItvpaYNQQCTPoURkJULEXECQyLEp31JMR9o39adj4CYZUMQODkn5DSXgOXdjb3Yr_ZMTCgp26DzObarX3Qkj4&google_hm=hmPhEXpyp0r_u_sR-g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63E1117A72A74AFFBBFB11FABLIS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx-PueF6UTZ5-9ItvpaYNQQCTPoURkJULEXECQyLEp31JMR9o39adj4CYZUMQODkn5DSXgOXdjb3Yr_ZMTCgp26DzObarX3Qkj4&google_hm=hmPhEXpyp0r_u_sR-g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63E1117A72A74AFFBBFB11FABLIS
date: Mon, 06 Feb 2023 14:40:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76EC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEoL2EQpzimNXSN_WMjCT1g&google_cver=1&google_push=Aa02lx_ETUilTGq_2f6r4L3hURZ52f1KUSezywB2Rc1v0ku6BhJvoqhkT9S0sFVi1mGHWnvjIS4tT-MTctUEAlDOiW1cssq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_ETUilTGq_2f6r4L3hURZ52f1KUSezywB2Rc1v0ku6BhJvoqhkT9S0sFVi1mGHWnvjIS4tT-MTctUEAlDOiW1cssq6FI-lSE0&google_hm=eS1HOTVka250RTJwSE1...

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_ETUilTGq_2f6r4L3hURZ52f1KUSezywB2Rc1v0ku6BhJvoqhkT9S0sFVi1mGHWnvjIS4tT-MTctUEAlDOiW1cssq6FI-lSE0&google_hm=eS1HOTVka250RTJwSE1hdklWazFuRzNzZlRoc2lzNEp4Sn5B

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Feb 2023 14:40:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_ETUilTGq_2f6r4L3hURZ52f1KUSezywB2Rc1v0ku6BhJvoqhkT9S0sFVi1mGHWnvjIS4tT-MTctUEAlDOiW1cssq6FI-lSE0&google_hm=eS1HOTVka250RTJwSE1hdklWazFuRzNzZlRoc2lzNEp4Sn5B
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 76EC 43 B
356 B 121ms
27ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEO2EA1Tc5gYS6Ztaz2uU2OA&google_push=Aa02lx82u3Pyq-4olRJUUZuhADaot-9-3HexTofXm-0iis1AxT1Pwv_GKsi_K5a76pO07nrhxVlfeHW9O1UplLKEobKCNVqL-9CeCg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 76EC 43 B
135 B 24ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENblyZCAEXyNHnYqyhfUla0&google_cver=1&google_push=Aa02lx_vDhCOefDJwT2psL3KzxpaK37W3qswLWyqQrZiqvMS0B_18RhmiIIQDupgNTmDq0TaYxNAMPKzMaRR3c7R0WpOrXBPuxAYiVg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: p8ejljhmgunluoms21cjhq1l0tc3ducr

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76EC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

50ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9nt91KS31nooAud3IKBddLk_AEJmX47iDJ2Bo0YBF4vAd5wqL-95wTX1eDOrH-7u4XdQgHr9LSmxdQkD6-8ZS0fGPczWifKCI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9nt91KS31nooAud3IKBddLk_AEJmX47iDJ2Bo0YBF4vAd5wqL-95wTX1eDOrH-7u4XdQgHr9LSmxdQkD6-8ZS0fGPczWifKCI
date: Mon, 06 Feb 2023 14:40:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 76EC 0
75 B 20ms
17ms Image
text/plain 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEG48kFn7Wuj6eEbf06AIqcQ&google_cver=1&google_push=Aa02lx_s_sYyh2CS7ZDzW6MGcvnJ2DLXFtqF_A9hLU8sii8hVZgzH2OCMGmnFdYFD90aG662mChaN5o7vZfvssCpSuSyj07AibAvUpk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:57 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 76EC 0
12 B 48ms
46ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JW3Bo-Mi3UAJtuBmqh83s11fyvIrCoQuKkXEH52mBCQ85mUnmY0Q99-JR_q9WCj5uBvOk0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame FA77 28 KB
28 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 77801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 17:04:17 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame C2DE 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3226338326&pi=t.aa~a.2433025903~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2218&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NTpHDfnWKI&p=http%3A//ya.co.ve&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6ADD 10 KB
4 KB 38ms
37ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71aa18821911c1ac32b4de8cc42544f7ee103c9ae53422a5b10903a00e1d1243

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gg8pzh2qym3e6cqyb0mk2j4qe3nm0gpw22xx800z3239zb5drnxvf898c91xj69gty9m0ad8dxwhhd8g1t599rd6gygks66vxz0m470zhb0k20bc90c8t58ms49zmy4y1ympfvm7735kytbf846mj5ckd7dc86btjw70ehm5ajjxxnbc1rf0559j3zdk7x0488sarw0mywa61x1y5w0j89272svnxvqs87y28eca8v5qqn02vqfdh9912y7acva77k9wzwgbtt9dydp2hv085pgwpcwzx5zytmb9ma876885rnsp9ch7fhzpfzwv08dyf2vpzeyh7sexnsjb835djr41q5gm1x6mxnkttsw3ksq8r6wbn00q3877c9b06f8ryxqsjntkvq5j6122y13j3m5krs51nv0cgtgkw6g0ekyckjexvy4763s35b0e0ghr1bcv64g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%26client%3Dca-pub-1178899596433796%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7954a4df2b819a2d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:58 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame 7A15 8 KB
895 B 87ms
86ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1418185256&adf=667648791&pi=t.aa~a.2433027837~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=GVPLPopkaZ&p=http%3A//ya.co.ve&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 13:22:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:40:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7A15 2 KB
765 B 37ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 7A15 22 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7A15 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 14:11:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7A15 18 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 15:32:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7A15 0
0 47ms
46ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_l5kYyZA3NghSTyQUkpgrsTupLElAqobaOjaiHWmxQRyuntGByX5j9ynwxS1hOGUq1rvbLMSdQM7q9EffMG35vqKVcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1418185256&adf=667648791&pi=t.aa~a.2433027837~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=GVPLPopkaZ&p=http%3A//ya.co.ve&dtd=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A15 157 KB
48 KB 118ms
117ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:58 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 7A15 33 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7A15 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFdcveRHhY9SnHp6e1fAPxvWPqA2Y3pXBbZGOlYb5EOPVnoCYDhABIMu4lHVgleKQgqAHoAGNhO7rKMgBCakCRzmmm7YPsj6oAwHIA8sEqgTKAU_Qn-IMXzMKgf-uLx77h7vbJhooU5baVkOswPNB1ggB5ouSTHJtVh-QRoKiz_nQMt2vWM-M0nioZqQiJDyk-ws_AkbyuH49cfmVjvd9NgkNb-zRffTb2d2VlL1lEf7oICCM8Emv9mL1fHp7MmAwjUxPzPCjZW-uY55D0CPCwnclt0t_qLxEvbf6TQ31UgEDh6TTSHEm-iUy7pBJ6SmkX8TrvvwHe7uJXi5M5tr04UAyTTSo6FhDmjLMyY-646489otQHcDr0byw1JnABIGLqYyVBJIFBAgEGAGSBQQIBRgEoAYugAeNvL7LA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOKOAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTExNzg4OTk1OTY0MzM3OTYYAA&sigh=G-Xfl-FSSwY&uach_m=[UACH]&cid=CAQSOwDUE5ym74k3Bs9u06LQ5AazOdxnTShUudaIRxBnRxOcXc4amXuz4IKQtMFoFA_E77sUMsM2I9sKvDsCGAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1418185256&adf=667648791&pi=t.aa~a.2433027837~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=GVPLPopkaZ&p=http%3A//ya.co.ve&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 14:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B77A 0
20 B 79ms
78ms Ping
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20230201&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B77A 28 KB
28 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 77801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 17:04:17 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7692326236004730461/ Frame 7A15 38 KB
38 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7692326236004730461/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1507666ee0b8edbf08463c0320f10f23f25a1a3132cb3fadd40f0fc0764eaec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 10:47:46 GMT
x-content-type-options: nosniff
age: 13992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39144
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 14:26:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 06 Feb 2024 10:47:46 GMT

GET
DATA 200
OK truncated
/ Frame 7A15 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7A15 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 6ADD 94 KB
12 KB 31ms
30ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 941003
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2F7OyV%2BsVQA6W%2BPSEqwN%2F%2FahqBsapsE%2B8IJcDjwuvxpY8xiTcDl2BrtCe3wWe9r1Vt4c0M15cD4Z%2F36scspYNhLojaWpRmuXBYY0ZZ%2BcFjMp0ZtzO4K4BSKiZZDC1K5vPTRGc8%2B5v6E%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 7954a4df7c009a2d-FRA
expires: Mon, 06 Feb 2023 15:40:58 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 6ADD 8 KB
9 KB 51ms
36ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2579702
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tJEG3S5ZY3LTtoB2gJANZAdNe2DqRqzp%2FWj%2FHC4Wn4msF1lOQ9DnGta5qj7CVe0AxBNkg6ORshhLAAoVBZKy8%2FMlMbvvSjv0cuxbmaqB3kOFoIiAApdkTfM%2B1NHK0qEzbPfHm75UPxQ7UNm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7954a4df9af5bbf7-FRA
expires: Tue, 07 Feb 2023 14:40:58 GMT

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 6ADD 93 KB
94 KB 36ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1010707
cf-polished: origFmt=png, origSize=155400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJ2Lgb8EicitL1LCGvCx2A%2F%2Fn5P3zeF1WYy7wj5U%2BQ7H%2FatLFFaKh9hhnjdV%2FbQU6fhS%2Bv7X9tbGjW9Yg4vu6iEZRYpMeshpT3qihSoSvCGBA1IvnDIRg28sE%2Fdb8Wj%2BHf3491xLLD8onWwl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7954a4df9afebbf7-FRA
expires: Tue, 07 Feb 2023 14:40:58 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 6ADD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CI_Z6aeQgf0CFXXouwgdVSQMEQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675694459_4563e5a0-a62c-11ed-acb0-22645d5ed731

0
549 B

63ms
15ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675694459_4563e5a0-a62c-11ed-acb0-22645d5ed731
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 14:40:58 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Mon, 06 Feb 2023 14:40:59 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675694459_4563e5a0-a62c-11ed-acb0-22645d5ed731
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 6ADD 26 KB
26 KB 28ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29bdb7db83315a34e9893cdd74afad8064611b89dade9adcc78b42fcafbf159

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1009184
cf-polished: origFmt=png, origSize=53992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jun 2022 14:47:26 GMT
server: cloudflare
etag: "e460905652d65e6a54a57da046f52d6c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQqM3Y632w8X%2BBZu2kxSW7gKm03Bw6SF6NSUjwfeu11No0PG8dKUgMX%2FnqM%2FEXORHHmlgN8PYmZwA4ag8mHzOMbJfMcl0vieNLehv%2FeUmA8YmKaD2uDggWnzNLo1kt0MWHdmtLb1DGQKHW7r"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7954a4df9af7bbf7-FRA
expires: Tue, 07 Feb 2023 14:40:58 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 6ADD 54 KB
55 KB 36ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114637
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55798
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrU1%2F%2B2bx95LhlskWZoljU%2B8c1l7lkjqKIUpNcrycFjmyEjaNVpP9v6aU863OqFUYz46yX8PHvOVbi7E6I65WpTEFafJWhCOiho3GIebxsPBEYt4gbEAgQVL2Zt2PsWUQ3m6NG8CFz4zQkuj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7954a4df9af9bbf7-FRA
expires: Tue, 07 Feb 2023 14:40:58 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 6ADD 44 KB
44 KB 48ms
38ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1525767
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUZ%2FZtp4JPIJ0aQSLU%2FaRqe0Kyy94md0%2FM46xPN2W%2BVgZGXbjHTZhdvJk6TSw2jslVYotZxz7NcpuBkqOTBmej3WiAfn0R3rYFhqz7tohtP%2BZ%2FhiWlKueK8a7ZKkwCf%2BfBABvGLgFEnv6jap"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7954a4df9afbbbf7-FRA
expires: Tue, 07 Feb 2023 14:40:58 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 6ADD 298 KB
299 KB 29ms
19ms Image
image/png 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 256168
cf-polished: origSize=342797, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 305593
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IefwmBd5%2BgLw1x%2F62%2FsjIx1pGecFuyBplS4R%2FCo6rBF7ZJ%2BeyNJUdGgLs2jYyEXTtL2G%2BSNGmYcVOiA7BTL26JahcMJpEhVTRs0PCR8ofGmZBGacM1MMtxqoUMGOKHBznSf3FMfb3wxFZVS%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7954a4df9afcbbf7-FRA
expires: Tue, 07 Feb 2023 14:40:58 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 6ADD
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1675694458_45436551-a62c-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=

0
671 B

93ms
47ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1675694458_45436551-a62c-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:59 GMT
via: 1.1 additional-webserver-blue-n1lg (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 251824072
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=6a41bab43295d3a7
cf-ray: 7954a4e0db4190af-FRA
expires: -1

Redirect headers

Date: Mon, 06 Feb 2023 14:40:58 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1675694458_45436551-a62c-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame B01A 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1213588912&adf=3762182088&pi=t.aa~a.2433028998~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=D4W7ipmuwJ&p=http%3A//ya.co.ve&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6417 42 B
174 B 82ms
82ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOI1wULcq-zkrRuNK_xvlppa9Fw6Sa8Q0e9iAWLXShq59cqfK5rpxHu47DcF576z3TjEhBKyjCLzLps2tnT9p0pn-IyoqF1DH1e0FSZ-tKIY0cJbIKruSGtOuw3Kv2P6hErJu2oA&sai=AMfl-YSWzHq7IV8HGNr-mqIddIxoo44qaseb-x-h-YSgiZCsqECZyiv88Uqozd5j7WePVvHQ7tGwF7ykxCB8&sig=Cg0ArKJSzIFJmIsE_Ns1EAE&cid=CAQSGwDUE5ymF3n1KaMEqXsMQHogBzc2hoPdkPOPshgB&id=lidar2&mcvt=1057&p=0,0,280,1200&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3809598800&rs=2&la=1&cr=0&vs=4&r=v&rst=1675694456361&rpt=1423&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DDEF 42 B
108 B 82ms
82ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuD0Vswp86wuloDp9XsNLaNe0HPGJ_RYAQ4sJPYb86KHXLa-rzftKM3l34vV_EzXhg-sLfqnDxqlsnyOIxyw6hDa96RvodG8VwEMg6vkad2E8Gc3LfgA_7IHHpXfSbMmQQ4ktU6sv7L2Vptte6yX8c59NUao3EXPGTTUuE2QItj2Ry80J_scPYzSH_tgRPVNCCOllsiAyIf0QCeh9oP--QPrM-BvP5Fogqw56kIpPtKIM6Zpc47AuoqXbjVWVob3HCKx_C8Ip85r6jR2Yirpg7QspuJyvqC4Uw_SZEw_Qj2gLIRkgF0KGZCnJmgN4XD952JUjy4awMbXn18eMi3hgAc7Z110hFVnZaaEult0Ms7DOKl6miPPXhn2ZhSjn0MUKlxBSqY6Z5xV9Jm86gm8xUkjJQIa10GURPde68TjrUyQVUflvDNypLtmTaED0Mg0Z3ZXMbYt24HxNbZTRmKEWVYxE8fAzKcgId3RYku-JbQmz6aHO7kD_dzKJ-9I6dWWtxHjGVRVkkm7Fh5N84GNxzgfMBd5UgcG5P1BXW9eNQhpQQvdBSKG29CWSWXpmKrrJu1CTWcE96cKMfZXlIB77WzTXx5InZXjPha4f6tTbW4jJQbuHhyLiMMQYVH_enxxfBkUZhSkr2SOVtzG2Z1jWKWIC5IwP4rGOjiNgeTl_Clt7obiC1hm6gLbzcX5liF5omFqWaMYj13LccHWrSYUwaFcIxJzXCEfW7BzaWr2l7OLhcYdRSUHofNfDEgL5vNMkIDsUnuQux91dqXLCBtHnCwGrYtwttl6BZiHlurg8AuXYb6tOyxW_XQd6MCBssxiC3R6JX6Fox4kBJnaayAFSt_s9V6lIRgSSxeDrDzQAnKxOR0Ek2x1kQe4L_z_RrJ2IfUxqFBR24XkO2BIuxnA16JtBE&sai=AMfl-YRPXtkwaQ7Q_iVWZJDTDZtawHSfGKzO3MSYkh6vI0R34iXR8RJMfzJZKtdghQe6aoKR9JVce13kHgsJpGjr1AHBWWsfHeBlWA&sig=Cg0ArKJSzGgSKbjYwIBPEAE&cid=CAQSGwDUE5ymNuHbnsARhDqDaVaLaDR4cCzWFkfhYxgB&id=lidar2&mcvt=1033&p=0,0,500,180&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1675694457529&rpt=267&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 6ADD 2 KB
2 KB 189ms
129ms Script
text/html 13.42.68.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gty5hkdkpjc6pnvgwsw33mhgxvpcg4c067qjegsn44nmgjdcvhafb4c349cnb2q5cfvgycyyman91vssapc4cj8bqdnkwwq1bsq7fwa1cwffn7d31yymjbj5qydn16et9j0jvba50q4qsanvgde3pbyvk7evewhajppc928kapnb7ce9assj7j345fj79sa7cgtjzw3esqw52gyvaq9pn6ywn7rwjzrhc9atxjvfnck80xpn0rnfgx5953w9sd7j02h4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%252526client%25253Dca-pub-1178899596433796%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.68.116 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-68-116.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 08c291d9f228b33de09c79e2fb983dc43eacde9fb2750e386d55179683fd5ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:59 GMT
last-modified: Mon, 06 Feb 2023 14:40:58 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 06 Feb 2023 14:41:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1800 1 KB
643 B 47ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 06:14:03 GMT
etag: 48472445140208031
expires: Tue, 07 Feb 2023 06:14:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7A15 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20712bd669d5e0de04992369a814b10fa65c5a429a8ac6b7a51d763d7d4a7ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1800
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAIQstS6XDGN_PJxaja1cyI&google_cver=1&google_push=Aa02lx_4NwhU8tMNqZCIXvz79To9zDPgKeyHj-Lt8dQm2UsG43gz1aZYzt2vDWAUadOZzmF7pMWO5s0D8sDacRlP-0kjRK2pggEZCw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUzNzM4MDIwNjcwNDg5MjM4Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAIQstS6XDGN_PJxaja1cyI&google_cver=1

43 B
398 B

105ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAIQstS6XDGN_PJxaja1cyI&google_cver=1
Requested by: Host: ya.co.ve
URL: http://ya.co.ve/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 06 Feb 2023 14:40:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAIQstS6XDGN_PJxaja1cyI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1800
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH4to0hZjsmzVv0njtge3zk&google_cver=1&google_push=Aa02lx8AIpSxjizOC1ynWOxOIdzT24tZnSuoIlWOyeNsPBu5CJbfm39UyJfInFjmG1p6_PSFF8J384Fe_pwmEy...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx8AIpSxjizOC1ynWOxOIdzT24tZnSuoIlWOyeNsPBu5CJbfm39UyJfInFjmG1p6_PSFF8J384Fe_pwmEyCcCalOMteVK12TFA&google_hm=hmPhEXpyp0r_u_s...

170 B
188 B

50ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx8AIpSxjizOC1ynWOxOIdzT24tZnSuoIlWOyeNsPBu5CJbfm39UyJfInFjmG1p6_PSFF8J384Fe_pwmEyCcCalOMteVK12TFA&google_hm=hmPhEXpyp0r_u_sR-g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63E1117A72A74AFFBBFB11FABLIS

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx8AIpSxjizOC1ynWOxOIdzT24tZnSuoIlWOyeNsPBu5CJbfm39UyJfInFjmG1p6_PSFF8J384Fe_pwmEyCcCalOMteVK12TFA&google_hm=hmPhEXpyp0r_u_sR-g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63E1117A72A74AFFBBFB11FABLIS
date: Mon, 06 Feb 2023 14:40:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1800
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-QwjC2EFWsqpeDq4BAbZ0iz8OSKQ8pUXCO4bTmN6QwNN3ONq2aGdPu5TknxPJivgOEaZHG0YW8zBirTk1zlGy0NAZZNEde7A

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OmN4qbjRhOpfxm3xqK3oA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-QwjC2EFWsqpeDq4BAbZ0iz8OSKQ8pUXCO4bTmN6QwNN3ONq2aGdPu5TknxPJivgOEaZHG0YW8zBirTk1zlGy0NAZZNEde7A
date: Mon, 06 Feb 2023 14:40:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame 1800 43 B
297 B 285ms
20ms Image
image/gif 2a05:d01c:1d8:8102:19b0:b513:2440:3cab
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEH4Yx5YmNt_-Up9qcfdlcO0&google_cver=1&google_push=Aa02lx-L-UwAUXtqcbr-NICF5Rha4VuoY03Nw_ZDvXISA7hhvSwpFLQfP5rXL5jdRZDpiKJAZaw3zusWuGL8R-eXSfAU-g5vzzab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1418185256&adf=667648791&pi=t.aa~a.2433027837~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=GVPLPopkaZ&p=http%3A//ya.co.ve&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:19b0:b513:2440:3cab London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 06 Feb 2023 14:40:59 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 1800 0
75 B 18ms
17ms Image
text/plain 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEG48kFn7Wuj6eEbf06AIqcQ&google_cver=1&google_push=Aa02lx_pPLZcpDkzTQR-7ygUwUO0hXpc0bNsIzAhcGaoK6Vombdq0WtwEI7EbHhXzIBF8_RZxr7jvaKFJBy3xUCXCLByQrzdIQ_Z
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1178899596433796&output=html&h=280&adk=1418185256&adf=667648791&pi=t.aa~a.2433027837~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1675694457&rafmt=1&to=qs&pwprc=5659404050&format=1200x280&url=http%3A%2F%2Fya.co.ve%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675694457443&bpp=1&bdt=2217&idt=-M&shv=r20230201&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D203fef0e1823ed47-221540869edb0003%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q&gpic=UID%3D00000bb113e374f5%3AT%3D1675694456%3ART%3D1675694456%3AS%3DALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5674341855858&frm=20&pv=1&ga_vid=1831056427.1675694456&ga_sid=1675694456&ga_hid=955212308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C31071855%2C44779793&oid=2&pvsid=955814589857061&tmod=940118229&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=GVPLPopkaZ&p=http%3A//ya.co.ve&dtd=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:58 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 1800
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBNwb0MFGlFgpQWgWafBEjQ&google_cver=1&google_push=Aa02lx-NfQOoawjpcWzJ4z0gO5GKGzx3zHfg96f02NpsbKH2V9OaaHHTddnvk0XX33PMku11W6xftaWSsZ3...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-NfQOoawjpcWzJ4z0gO5GKGzx3zHfg96f02NpsbKH2V9OaaHHTddnvk0XX33PMku11W6xftaWSsZ3GwuHFOV4QEYtNaL7u8xc
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

27ms
27ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1800
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKmV_Cqvpph8oLMkRILLhrc&google_cver=1&google_push=Aa02lx-N-3ewTfuem...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKmV_Cqvpph8oLMkRILLhrc%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg1MDM2ODcyODQ0NTQ0MDY5&google_gid=CAESEKmV_Cqvpph8oLMkRILLhrc&google_cver=1&google_push=Aa02lx-N-3ewTfuemXMCR-na7Hkf8IYgQQi2Ji4fAU...

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg1MDM2ODcyODQ0NTQ0MDY5&google_gid=CAESEKmV_Cqvpph8oLMkRILLhrc&google_cver=1&google_push=Aa02lx-N-3ewTfuemXMCR-na7Hkf8IYgQQi2Ji4fAUYjGKHMFTGPO6x3YxDuLXsUftMp-fwEn3Ecfh9hw0NYPuGALeJ8VW-kx7wYkQ

Requested by

Host: ya.co.ve
URL: http://ya.co.ve/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 06 Feb 2023 14:40:59 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 817a3abe-520f-452c-9336-1eeb1d3140fe
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg1MDM2ODcyODQ0NTQ0MDY5&google_gid=CAESEKmV_Cqvpph8oLMkRILLhrc&google_cver=1&google_push=Aa02lx-N-3ewTfuemXMCR-na7Hkf8IYgQQi2Ji4fAUYjGKHMFTGPO6x3YxDuLXsUftMp-fwEn3Ecfh9hw0NYPuGALeJ8VW-kx7wYkQ
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1800 0
12 B 48ms
47ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KA1djXZXE3o05BhIx_mm0EtA3StLY6EWDOKiukVer94Jp_SNw9o4eVTX5yM_AYeCa1Hv8RNws

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A1E9 42 B
64 B 83ms
83ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlKATuIBj9u_KMFkSQyl3oLmFQAwpfPK0bEZs67517SH7UhpkUrEL7zHt7M1HHidEpZyUfxifFO3XAAJ7b_WBbOBhHPYkWQ8HGq1JTglM9GlX-i1cSGYziDUy01CnZi9SKNrN09GINHiIxdi-XL98YPcdYUHpIinTIz5W3m5ZJ0Hy7Grj8iorBARpeA_KHuVtzNUogrt1rwzVQt6PxaRTh0Wy2Lc6B85gk3hp6O3Dw5TfavVGPqFVN6gllewF9qj_OzaWOCkVLRCqezvC3Cut0JtlCe3j7f6Xat8bQD9D0n0yX0OkPCDsaeOhuKhQTbtqDD6aPYDTJIavQZNI9TKIBs2TcEASsGGOpySZ3wmL-AOHSFyuKhYndBbqVQUHwVAhtoiGPRo_V4yOqNMrRnokf5sv5tFTvyNBJbQMxt9-693LwEzcSdR9zqMO0BZtm5MhaNutCdhJ9BOrk2fWxz19JhqUftiqlCwtavBH6-mroB4h5osHcH26j05xzELlhyuiNUAufOsC8iVZCaZbE71ncNl_3qnpFogZ4GymmlRNoSv4QBVbwLdREjyHOR5j9KYBjB26mVHQvwVwkSFUGjqzUe5EsD0C4w2un8wtHjWT1nh9Kzj8iwkfrH2CrGf1htBhihf6xqFyb4D7LBVZRhbIByWL1JtbJgmSHTEuHF8WtW2rs84xZGvU5NWqDj9QQhO-v-GkIIyp1tQCwgPgXgJf3UAvpBaxNSWAbZ99zFAqa6U7emgQ782-tFWRV_QS5V333S3dmeyJfAv8NGftTHmSXtj_JiW68hGTuMgVeqCeYoZDEhlYC7AeJeEe3ooIqW7kKm3Hts8tGgm0LB7qJ-_XVyiTYjVarIM57HjVrh4jj2h8ApRCCFtqwWpqRFvsc2f-0LwrdR-EpCtVTZam_X-1W6Bjlds-X4U7iKEryDO0d&sai=AMfl-YQJAFiVS9znTtvBM-fockR20BCIgJ9VL4x68ZeKbd_rR4WgUNJXoLt8XOOqWm37wWaN4D9Box4PHbkDq8GQqHKyQcO6JDNI6g&sig=Cg0ArKJSzHSnudphiBGPEAE&cid=CAQSGwDUE5ymNuHbnsARhDqDaVaLaDR4cCzWFkfhYxgB&id=lidar2&mcvt=1011&p=0,0,500,180&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1675694457532&rpt=351&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:40:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7A15 28 KB
28 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 77802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 17:04:17 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 407F 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 6ADD 85 KB
31 KB 42ms
7ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gty5hkdkpjc6pnvgwsw33mhgxvpcg4c067qjegsn44nmgjdcvhafb4c349cnb2q5cfvgycyyman91vssapc4cj8bqdnkwwq1bsq7fwa1cwffn7d31yymjbj5qydn16et9j0jvba50q4qsanvgde3pbyvk7evewhajppc928kapnb7ce9assj7j345fj79sa7cgtjzw3esqw52gyvaq9pn6ywn7rwjzrhc9atxjvfnck80xpn0rnfgx5953w9sd7j02h4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%252526client%25253Dca-pub-1178899596433796%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:30:07 GMT
content-encoding: gzip
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 18653
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6zhO5EVq9ifORqAlIVOSahV6WWzJwLw2jVI_FkebvY5WvZvYI3X5sQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 6ADD 15 KB
15 KB 72ms
20ms Image
image/png 18.66.15.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1675694759&Signature=Np1oDR1TT2l4OwzRonTJehWWBT8nmEJE3NBc2V2fgyS1ciuVCwgOiLTQDx6E4T85p2pkDml5R6-cPdWyyTNt5GRUXJQvwuYK5tK-AEKt17-PwEntdtBe2YvOP8g3tJBIxSNUJ4HufatAMbIvazRJQiDEMBOeG9VhJiO-wr5NzqoKIZZEn6~bXm9sHHwtZ9hNAE4Tsejg~y0YL-45ihipUsKuupBaJjCATF649D5ZN801osW9Nz-b-m2uDV6mVbl20xXPXzHvN2tIgF~zL7TJTLb9L3jJVrhhStYzSJtGusWKWyo-MKs9vmiDihnsM0-U6TjslaK3f9NRkV3SoUgUVA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C197862%2C14019&b=q42umfWfJWr1TZHgHDtJtZG5UeSgTJD5sq4xM%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=Rx3HgfQfG6wACkHwH3tzCPzJu9SzTYMAhB3zZ%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=728&d=90&e=&g=e92771e74fde8eaf4d93177b93428b6f%2F13304491548540226031&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675694458728&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k776ymdeksc5v8spmxhms34c1axb6yq9ta4956d95kkn9fgr5gyvvw9jy61j645jp260pxng9yt426j4aj8hn5rmny7hgjw6s38whae0bathf19kgh5j7nqtxne075nvx9mtbfw9a4nb37zsd9g13kn90kcb44nnwwtcj0zpcfwpq29ngnj95nd8vwzha8bs38vwr17g6skf7h57pmj8q2hx333k8w6zwt3e3bq0eqrw6akgw53p3hyrm6bdqbsnce8fdmajbvz6a8t12xqj8mc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkeleeRHhY7bwHtao1fAPk9GJ0AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMTc4ODk5NTk2NDMzNzk2yAEJqQJHOaabtg-yPqgDAaoEuAFP0O2-p9klRh-VK0f6yTTbmEZrWybVHXxty0nBEe_cHXD4S3d4ZCCrGyLNkJibykJg_4MSzqO49Rm0fmmTClnO3V7DJhOL701FEI8uEXv2Qvv9c7hg9qUAkwkSIMZraMAVJpE8ulmmynhuF05tz74hWWZ295vvWNvyImQRNVUP1OEWwmKSQ4bqmXjST7ci00y731aT9VBqs3HfP_eI97E4V2hD7fEsRsBektZsxTM9j1Lg2OD-NGW5gAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2l2vvdS5Hnt7n3Ses1Mo4EFpMyyw%2526client%253Dca-pub-1178899596433796%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-50.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 04:41:57 GMT
x-amz-version-id: null
via: 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 35943
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: wjzbYeVQ8Z3REP2P_VYDPNBOEFcQWmrOXpcYyTq_2Fi4IUaVtY_Ttw==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 93ms
93ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f92d60404fdae460dc574a6ced37ccdc451dab1c2b7dd8fd96c2d405f352d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11141
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 14:40:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A9F 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:34:33 GMT
expires: Tue, 06 Feb 2024 14:34:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1458 783 B
534 B 49ms
49ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c08e83eff1287c91a36e73b8995fc58ebf226d7aaa0ecccaab89cc67ca20d5f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F0iynNTI__kSki3z6-GBSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ya.co.ve/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-F0iynNTI__kSki3z6-GBSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:40:59 GMT
expires: Mon, 06 Feb 2023 14:40:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A9F 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1458 0
0 79ms
78ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=955814589857061&rc=05ANKMWsnjBJiPx2220ZitRKW5EWKoyfijYR6PGGZemX0MMeUQRxUBaUV1SIeKqFqh6LAo88ogy1ItGLQcHLP0ZK3qwTAfA4SceIT7d22gjv2L-HqIdhsYbG2UMfv4n6ZigR8Vngps-6__BrQB0tY9CEhRNUmrv1O3pTSNiA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3A9F 0
12 B 35ms
35ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?f4-qXA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:40:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 6ADD 16 B
232 B 61ms
61ms Fetch
application/json 18.169.219.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.219.247 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-219-247.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 14:41:00 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 101ms
17ms Preflight 18.169.219.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.219.247 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-219-247.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 06 Feb 2023 14:40:59 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
81ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=955814589857061&bg=!ra6lrurNAAaq5O5FiuQ7ACkAdvg8WtRWdGbSIzU1KrTOYFCUmw3npmxsGfeX3kMfUG3WxHc1Hd5YPgIAAABNUgAAAAJoAQcKANBP2-0UeXEGA3RpMxvvPZtAw3lL5Ez7ptWUKdWm8JAHVg942-bBvYk3BVkAZ0zXlnFnjms5f6SSQiORU16Pu7-x2RtMojXQ2xRr8WgJoUMlSppc9nMVuSrs1ypxzMPHAbdAp4Czic3CWRbNxDdpKRSnGY2PIMIecGkcdWyiU5Sgt2XAqnQe6z6j9thsmAw11xHnTwz4NfuziUfkAZ8X3whKo20Cmlydiz8QWDb0XMr9B0KldcVlm7PaC7BMm30k_i43JyuaurKnK2MPqT-zyo11mQKpDTHoY8Av5FYwS-3P4FkT3VbqFqyrO-EXgr-CtrVKR6OYDfLP1kQYCmwfZwNNRVH4TAeJpHSVbMosYamV4P1gZGfluQm_CDSiOgfXhTBD8Y7j0OSc3UoK33JXX1cT1kit6cETpyCYGxdgbLsgx0QC3Q8ZRjrn7E6PHcGyi1-UA7n8uNTAw_X_BV1ol9EGF-mxCm9Q88eURhpuRup3u8YgeEBkYjWPzvoSv9jQrABOmDa8taK_3KH1R-frDsH9NVIMhrrTqy0DMixwvVuf4GRy5X11xLce2FTV3wZitpgwYefrcXOtgaNq6whraA0IVqpqx6BZkPAZ_whl9IKcguiJoq8iHDLr7-VCxkueZmaDaqcYLYRswq0WjHyFHRkUDOPXEWF8mBXWQRxfyQyKkfnMDqUKYES8NKQsz4283dOYkZCSBFffdN8F6vjdO9qW3lC2ncM0zdxOjz6l5UyWqrNm1LGass5Z5Z08UEvdbsE8kgNWcoR1n8Re-JTw5TVujxzlPI11wewzMQD5jMnOSVt6qyr9Ul4L26zxeFnfeiqjQOx_A3jVXJVIZes-zlRTIGAMUmgEkCuGFn_BjR7XmYRGOoPq8nhVo8dnFpyKdT8bu0oPpSZy4M3PAs8lZk85DPevjIjox3sZL0uRYkgepkPZo63kiLpyBvAeENXS3AQyjCLXAuYs78R4mA7VsfpPvyCHAdojOMrNjQIScqKNL4DgVzi-p9Xrl3K2xp8i1v3ZV0JUON92KnsJyhpLLf4ws1lG8lxYU6utU8zg1SgTO8UnV5JiO93n1LHIR7GkcaJaP6W0TTpcoqi9wWBceUrBJS1ijdpLAtuHdHXGmaG2NiHYa8KNIw7FLfXIam-u08ENgRLdPYC_N_I6w8XBjOftvLR2BpLkooUfXDL1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ya.co.ve/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEH-YoMq7RPMMZRAOy6zHlFA&google_cver=1&google_push=Aa02lx9o3Hr7hYPJkpfSGPwp2WgkWd6kA0li1rlg0q2l8rmsDSYYjv21Wuvl-PlGWkvSHIDdQ9Q49HvIwP2dslzhfsACm-YuOlCCpNU

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:47:26	Name: _GRECAPTCHA Value: 09ANKMWskv0fpHO0x5TlLOH5LHciqK9zp-JYYqHCACK1TMojDE5OQPUw1c9OVa_TB_UruLZCPqwJryZAv1vZ13p2Y
ya.co.ve/	1970-01-20 09:28:21	Name: XSRF-TOKEN Value: eyJpdiI6IldLQ293RzVEMXZYcElrcm0zR096VHc9PSIsInZhbHVlIjoiXC9BVzJFeHZpY2RyZHpRZU1oZUFcL0g2azd1MzdTdnEzY3FpKzc0WWZYSkhlMm9qN2ZXQVhEWEw5QW5UdVRwK3JxajBteW9PdGNhRmhqQlFOYmdrUmE2UFFlSDdLcWlYNVVcL05GdzdvK1hPRXNcL29ySE5EbHlrM0VRWlo2aXUyM2tCIiwibWFjIjoiMzQxZTBjNTMwNDkwYjYzMjNiMDFhODJhN2MwOTA5OTcwZjk4MDEzMmY0YjVkNTQyZjJlMmU1NGQ2MjgyYjIzMSJ9
ya.co.ve/	1970-01-20 09:28:21	Name: phpshort_session Value: eyJpdiI6ImFKSUEyRjdncW8yT21LVUIrVzJTdnc9PSIsInZhbHVlIjoiVmlGbHpKWHdrZ2h5OEU2WnFFQmtrbHNDaHFyUjhVOGxVREw2czJkUFwvU0hERkxcL2FUeUlIK0N6aitHajV3N2lBdXNBSE1RVDFnemZsaWlyaThobTZ6MTExcjduczlRelhVaUxESDJmZW1Oc0UyT0RtcVhOQXBvcGFkaHlpNkhLVyIsIm1hYyI6IjFhZjc5NzZjYTExZDZhMGVkMmJjMmVkODJhNzQ3OWZmZmZmZjEzZDI1MDQxYjVmMzIwN2VlN2NhNzliN2NhNmUifQ%3D%3D
.ya.co.ve/	1970-01-20 19:04:14	Name: _ga Value: GA1.3.1831056427.1675694456
.ya.co.ve/	1970-01-20 09:29:40	Name: _gid Value: GA1.3.1610548423.1675694456
.ya.co.ve/	1970-01-20 09:28:14	Name: _gat_gtag_UA_117430059_1 Value: 1
.ya.co.ve/	1970-01-20 18:49:50	Name: __gads Value: ID=203fef0e1823ed47-221540869edb0003:T=1675694456:RT=1675694456:S=ALNI_Ma2EMX5rVQIPr4rU67qFAtBmRGx0Q
.ya.co.ve/	1970-01-20 18:49:50	Name: __gpi Value: UID=00000bb113e374f5:T=1675694456:RT=1675694456:S=ALNI_MbDG4MIqRMSFeLBSi1zTnliPVS-pw
.doubleclick.net/	1970-01-20 18:49:50	Name: IDE Value: AHWqTUnym-sBE3M-FPaxXINovB770SpImgwEM-emiGzv1dB_fjacwFbU5YynaRfpdSk
.doubleclick.net/	1970-01-20 09:28:18	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-20 18:15:16	Name: suid Value: F4F1E925D03A44F2BBEADA8254A8C7DE
.lijit.com/	1970-01-20 18:13:50	Name: ljt_reader Value: GHJwvGZHjzbRHxjnQNucF7UH
.blismedia.com/	1970-01-20 18:13:54	Name: b Value: 63E1117A72A74AFFBBFB11FABLIS
.de17a.com/	1970-01-20 18:06:38	Name: guid Value: 1.4534720933158669503
.casalemedia.com/	1970-01-20 18:13:50	Name: CMID Value: Y.ERegdKp35XVs1G6EgLQgAA
.casalemedia.com/	1970-01-20 11:37:50	Name: CMPS Value: 1133
.casalemedia.com/	1970-01-20 11:37:50	Name: CMPRO Value: 1133
.360yield.com/	1970-01-20 11:37:50	Name: tuuid Value: e7321e8e-6412-4b12-a090-aaf62f8edc46
.360yield.com/	1970-01-20 11:37:50	Name: tuuid_lu Value: 1675694458
.adform.net/	1970-01-20 10:08:33	Name: C Value: 1
.pubmatic.com/	1970-01-20 09:29:40	Name: KTPCACOOKIE Value: YES
.yahoo.com/	1970-01-20 18:14:12	Name: A3 Value: d=AQABBHoR4WMCEC0GitN5X0wXWmNHMx-QgiIFEgEBAQFi4mPqYwAAAAAA_eMAAA&S=AQAAAgWsiZHMkqMflY7ueTIG1rc
.pubmatic.com/	1970-01-20 18:13:50	Name: KADUSERCOOKIE Value: F4E98DE2-A6E3-4613-A97F-19B7C6A2B7A0
.adform.net/	1970-01-20 10:54:38	Name: uid Value: 5213987931199431110
.analytics.yahoo.com/	1970-01-20 18:13:50	Name: IDSYNC Value: 18yx~29ue
.mathtag.com/	1970-01-20 18:54:09	Name: uuid Value: 6da563e1-117b-4300-8a5f-5d21739a1e95
.mathtag.com/	1970-01-20 10:11:26	Name: mt_mop Value: 4:1675694459
.1rx.io/	1970-01-20 18:13:50	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-728ffea3-4f0e-4f77-85b4-b04ae5e14e34-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 18:13:50	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-728ffea3-4f0e-4f77-85b4-b04ae5e14e34-003%22%7D
.bidswitch.net/	1970-01-20 18:13:50	Name: tuuid Value: 58532d83-a03e-452b-980c-cc7c2bd9ce49
.bidswitch.net/	1970-01-20 18:13:50	Name: c Value: 1675694458
.bidswitch.net/	1970-01-20 18:13:50	Name: tuuid_lu Value: 1675694458
.tribalfusion.com/	1970-01-20 11:37:50	Name: ANON_ID Value: a2nseFP3rT6CiAyPrWjq4YHhyKyXVqagw0HadEiHLI9Xvs5x0l1cA14eD2LXwhN2Tp2juYyy3EOljBpXXami
.bidswitch.net/	1970-01-20 09:28:14	Name: google_push Value: Aa02lx-R4MrvgiEfTshZSYxYXibKuDSvn9ONNUTtQZE0Xx7wVg3NMfZPVl-C_9FKGjmAKOhUVkV1NohVA1Uh2WIpPynK_i6p-5qjcw
.awin1.com/	1970-01-20 09:32:33	Name: awpv11354 Value: 412871\|1675694458\|45436551-a62c-11ed-9a3d-2232032dcacf
.adnxs.com/	1970-01-20 11:37:50	Name: uuid2 Value: 185036872844544069
www.conrad.de/	1970-01-20 09:35:26	Name: HTLP_timestamp Value: 1675694459
www.conrad.de/	1970-01-20 09:35:26	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 09:28:16	Name: __cf_bm Value: AEGnmNDsFwTvzQ3ttp13RG8c.OsZhW_Hk7233bhQjqQ-1675694459-0-AQZygOnmMXMkFoZ2C0CeM3WPg0hbozHw0SbTJ9p81Rzaq9nPIRsE17XuF+e/aGuhat9e9wiIt2Qio8hML/pLrzg=
.turn.com/	1970-01-20 13:47:26	Name: uid Value: 4537380206704892382
.awin1.com/	1970-01-20 09:38:19	Name: awpv11938 Value: 412871\|1675694459\|4563e5a0-a62c-11ed-acb0-22645d5ed731
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 09:38:22	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1675694459_4563e5a0-a62c-11ed-acb0-22645d5ed731%22%2C%22sp%22%3A%22awin%22%7D
.innovid.com/	1970-01-20 11:37:50	Name: uuid Value: 15c702f6-9cf8-463c-9755-c01c866f6f92-20230206 09:40:59

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEH-YoMq7RPMMZRAOy6zHlFA&google_cver=1&google_push=Aa02lx9o3Hr7hYPJkpfSGPwp2WgkWd6kA0li1rlg0q2l8rmsDSYYjv21Wuvl-PlGWkvSHIDdQ9Q49HvIwP2dslzhfsACm-YuOlCCpNU Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
bedrapiona.com
c1.adform.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
gloaphoo.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
icons.duckduckgo.com
image6.pubmatic.com
inklinkor.com
match.360yield.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
rsms.me
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
secure.adnxs.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ya.co.ve
googlecm.hit.gemius.pl
104.103.100.111
104.18.33.19
13.42.68.116
139.45.197.234
139.45.197.239
142.250.184.226
142.251.208.102
18.169.219.247
18.66.147.41
18.66.15.50
185.29.132.245
185.64.190.78
185.86.138.152
185.89.210.212
198.54.116.103
2001:678:cb4:bbbb::11
213.155.156.164
213.19.147.45
216.52.2.39
2600:1901:0:76b9::
2600:9000:223f:5a00:1b:5138:8a40:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3030::ac43:d31d
2606:4700:3037::6815:5653
2606:4700::6812:18ad
2606:4700::6812:7e05
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::200a
2a05:d018:d29:3602:d8ac:1edd:aee1:32b6
2a05:d01c:1d8:8102:19b0:b513:2440:3cab
3.126.56.137
3.73.214.250
34.96.105.8
34.98.67.61
35.186.253.211
35.204.74.118
37.157.4.41
40.114.178.124
51.38.120.206
52.29.198.232
87.118.116.9
00979234d7059d57941107032785304e95b5ccdaac387c024a3ba8a4963484f4
0784f089613304ac54a946ce23b86d06f1244658cca55318548e6fc7ce96bc96
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
08c291d9f228b33de09c79e2fb983dc43eacde9fb2750e386d55179683fd5ea6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eb1bfb7312ab752e1e6ab39a808bd8236f700b38b4ebdfd2a61a37cec5dd7e0
0f5a5f43d8e1396449a739fd18ba0fdaca450859f97d82e53761256f050a4e3c
16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184cbd0d5847bbae759a641150736f6a4c4d39f44c08137f6f2e7684b466cb70
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ef05d95753d718a7f23286ee14398674890bef980d24b49893e824d8b1b45c5
20712bd669d5e0de04992369a814b10fa65c5a429a8ac6b7a51d763d7d4a7ec5
284d22b819f185f7cb3176d093bf0c3e645c582db41b00a87369bc5fbd10b4bd
2ad98434364c15d810f792900ea5ab20bf36f1c6b65312312c5ebad2e7c6bb37
2b9fdf8ec5c4a71d39191e9fb067ac1d8be6df56eb2e0d620a6947df0bf35615
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
300ddacc354768759a4e6c8bbb3d760cd09fc824c788e017bc3ff13172e34aaa
30776e71b000155b607daa63dfb1b0526e120458fc909a1da5a26ebf64676ae8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3221168d7b2423d5f6ebb66ac8d235d4fd403b58e82a08af624cf69967c4ef01
3a1d788b819964d32bd9f8d5d0225a7be9f621479a811a1d2b55f6ac8186d161
3a5f1efaee4688e510e16074ede276d5a66ef670d358e635ffa4b3ce87bfebe2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a5ec454554e61f349f4893dbe41461bd8a847f4d668d5e2be4304b3620a1bad
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ae5aa4abd2384e4bfc6198818841b80b71c6c695cc61cca207b182514687f81
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633ba6ee8e1070849e92229fe6eb4df88edaf431230d8b13a31f0d2115775037
643195cb8c43666c87b415dc98e3ce7084bbbebf091ad6267553b13e4639fb66
6752edb05b430580b4c993b4fa5c6ff7e6de5090fb970f707f966dc1b42a90d3
675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d
67aadddb523e357eec0c4a6c519d6a00df940242ac81e7f0170b83768f4aef44
6907b3dfa45e8c11e1519650f8562544805f9173f23fc510644574235f974a82
6f92d60404fdae460dc574a6ced37ccdc451dab1c2b7dd8fd96c2d405f352d03
71aa18821911c1ac32b4de8cc42544f7ee103c9ae53422a5b10903a00e1d1243
7301c5bdaec36fc4c5f77dd6a3626de51df6d1866841772122ebe2541b0b5e65
73d7873e6a2c087d69f7964baf2e48fc9b52997edc124e2b6bc3bd6c83661e85
766253b7e6f6e41142ee3983ecbcebdec175ba8ed7657796171e82de70ce0374
7667680a24cb72c63719522b7aa3a44dbee2c9b6b95af822920c733335cd89bb
791248613b6f6f9d85296ed7efb8ac37b407bfcf1fe8611c4035deb167bf366e
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7dd5b7c59494011f04143a911185d0fd40750679d814f112726ccc9f5316051c
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
7ee0199ee9777e4379736b5e281cb09ad3d647efb607fa361c34e6a839a87a3b
80edc9e43f46e7b2168bbaa7092c98cf98b85db231d9d334cf060b0b4a60b7d1
81d30fb582691635279f903da8b22f2ee63f475a5c247d08a25c325e93e0a41f
861831a5c0962e90644a878e614f48f8076b9902a8d5f4cd046ff80a235b846b
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
8d7395caa4ae0903d7ce0e5627d795178b8e3f127d8e8236db6c5431b1c06cf8
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
912cac637c5200a6f415460a4d536cf2e647d840ecdc93176a5deafcab49a616
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
976c850ea45f5b66b189249d6b96cfd966dd9fe80ae9e3c58759a3c9dff815da
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a96c8ffad4445e16abf4e2eb9ef4f0f3d07d7d6e8293b04548afa61b8d99ae8f
ace07af67895a64072c91508f5908659c7b573bbafaaa1f22ad05208fa563492
ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725
b29bdb7db83315a34e9893cdd74afad8064611b89dade9adcc78b42fcafbf159
b31dc3260a12863796a1231374c1034bf539ec10a54b239a4e9a80ad4dd698b2
b87ca4eac003cd6ce3de71a45066a941d08f14b4b970b2bf627695d47f566147
bbe0fa4e265250008da7c7bf0315512cb9ea61d02c55dc49f3e809546bd31856
c08e83eff1287c91a36e73b8995fc58ebf226d7aaa0ecccaab89cc67ca20d5f1
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c407dc4146c3b2ae5bd8519f33dce96e39abf6b7ff19345b0c210f10956c0084
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
c6cdefb0b38784ac15851018adde9ddf346452343a88c8e2dc7571220c113f13
c6f7ee2cadae2e121342a8c4245141175bfe887776206deb17149d46cf3aa827
c706ddcf3f76777400e3ee0497fffc3c598ca49e08f70b0737d06bd13862d733
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
c7b314b033ccc128c639447f1fbeedc40f2080b3f90df25fd8a0dde9a8f7bf81
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cad6dc25a593ca6887a2698a08246928b73f9d4dd714976a4990886d8b6dadce
ce706ad7a292e2b904e9db205e48bc2fd146428a61c2fea5bea785a3e889790d
d3f4c8e3f3faee70760aa305dee9290b1b1c2a2ee7c6235cb59f76782c7e4387
d44e1597028e1112888029e2c7a518a1d9d59aa92986226c2095f926b6538f39
d4cf528f02a7963154d2fc4011a60401416f796e0e38fec6e65e14050b834b9e
d53128e662c0fae928fe7eba829b6f8d148d0a6a69b3a85296c9c51891740bb7
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
d9a8745a0516c6e08a1edc1bc26430ac21ec89c3e0153f932ea9b1664f32e4bf
dfcb6f12c9cc2edc2d7a10d6ec33281d7bf94b0cf647e70ec7daef4496883e5a
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bdf72e2f803f7e19907c12f407ac7f7cd5f1f94bfd730b9be24b0d49191b48
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f1507666ee0b8edbf08463c0320f10f23f25a1a3132cb3fadd40f0fc0764eaec
f2ac7caaadde175726f5e50d1c23a54611dff91ec8b914735cdb4de0b6fe0e72
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa1523249f496acde1e810dd4c5ff9ec9aef5dafa279fb55eb99b325411b184f
faca5d0e19134d373265f92c5c6d4d88579a13484899afe09e106ce72c58c70b
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

ya.co.ve Open in urlscan Pro 198.54.116.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

265 Requests

83 %HTTPS

46 %IPv6

47 Domains

59 Subdomains

39 IPs

10 Countries

3743 kBTransfer

8430 kBSize

44 Cookies

1 Outgoing links

Redirected requests

265 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ya.co.ve Open in urlscan Pro
198.54.116.103 Public Scan

Screenshot
Live screenshot

Full Image

265
Requests

83 %
HTTPS

46 %
IPv6

47
Domains

59
Subdomains

39
IPs

10
Countries

3743 kB
Transfer

8430 kB
Size

44
Cookies

265 HTTP transactions
19 data transactions