URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Submission: On November 29 via manual from IT — Scanned from IT

Summary

This website contacted 64 IPs in 10 countries across 43 domains to perform 200 HTTP transactions. The main IP is 2606:4700::6812:1c0d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.adorocinema.com. The Cisco Umbrella rank of the primary domain is 86867.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2022. Valid for: a year.
This is the only time www.adorocinema.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 15 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.158.181.68 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 35.201.123.184 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
6 34.102.185.99 396982 (GOOGLE-CL...)
3 6 2a02:2638::1c 44788 (ASN-CRITE...)
5 178.250.2.146 44788 (ASN-CRITE...)
1 34.120.133.55 396982 (GOOGLE-CL...)
4 52.28.203.152 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 2602:803:c004... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 7 185.89.211.132 29990 (ASN-APPNEX)
2 81.17.55.112 60781 (LEASEWEB-...)
2 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 3 2a03:2880:f11... 32934 (FACEBOOK)
8 19 216.58.212.130 15169 (GOOGLE)
1 1 23.3.109.5 16625 (AKAMAI-AS)
1 212.82.100.182 34010 (YAHOO-IRD)
3 2a02:2638::42 44788 (ASN-CRITE...)
2 2 52.215.179.1 16509 (AMAZON-02)
5 5 18.195.153.121 16509 (AMAZON-02)
3 3 37.157.6.246 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
1 2 54.229.167.95 16509 (AMAZON-02)
1 54.159.82.233 14618 (AMAZON-AES)
1 142.250.185.194 15169 (GOOGLE)
1 2 54.227.133.78 14618 (AMAZON-AES)
1 52.49.90.126 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 34.243.37.252 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
3 3 52.208.172.23 16509 (AMAZON-02)
2 4 51.38.120.206 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
4 172.217.18.98 15169 (GOOGLE)
3 2600:9000:219... 16509 (AMAZON-02)
9 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 103.229.205.242 30419 (MEDIAMATH...)
1 66.155.71.25 13768 (COGECO-PEER1)
1 1 18.156.0.31 16509 (AMAZON-02)
1 2 104.75.89.75 16625 (AKAMAI-AS)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 3.218.179.185 14618 (AMAZON-AES)
6 2600:1f13:800... 16509 (AMAZON-02)
1 2.18.232.130 16625 (AKAMAI-AS)
200 64
Apex Domain
Subdomains
Transfer
36 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 142
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421
253 KB
31 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
ade.googlesyndication.com — Cisco Umbrella Rank: 313
106 KB
16 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 434
mug.criteo.com — Cisco Umbrella Rank: 1897
bidder.criteo.com — Cisco Umbrella Rank: 814
ssp-sync.criteo.com — Cisco Umbrella Rank: 1431
12 KB
16 adorocinema.com
www.adorocinema.com — Cisco Umbrella Rank: 86867
assets.adorocinema.com
290 KB
15 clinch.co
realtime.clinch.co — Cisco Umbrella Rank: 11007
cdn.clinch.co — Cisco Umbrella Rank: 8512
img-cdn.clinch.co — Cisco Umbrella Rank: 12081
trk.clinch.co — Cisco Umbrella Rank: 5101
475 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 995
static.adsafeprotected.com — Cisco Umbrella Rank: 674
dt.adsafeprotected.com — Cisco Umbrella Rank: 601
98 KB
10 google.com
accounts.google.com — Cisco Umbrella Rank: 123
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
79 KB
9 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 48948
d.tailtarget.com — Cisco Umbrella Rank: 57048
tt-10531-7.seg.t.tailtarget.com — Cisco Umbrella Rank: 781679
b.t.tailtarget.com — Cisco Umbrella Rank: 42738
t.tailtarget.com — Cisco Umbrella Rank: 11547
c.t.tailtarget.com — Cisco Umbrella Rank: 170657
31 KB
9 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 18557
cdn.navdmp.com — Cisco Umbrella Rank: 8188
usr.navdmp.com — Cisco Umbrella Rank: 22346
sync2.navdmp.com — Cisco Umbrella Rank: 43638
sync.navdmp.com — Cisco Umbrella Rank: 11735
7 KB
8 gstatic.com
csi.gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 276
acdn.adnxs.com — Cisco Umbrella Rank: 764
23 KB
7 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1191
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1261
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 576
ups.analytics.yahoo.com — Cisco Umbrella Rank: 373
2 KB
6 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 537
fonts.googleapis.com — Cisco Umbrella Rank: 107
imasdk.googleapis.com — Cisco Umbrella Rank: 492
138 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705
4 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 381
2 KB
5 getjad.io
cdn.lib.getjad.io — Cisco Umbrella Rank: 76629
213 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 983
977 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
20 KB
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3136
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 865
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
2 KB
3 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 6526
cdn.pbstck.com — Cisco Umbrella Rank: 7984
intake.pbstck.com — Cisco Umbrella Rank: 6934
52 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1439
459 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4117
890 B
2 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 2005
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
95 KB
2 google.it
adservice.google.it — Cisco Umbrella Rank: 33689
914 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 690
1 KB
2 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1171
sync.mathtag.com — Cisco Umbrella Rank: 602
1 KB
2 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1523
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
87 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 926
191 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 4274
104 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 29887
610 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 956
464 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 639
339 B
1 webedia.com.br
opec.webedia.com.br — Cisco Umbrella Rank: 606655
2 MB
1 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 622
119 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 607
1 KB
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1747
1008 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1086
256 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 590
40 KB
1 tudogostoso.com.br
api.tudogostoso.com.br
1 KB
200 43
Domain Requested by
19 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
13 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
www.adorocinema.com
googleads.g.doubleclick.net
www.googletagservices.com
12 assets.adorocinema.com www.adorocinema.com
assets.adorocinema.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
www.adorocinema.com
9 cdn.clinch.co realtime.clinch.co
cdn.clinch.co
7 ib.adnxs.com 3 redirects cdn.lib.getjad.io
googleads.g.doubleclick.net
acdn.adnxs.com
7 securepubads.g.doubleclick.net cdn.lib.getjad.io
securepubads.g.doubleclick.net
www.adorocinema.com
6 dt.adsafeprotected.com 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
6 gum.criteo.com 3 redirects static.criteo.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 googleads.g.doubleclick.net 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
www.adorocinema.com
5 www.google.com 1 redirects tpc.googlesyndication.com
securepubads.g.doubleclick.net
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
www.adorocinema.com
5 x.bidswitch.net 5 redirects
5 mug.criteo.com
5 cdn.lib.getjad.io assets.adorocinema.com
cdn.lib.getjad.io
4 ade.googlesyndication.com
4 onetag-sys.com 2 redirects 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
4 c2shb.pubgw.yahoo.com cdn.lib.getjad.io
4 cdn.navdmp.com 1 redirects tag.navdmp.com
4 www.google-analytics.com assets.adorocinema.com
www.google-analytics.com
4 www.adorocinema.com 2 redirects assets.adorocinema.com
3 img-cdn.clinch.co realtime.clinch.co
cdn.clinch.co
3 www.gstatic.com www.adorocinema.com
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
3 static.adsafeprotected.com fw.adsafeprotected.com
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
3 pubads.g.doubleclick.net
3 match.360yield.com 3 redirects
3 csi.gstatic.com imasdk.googleapis.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
www.adorocinema.com
3 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 c1.adform.net 3 redirects
3 ssp-sync.criteo.com static.criteo.net
3 www.facebook.com 1 redirects connect.facebook.net
3 accounts.google.com assets.adorocinema.com
accounts.google.com
2 trk.clinch.co realtime.clinch.co
2 sync.teads.tv 1 redirects
2 ads.avct.cloud 2 redirects
2 t.myvisualiq.net 1 redirects 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagservices.com 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
www.adorocinema.com
2 imasdk.googleapis.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.it securepubads.g.doubleclick.net
2 match.prod.bidr.io 2 redirects
2 b.t.tailtarget.com d.tailtarget.com
2 bidder.criteo.com cdn.lib.getjad.io
static.criteo.net
2 prg.smartadserver.com cdn.lib.getjad.io
2 tt-10531-7.seg.t.tailtarget.com d.tailtarget.com
2 d.tailtarget.com www.adorocinema.com
d.tailtarget.com
2 tag.navdmp.com cdn.lib.getjad.io
tag.navdmp.com
2 connect.facebook.net assets.adorocinema.com
connect.facebook.net
1 acdn.adnxs.com cdn.lib.getjad.io
1 ups.analytics.yahoo.com 1 redirects
1 pixel-sync.sitescout.com 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 dclk-match.dotomi.com 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
1 c.t.tailtarget.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cms.quantserve.com 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
1 beacon.krxd.net 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
1 googleads4.g.doubleclick.net googleads.g.doubleclick.net
1 realtime.clinch.co googleads.g.doubleclick.net
1 opec.webedia.com.br www.adorocinema.com
1 intake.pbstck.com www.adorocinema.com
1 t.tailtarget.com
1 cms.analytics.yahoo.com
1 sync.navdmp.com
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com
1 usr.navdmp.com tag.navdmp.com
1 hbopenbid.pubmatic.com cdn.lib.getjad.io
1 fastlane.rubiconproject.com cdn.lib.getjad.io
1 prebid.media.net cdn.lib.getjad.io
1 api.rlcdn.com cdn.lib.getjad.io
1 cdn.pbstck.com boot.pbstck.com
1 tags.t.tailtarget.com cdn.lib.getjad.io
1 boot.pbstck.com cdn.lib.getjad.io
1 storage.googleapis.com cdn.lib.getjad.io
1 static.criteo.net cdn.lib.getjad.io
1 stats.g.doubleclick.net www.google-analytics.com
1 api.tudogostoso.com.br www.adorocinema.com
200 82
Subject Issuer Validity Valid
adorocinema.com
Cloudflare Inc ECC CA-3
2022-08-16 -
2023-08-16
a year crt.sh
*.tudogostoso.com.br
Amazon
2022-10-09 -
2023-11-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
accounts.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
getjad.io
Cloudflare Inc ECC CA-3
2022-09-19 -
2023-09-18
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-09-08 -
2022-12-07
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-08 -
2023-02-04
3 months crt.sh
storage.googleapis.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-04 -
2023-06-03
a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3
2022-07-04 -
2023-07-04
a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-10 -
2023-07-10
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-09 -
2023-02-01
6 months crt.sh
*.google.it
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
webedia.com.br
Cloudflare Inc ECC CA-3
2022-07-25 -
2023-07-24
a year crt.sh
fw.adsafeprotected.com
Amazon
2022-04-28 -
2023-05-27
a year crt.sh
*.clinch.co
Go Daddy Secure Certificate Authority - G2
2022-03-16 -
2023-04-17
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-20 -
2023-10-19
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
static.adsafeprotected.com
Amazon
2022-08-06 -
2023-09-04
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh
dt.adsafeprotected.com
Amazon
2022-11-04 -
2023-12-03
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2022-10-21 -
2023-10-22
a year crt.sh

This page contains 17 frames:

Primary Page: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Frame ID: 9F999A5E88A3E27FEEC0CA5B21BDF6C5
Requests: 84 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.adorocinema.com
Frame ID: 85F5B4633302811A89F2F3F0AEB643DF
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D362532407092981%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df626f37affbda%2526domain%253Dwww.adorocinema.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.adorocinema.com%25252Ff21d2b0ac0a6698%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fadorocinema%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse
Frame ID: 78F4E9940DC08FCD7202F8E439349726
Requests: 1 HTTP requests in this frame

Frame: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F930A36C31F88643CF875FCEAE264700
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 475CE147A19440B7FBE8639632F30D8E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FDC80E8886F42449A5213EF0153CCF0
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Frame ID: DC38BD0B994F06048800AEE67F7B2F71
Requests: 26 HTTP requests in this frame

Frame: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C136B70A99B8ACA2AAB98FD16768C530
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC8_LzdAhiz8t_OATAB&v=APEucNVD91pJF1Gs-674qnqkMwiDbrCweuL7jtvty5Pn30rhXkknbla8LTPL_KHslV_clAZA3VUVGZ7vNhH2vOQaGYsvCp1jFSdi3kp2bDDsj3KjTVWbq_3TNkrE7eCEdGqS46AM6WHpKDCL_WPzS7OFCZwLGx6_E7rBHvJWH2l8VWKz5FNCZnU
Frame ID: B52854A567809BFDDB2640015DD05BDB
Requests: 5 HTTP requests in this frame

Frame: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Frame ID: 454D63B88CAF497D5CB990B3FD2E6279
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8A1AE0CBA344BC7D0580E6D682AC18A2
Requests: 9 HTTP requests in this frame

Frame: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44571314844C802F8E24229C3A1FB03D
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B0F83A8836C66E7CE10F22EED2F5BD5B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7CA92512ABD90D6737F0057460526BC3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DE7D7474308750FF7866660F420DC461
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2044AD44ACAD413E47AB8E40B9CA63CC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F6A94313DC92CA919B40675E8A01EA8E
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Amphibia 3ª temporada - AdoroCinema

Page URL History Show full URLs

  1. https://www.adorocinema.com/series/serie-23354/temporada-40708 HTTP 301
    http://www.adorocinema.com/series/serie-23354/temporada-40708/ HTTP 301
    https://www.adorocinema.com/series/serie-23354/temporada-40708/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

200
Requests

88 %
HTTPS

55 %
IPv6

43
Domains

82
Subdomains

64
IPs

10
Countries

4157 kB
Transfer

7701 kB
Size

68
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.adorocinema.com/series/serie-23354/temporada-40708 HTTP 301
    http://www.adorocinema.com/series/serie-23354/temporada-40708/ HTTP 301
    https://www.adorocinema.com/series/serie-23354/temporada-40708/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.adorocinema.com%2F&domain=www.adorocinema.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=-fmIQnxZRXNiWlZZclZ3VU43N1IxSFNPQkhIZHhsZFpLMW43bU5mQ25Ed243cHZrejJkb2Yzb0lYQXlMWi8wL2N3clQ3b3c5WmwrU01vdDJPQW1acVRVeGltOFJ6a2lPWC9nT1FIL2lZSlJxYy9BNXE3UTJoM3Zid2p1ZEYwMWlQRkIxUGpBb0dWaUJ4TGc1QkxOZ0gxYURSak91WHJyUXc4ZW13b3RDZit0aU5leTVSRWRiUnRHNGhkYWoveGs5My8vaFJsbGZ0T1ZCVjMzNGtYMUhKaXNXZXUzUjZ6SUtUQWt1dDJTeEF0c3l4Y2FJNHRZbzBRanFocy9LVG03UGZlRTNHbTFHdG9IR1Y5S2ZtSHR1M1dVc3VOK3pFMWs0M2srSW5tYXo3RnZxeHlHND18&cppv=2
Request Chain 50
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.adorocinema.com%2F&domain=www.adorocinema.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=lHzDUnw0algrZGU0Mzd0dC9QTUdSZzliZVNjQWFraDd2M09ZeWl2R3NMS3YwMEo0WnBtUHJZa3dKL3Zmam44WmpLWDBIcWNVQTN3d2ZTWlluQUxwWTNOR0Q1SmJpeStScU1JWWMwRW5MY2lGM2RKUmtweTdGZDJCZWZOVHJjRTFxVlJRMGQ0OWkrOUFFN2l1QXltcVpTdmViV3QyRi9MUFJ6MVBTZysvb2t3VkZ5VU5aL0lkaklDSGhxSTVPVUFSaG56VjkzcXRydWVWei9aN2lZaEg4Z29rZTFCOGlLeUtmZUc3OEV6Smo1Q2lTYkdFTWxRYkpBTGtlSzVIbGgxSnp1SDdmNkJkckNxdm01cjRoMExQaHhTZHMrajhvclVSS2I3Qk9tU2tyTzJRTFJlZz18&cppv=2
Request Chain 63
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=adorocinema.com&sn=ChromeSyncframe&so=0&topUrl=www.adorocinema.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=aMTfRHxnL1VyYU1QNHFmUnhZNnlMcWJsUHNpTnpCN004eDI5ZXFRTURRUmdTd0xUTjQwRXVaa2VkQ1JEa3lLdGErdCtiK0FJM2xyUjd2VEVqdW5BUWN0SDJFYW5FTVErYzdaQXcxQlJxUGdDRDVYZ0hwRkZqQVhwMWFFcmFqOHJvUWxoWkhGN0FDSi81UnVvT0NKY2pDZCtQL3AreXhOU04yOVZvREE5cXdUQjlBVW9NczBjTGJiNkIyT0dxUW1FN0gwSGhEOVczaDFBVEd6WTZaaUJHYWVVd3ZGSS9JSjdkVnN1cmV0TmRXM0pYZnpMN0s3c0NFNUxvTkYvODM0NU9NZ21BVnk5aDdUbDc2VzlqSGhRdW9XRFlQQT09fA&cppv=2
Request Chain 66
  • https://www.facebook.com/v3.2/plugins/page.php?app_id=362532407092981&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df626f37affbda%26domain%3Dwww.adorocinema.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.adorocinema.com%252Ff21d2b0ac0a6698%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fadorocinema&locale=pt_BR&sdk=joey&show_facepile=true&show_posts=false HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D362532407092981%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df626f37affbda%2526domain%253Dwww.adorocinema.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.adorocinema.com%25252Ff21d2b0ac0a6698%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fadorocinema%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse
Request Chain 69
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=76566225540 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=76566225540&google_tc= HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=76566225540&google_gid=CAESEEOy51WEdSXmn1M6HM55gYA&google_cver=1
Request Chain 70
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=66796386-45cc-4c00-aaac-cb1db5dd0fe3
Request Chain 77
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d5vYKSF93QnlVRThQb3A4c3doZ1FQckt4TDFBZFBuRkFaMkZjQUpicXRzRVIzMmFFJTNE%26u%3d%24%7bUSER_ID%7d&gdpr=false&consent=&us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3D5vYKSF93QnlVRThQb3A4c3doZ1FQckt4TDFBZFBuRkFaMkZjQUpicXRzRVIzMmFFJTNE%26u%3D%24%7BUSER_ID%7D&gdpr=false&consent=&us_privacy=&_bee_ppp=1 HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=5vYKSF93QnlVRThQb3A4c3doZ1FQckt4TDFBZFBuRkFaMkZjQUpicXRzRVIzMmFFJTNE&u=AADU-E7HDIwAACCU72xVvw&gdpr=false
Request Chain 78
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=HSrIn191eU1BRjJmY0MwTGVCdk5VYVJoUHZLVW1USndHUzBubVhYS2lQYTBvVXpFJTNE&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=k-BfaMN1XEdSmt0skoIL-2DSuSLCmtZ3BEFY-MdA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=HSrIn191eU1BRjJmY0MwTGVCdk5VYVJoUHZLVW1USndHUzBubVhYS2lQYTBvVXpFJTNE&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=k-BfaMN1XEdSmt0skoIL-2DSuSLCmtZ3BEFY-MdA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=criteo HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=criteo HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5901155758799763828&ssp=criteo HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=HSrIn191eU1BRjJmY0MwTGVCdk5VYVJoUHZLVW1USndHUzBubVhYS2lQYTBvVXpFJTNE&u=e2d5c1cc-dc2e-49ba-89ce-871573e426b0
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqEBG1eMFqgL9COQi3ozoM&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqEBG1eMFqgL9COQi3ozoM&google_cver=1&C=1
Request Chain 119
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4ZFzkOi0cnMRwLau73plgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqEBG1eMFqgL9COQi3ozoM&google_cver=1
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELz2yChK8Z3J3F_Bht036zs&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELz2yChK8Z3J3F_Bht036zs%26google_cver%3D1
Request Chain 121
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM5ODczMjQ0NDM2NDUxODMzNA%3D%3D
Request Chain 127
  • https://t.myvisualiq.net/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28129137&si=7080037&ci=174160234&pi=340751602&ad=532516461&advt=8311042&chnl=-7&vndr=115&sz=10125&u=$$26255540_16388744155_433584435$$&viq_did=&pt=i HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28129137&si=7080037&ci=174160234&pi=340751602&ad=532516461&advt=8311042&chnl=-7&vndr=115&sz=10125&u=$$26255540_16388744155_433584435$$&viq_did=&pt=i
Request Chain 132
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMcskKOqL0AQlgRE0OuMxp4&google_cver=1&google_push=ASkJ3FaLUVFj55FM693SCB5RPkKxngAjlA0NKMC_R9YZavBu0ZY862kuFKyXHRaF4Hy2xSofsSC6xBgPMAwdElIYjkESp2SavGY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FaLUVFj55FM693SCB5RPkKxngAjlA0NKMC_R9YZavBu0ZY862kuFKyXHRaF4Hy2xSofsSC6xBgPMAwdElIYjkESp2SavGY&google_hm=OY-qCnGoQZenIhw3z3ovztM
Request Chain 133
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP985LV2me7AHOgFx6oFYjA&google_cver=1&google_push=ASkJ3FZaGwoliP-PV1QcKVrfpyh5Q2fxdgRyG8hSK0C_5pn1lil7364hm0kvEs_lgdj9kN6RhmDQNTXxqeHQYqFqrUlFdcnjSEXH HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d935ef6a-9b4d-4f42-8dd1-cb71eb1df523&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZaGwoliP-PV1QcKVrfpyh5Q2fxdgRyG8hSK0C_5pn1lil7364hm0kvEs_lgdj9kN6RhmDQNTXxqeHQYqFqrUlFdcnjSEXH&google_hm=4tXBzNwuSbqJzocVc-QmsA==
Request Chain 134
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOwoexrqhCFcnO81reW5pfg&google_cver=1&google_push=ASkJ3FZRUX0MAZ6Ca4alCgKYPEwVmFRlD7CS1pRbUW7vThVM2Gl2R2gm-0zdROEx8zuDGDncQLJo1-cBQX3-pOvJlGGVbtGqNd6U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZRUX0MAZ6Ca4alCgKYPEwVmFRlD7CS1pRbUW7vThVM2Gl2R2gm-0zdROEx8zuDGDncQLJo1-cBQX3-pOvJlGGVbtGqNd6U&google_hm=eS05Z3M5T0FoRTJwRnFacVhySHguRTkyZEt1cmRBSU8xSn5B
Request Chain 135
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENS7ZPMkyVbgBoGNN8rPDKo&google_cver=1&google_push=ASkJ3FbagEimnI-qK4LabUxtMZfYNNidV8j9XcqjpjGUXhUwwO022QEiqDSjaTMJif6k5X03tFYceS1lfNeiLVdjSwqLGUfzmjQ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkwMTE1NTc1ODc5OTc2MzgyOA&google_push=ASkJ3FbagEimnI-qK4LabUxtMZfYNNidV8j9XcqjpjGUXhUwwO022QEiqDSjaTMJif6k5X03tFYceS1lfNeiLVdjSwqLGUfzmjQ5
Request Chain 136
  • https://match.360yield.com/match/ebda?google_gid=CAESEDsI66bZMLb9EDZB0_-vh6E&google_cver=1&google_push=ASkJ3FbHn1MsfllMXYSIB08L6eB4FfYeJi9Gtd4YRHltrkwSFCopgYmsNFXHpKwdTEjN-pyNSRfeNq7pjqEZGJbkExtkwNJwth8 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDsI66bZMLb9EDZB0_-vh6E&google_cver=1&google_push=ASkJ3FbHn1MsfllMXYSIB08L6eB4FfYeJi9Gtd4YRHltrkwSFCopgYmsNFXHpKwdTEjN-pyNSRfeNq7pjqEZGJbkExtkwNJwth8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3p6YAHf3SmmxpbFYjYBpNg&google_push=ASkJ3FbHn1MsfllMXYSIB08L6eB4FfYeJi9Gtd4YRHltrkwSFCopgYmsNFXHpKwdTEjN-pyNSRfeNq7pjqEZGJbkExtkwNJwth8
Request Chain 137
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAMflJ4FAaOvFzXFPkknjWs&google_cver=1&google_push=ASkJ3FarIk6MKX-C2W8GXHOB7Um9v9gVuQcNoHAO2oEqwEcrPWazYNJJc2eQOm0sowAmvVdFuPg1PIipIOd1hHnBDAajphr86w4jvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FarIk6MKX-C2W8GXHOB7Um9v9gVuQcNoHAO2oEqwEcrPWazYNJJc2eQOm0sowAmvVdFuPg1PIipIOd1hHnBDAajphr86w4jvw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 147
  • https://cdn.navdmp.com/cus?acc=55810&cus=235285&img=1 HTTP 302
  • https://cdn.navdmp.com/img?acc=55810&cus=235285&img=1
Request Chain 169
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFHGtPmRw7RBT-0a5fiFl-0&google_cver=1&google_push=ASkJ3Fb8vys-cJe-hnJtVHSKRtT9C8tIiQwSVSysjjORxc_LS1ffQf11037IFn8lDyVSjQwA5M5Kc7sIj5w4ZbZIlJ4b3shjP8Ma HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ZnljhkXMTACqrMsdtd0P4w&google_push=ASkJ3Fb8vys-cJe-hnJtVHSKRtT9C8tIiQwSVSysjjORxc_LS1ffQf11037IFn8lDyVSjQwA5M5Kc7sIj5w4ZbZIlJ4b3shjP8Ma
Request Chain 171
  • https://match.360yield.com/match/ebda?google_gid=CAESEDsI66bZMLb9EDZB0_-vh6E&google_cver=1&google_push=ASkJ3FbG5wlxUVXcPfOZnN8hBR_t8QVAP2yLQWz7j3vH5tTGd241O5Jsdeb2QY191F8-ncAPB8JfrbgJ9NGPhs1Bbwr7RSUI-8aXCw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3p6YAHf3SmmxpbFYjYBpNg&google_push=ASkJ3FbG5wlxUVXcPfOZnN8hBR_t8QVAP2yLQWz7j3vH5tTGd241O5Jsdeb2QY191F8-ncAPB8JfrbgJ9NGPhs1Bbwr7RSUI-8aXCw
Request Chain 172
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFbrkVOSuGQlUms01XKrYMA&google_cver=1&google_push=ASkJ3FZSx1pm9NYs4jFKqqJOL8ih3_1oY-BZoO2woP3xC1H8GEd3rB9Ue-cU1xZ-hYpwG0dcIAWu5gWa7uDEFupA7cWJLK5M9zgN9w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nbVNkWWxGRTJ1RlYuaEJOanhqM1dZX1BCVkx0NGdNU35B&google_push=ASkJ3FZSx1pm9NYs4jFKqqJOL8ih3_1oY-BZoO2woP3xC1H8GEd3rB9Ue-cU1xZ-hYpwG0dcIAWu5gWa7uDEFupA7cWJLK5M9zgN9w
Request Chain 173
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAMflJ4FAaOvFzXFPkknjWs&google_cver=1&google_push=ASkJ3FYyOVkkE_Dd1T89NxPS59_08bb8-OFBn9dGpJpRSOtes9jhgTbjQRbEBQr8F3mgSb81rb5JaNPoH9Lvmjlxu_0rFo1HCaiYh-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYyOVkkE_Dd1T89NxPS59_08bb8-OFBn9dGpJpRSOtes9jhgTbjQRbEBQr8F3mgSb81rb5JaNPoH9Lvmjlxu_0rFo1HCaiYh-w HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 174
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOoLf5s7mrYv5Of4_6A9rWI&google_cver=1&google_push=ASkJ3FbOwV26USqmcGgAr-EaMR9NVajxpFRDdDU9ceC8UVW7_GrLgHoEgs2fn2XCFsxRUMUDDEFUxK8a_Oyd-P80-5U-wdGJrRo6ig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FbOwV26USqmcGgAr-EaMR9NVajxpFRDdDU9ceC8UVW7_GrLgHoEgs2fn2XCFsxRUMUDDEFUxK8a_Oyd-P80-5U-wdGJrRo6ig HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 176
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 187
  • https://fw.adsafeprotected.com/rfw/st/1095812/64317497/skeleton.js?ias_dspID=3&ias_campId=26255540&ias_pubId=pub-9189159586664939&ias_chanId=1&ias_placementId=16388744155&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gdKebH640e2OKnLyxGMUMd&adsafe_url=https%3A%2F%2Fwww.adorocinema.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.adorocinema.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c15c702a-6499-f6f8-7705-43a4d52a71e3,c:vnBmG8,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-4tbvl,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.254,am:sp,cc:0.0.970.254,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:630,mot:0,app:0,maw:0,fm:toBdZhQ+11%7C12%7C13%7C14%7C15%7C16%7C17*.1095812-64317497%7C171%7C172%7C173%7C1811%7C1812,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:646,oid:f5e8be9a-700d-11ed-ba1b-a6a8f7ee288d,v:19.8.366,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

200 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.adorocinema.com/series/serie-23354/temporada-40708/
Redirect Chain
  • https://www.adorocinema.com/series/serie-23354/temporada-40708
  • http://www.adorocinema.com/series/serie-23354/temporada-40708/
  • https://www.adorocinema.com/series/serie-23354/temporada-40708/
318 KB
46 KB
Document
General
Full URL
https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81fcc293ddd2b9750b701071503602aca2df533944bf063872d3c83f4ab039a5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
max-age=3600, public, stale-if-error=172800
cf-cache-status
EXPIRED
cf-ray
771d2bb8ba3bbaf1-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 29 Nov 2022 17:47:55 GMT
last-modified
Tue, 29 Nov 2022 15:37:57 GMT
link
<https://assets.adorocinema.com/skin/font/icon/font-icon-c83bfc331d.woff2>; rel="preload"; as="font"; type="font/woff2",<https://assets.adorocinema.com/skin/img/adorocinema/logo-main-grey-c656a66e89.svg>; rel="preload"; as="image"; type="image/svg+xml",<https://assets.adorocinema.com/js/website/website-common.50de7c9c4b5e6d9f67f7.js>; rel="preload"; as="script",<https://assets.adorocinema.com/js/website/seriespage.e790bfe79512b08c8632.js>; rel="preload"; as="script"
server
cloudflare
vary
Accept-Encoding,Origin

Redirect headers

CF-Cache-Status
EXPIRED
CF-RAY
771d2bb809055a31-MXP
Connection
keep-alive
Content-Length
0
Date
Tue, 29 Nov 2022 17:47:50 GMT
Server
cloudflare
Vary
Accept-Encoding
location
https://www.adorocinema.com/series/serie-23354/temporada-40708/
font-icon-c83bfc331d.woff2
assets.adorocinema.com/skin/font/icon/
14 KB
14 KB
Font
General
Full URL
https://assets.adorocinema.com/skin/font/icon/font-icon-c83bfc331d.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031ba9f0e36ddb39f92f3aa591820e4f469e8dcbae82d0ca57744fe02c73ad26

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 13:59:04 GMT
server
cloudflare
age
13121
etag
"6384bea8-3634"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
771d2bd67ccdbaf1-MXP
content-length
13876
logo-main-grey-c656a66e89.svg
assets.adorocinema.com/skin/img/adorocinema/
5 KB
2 KB
Image
General
Full URL
https://assets.adorocinema.com/skin/img/adorocinema/logo-main-grey-c656a66e89.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec7bec251d2fa5454022f6bc6977959f65cac44b63a87cac0c7287795606fc30

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 13:53:20 GMT
server
cloudflare
age
4211
etag
W/"6384bd50-13cb"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
cf-ray
771d2bd67cd5baf1-MXP
website-common.50de7c9c4b5e6d9f67f7.js
assets.adorocinema.com/js/website/
466 KB
149 KB
Script
General
Full URL
https://assets.adorocinema.com/js/website/website-common.50de7c9c4b5e6d9f67f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373d62cc93466a39462ead11f6077e86054e3cb8e657bd7f21da12f8a8bb16a6

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 28 Nov 2022 10:07:49 GMT
server
cloudflare
age
101138
cf-polished
origSize=477280
etag
W/"63848875-74860"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
cf-ray
771d2bd67cc5baf1-MXP
seriespage.e790bfe79512b08c8632.js
assets.adorocinema.com/js/website/
70 KB
22 KB
Script
General
Full URL
https://assets.adorocinema.com/js/website/seriespage.e790bfe79512b08c8632.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ea4290ce6a41739da98316fba39766a0f034d78a26dc5f70b9e40cdab8ada78

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 28 Nov 2022 10:07:49 GMT
server
cloudflare
age
97617
cf-polished
origSize=71836
etag
W/"63848875-1189c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
cf-ray
771d2bd67ccfbaf1-MXP
logo-main-c656a66e89.svg
assets.adorocinema.com/skin/img/adorocinema/
5 KB
2 KB
Image
General
Full URL
https://assets.adorocinema.com/skin/img/adorocinema/logo-main-c656a66e89.svg
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec7bec251d2fa5454022f6bc6977959f65cac44b63a87cac0c7287795606fc30

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 13:53:20 GMT
server
cloudflare
age
4211
etag
W/"6384bd50-13cb"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
cf-ray
771d2bd67cd1baf1-MXP
ad_script.js
api.tudogostoso.com.br/api/
1 KB
1 KB
Script
General
Full URL
https://api.tudogostoso.com.br/api/ad_script.js?tag=ac
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.181.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-181-68.compute-1.amazonaws.com
Software
/
Resource Hash
94cd74beb168fbd1e42849f3ee0619d3cb2f3da277afc96a5e57ca98174d144e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-runtime
0.005007
date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
gzip
age
0
etag
W/"7e37f482e8173a634056341fe4d877b2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200 OK
access-control-allow-origin
*
cache-control
max-age=1800, public
x-cache-v
MISS
accept-ranges
bytes
content-length
766
x-request-id
7ac2ee880ec4cca07cbb799bbd452edb
x-ua-compatible
IE=Edge,chrome=1
translations-af7ff365ff7ea75dd2047f221e7e2030.pt_BR.js
assets.adorocinema.com/js/website/
28 KB
9 KB
Script
General
Full URL
https://assets.adorocinema.com/js/website/translations-af7ff365ff7ea75dd2047f221e7e2030.pt_BR.js
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c36ae89214e216a7bb9613be0e1e9c11c5384dc16c5e25317f5f3764469d94

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 26 Sep 2022 10:38:31 GMT
server
cloudflare
age
5546186
etag
W/"63318127-71b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
cf-ray
771d2bd67ccabaf1-MXP
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
44 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71b45a9ea996132143e96dd0ab2978defddc3059805dcd8b20ed7a4c535330b1

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1794b412ab1fd2c35913fc45c006a4117067908e33f867b30cd34c956e6c501d

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
logo-main-light-c656a66e89.svg
assets.adorocinema.com/skin/img/adorocinema/
5 KB
2 KB
Image
General
Full URL
https://assets.adorocinema.com/skin/img/adorocinema/logo-main-light-c656a66e89.svg
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec7bec251d2fa5454022f6bc6977959f65cac44b63a87cac0c7287795606fc30

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 13:53:20 GMT
server
cloudflare
age
4211
etag
W/"6384bd50-13cb"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
cf-ray
771d2bd6bd90baf1-MXP
logo-adorocinema-33b7f5ef7b.svg
assets.adorocinema.com/skin/img/
263 B
275 B
Image
General
Full URL
https://assets.adorocinema.com/skin/img/logo-adorocinema-33b7f5ef7b.svg
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff0d16ed19c19afa3460c636f68938b31cd6c3cdf61dfddd7f2645a625297137

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 13:53:19 GMT
server
cloudflare
age
4211
etag
W/"6384bd4f-107"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
cf-ray
771d2bd6bd8bbaf1-MXP
font-icon-c83bfc331d.woff2
assets.adorocinema.com/skin/font/icon/
14 KB
14 KB
Font
General
Full URL
https://assets.adorocinema.com/skin/font/icon/font-icon-c83bfc331d.woff2
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031ba9f0e36ddb39f92f3aa591820e4f469e8dcbae82d0ca57744fe02c73ad26

Request headers

Referer
https://www.adorocinema.com/
Origin
https://www.adorocinema.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 13:59:04 GMT
server
cloudflare
age
328
etag
"6384bea8-3634"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
771d2bd6db3f59fb-MXP
content-length
13876
script-03.d79f8c4af982ce239ce1.js
assets.adorocinema.com/js/website/
8 KB
3 KB
Script
General
Full URL
https://assets.adorocinema.com/js/website/script-03.d79f8c4af982ce239ce1.js
Requested by
Host: assets.adorocinema.com
URL: https://assets.adorocinema.com/js/website/seriespage.e790bfe79512b08c8632.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abec58b56bf8092dd3dc80f03a464601accc4586859c95abdf6e124105539ebf

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 09 Nov 2022 15:27:50 GMT
server
cloudflare
age
1731786
cf-polished
origSize=7879
etag
W/"636bc6f6-1ec7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
cf-ray
771d2bd78fa2baf1-MXP
geolocalize
www.adorocinema.com/_/
0
0
Fetch
General
Full URL
https://www.adorocinema.com/_/geolocalize
Requested by
Host: assets.adorocinema.com
URL: https://assets.adorocinema.com/js/website/website-common.50de7c9c4b5e6d9f67f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/series/serie-23354/temporada-40708/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
cache-control
max-age=3600, no-store, private, stale-if-error=172800
cf-cache-status
BYPASS
server
cloudflare
cf-ray
771d2bd79ff2baf1-MXP
vary
Origin, Accept-Encoding
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: assets.adorocinema.com
URL: https://assets.adorocinema.com/js/website/website-common.50de7c9c4b5e6d9f67f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 15:48:34 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
7161
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 29 Nov 2022 17:48:34 GMT
client
accounts.google.com/gsi/
191 KB
76 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: assets.adorocinema.com
URL: https://assets.adorocinema.com/js/website/website-common.50de7c9c4b5e6d9f67f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
741a48d0125f98733b8bde4486c45981b9d558d15330c5803ba13926282ecb07
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-M1KeEHcCnj1XDR4MEcmdsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-M1KeEHcCnj1XDR4MEcmdsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 29 Nov 2022 17:47:55 GMT
AdoroCinema
cdn.lib.getjad.io/library/21636860837/
553 KB
122 KB
Script
General
Full URL
https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Requested by
Host: assets.adorocinema.com
URL: https://assets.adorocinema.com/js/website/website-common.50de7c9c4b5e6d9f67f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ca3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe40139835cd99a7273682986097946d9aeb8d32b461e06282f1906e0e1808d5

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 15:01:55 GMT
server
cloudflare
age
811
etag
W/"8a576-5ee9d44d33349-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-max-age=3600, stale-while-revalidate=3600, stale-if-error=7200
cf-ray
771d2bd9ff903760-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 29 Nov 2022 18:02:16 GMT
sdk.js
connect.facebook.net/pt_BR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: assets.adorocinema.com
URL: https://assets.adorocinema.com/js/website/website-common.50de7c9c4b5e6d9f67f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c478abe360a67e346be938ecdae1efe8735689c726560af2fc3ade19b456ad1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 17:47:56 GMT
content-md5
nvfWzPt2iE3R9dwEulg39A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
S9cl4nMtqbjTpUyO4/X1yvGxkQ2Ft2G6Tow3Y0Sl9N2MS9A5zzDJHcqDTMS7jzmuhaFbEH62MxIAo2ZZcx9AAA==
x-fb-trip-id
686109401
x-fb-content-md5
57255331576f36216c14bf622efb90d3
cross-origin-opener-policy
same-origin-allow-popups
etag
"34c321a012ae6ff9919ce784cfaf3f0f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 17:49:33 GMT
secondary-styles.min-52db1c14e4.css
assets.adorocinema.com/skin/css/adorocinema/
36 KB
8 KB
Stylesheet
General
Full URL
https://assets.adorocinema.com/skin/css/adorocinema/secondary-styles.min-52db1c14e4.css
Requested by
Host: assets.adorocinema.com
URL: https://assets.adorocinema.com/js/website/website-common.50de7c9c4b5e6d9f67f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd804223e989c6fa1516178df3f0d58809bda95fc7c418ef85108c104bb9af7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 14 Sep 2022 09:56:42 GMT
server
cloudflare
age
6580043
cf-polished
origSize=36527
etag
W/"6321a55a-8eaf"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
cf-ray
771d2bd93b40baf1-MXP
sprite-93d7825236.png
assets.adorocinema.com/skin/img/adorocinema/
19 KB
19 KB
Image
General
Full URL
https://assets.adorocinema.com/skin/img/adorocinema/sprite-93d7825236.png
Requested by
Host: assets.adorocinema.com
URL: https://assets.adorocinema.com/skin/css/adorocinema/secondary-styles.min-52db1c14e4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eabf4a0b1abfd22536c9d8e232df86c074e10feb0fe9516c333bc9d7951719f8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://assets.adorocinema.com/skin/css/adorocinema/secondary-styles.min-52db1c14e4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 02 Nov 2022 15:56:16 GMT
server
cloudflare
age
1640894
cf-polished
origFmt=png, origSize=26168
etag
"63629320-6638"
vary
Accept
content-type
image/webp
cache-control
public,max-age=31536000
content-disposition
inline; filename="sprite-93d7825236.webp"
accept-ranges
bytes
cf-ray
771d2bd97bbbbaf1-MXP
content-length
19300
collect
www.google-analytics.com/j/
4 B
150 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1023143292&t=pageview&_s=1&dl=https%3A%2F%2Fwww.adorocinema.com%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&dp=%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&ul=en-us&de=UTF-8&dt=Amphibia%203%C2%AA%20temporada%20-%20AdoroCinema&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABEAAAACAAgB~&jid=1994942059&gjid=112067993&cid=2106588598.1669744076&tid=UA-4912475-1&_gid=2139033946.1669744076&_r=1&_slc=1&cd1=noblock&cd2=noblock&cd98=&cd102=graph&cd10=seriespage_seasonpage&cd9=no&cd24=5002&cd25=122004&cd26=13005&cd27=13026&cd62=disney_channel_us&cd64=&cd70=no&cd76=null&cd79=null&cd82=23354-amphibia&cd83=in_production&cd84=series&cd87=23354&cd92=disney&cd93=null&cm2=0&cm3=null&cm10=3&cd60=03&npa=1&z=878411086
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.adorocinema.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1023143292&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.adorocinema.com%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&dp=%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&ul=en-us&de=UTF-8&dt=Amphibia%203%C2%AA%20temporada%20-%20AdoroCinema&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ea=impression&_u=aEBAAAABEAAAACAAgB~&jid=&gjid=&cid=2106588598.1669744076&tid=UA-4912475-1&_gid=2139033946.1669744076&cd1=noblock&cd2=noblock&cd98=&cd102=graph&npa=1&z=259249564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 20:57:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75002
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1023143292&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.adorocinema.com%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&dp=%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&ul=en-us&de=UTF-8&dt=Amphibia%203%C2%AA%20temporada%20-%20AdoroCinema&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=right_column&ea=impression&el=follow_on_facebook&_u=aEBAAAABEAAAACAAgB~&jid=&gjid=&cid=2106588598.1669744076&tid=UA-4912475-1&_gid=2139033946.1669744076&cd1=noblock&cd2=noblock&cd98=&cd102=graph&cd10=seriespage_seasonpage&cd83=Em%20andamento&npa=1&z=1154615629
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 20:57:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75002
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
442 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4912475-1&cid=2106588598.1669744076&jid=1994942059&gjid=112067993&_gid=2139033946.1669744076&npa=1&_u=aEBAAAAAEAAAACAAgB~&z=770212795
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 29 Nov 2022 17:47:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.adorocinema.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.js
static.criteo.net/js/ld/
121 KB
40 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Nov 2022 17:47:56 GMT
me
cdn.lib.getjad.io/geoloc/
39 B
163 B
XHR
General
Full URL
https://cdn.lib.getjad.io/geoloc/me
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:ca3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e18c35fce4a44c2903f64e7e916949e772dacec7438feb149503baa1b95efe

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
771d2bdae8705a2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39
otToken.js
storage.googleapis.com/fledge-tests/
413 B
1004 B
Script
General
Full URL
https://storage.googleapis.com/fledge-tests/otToken.js
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:45:18 GMT
age
158
x-guploader-uploadid
ADPycdv6YlImtBfhyAxQDXTBh3aDAFMO_U5-XAE7deQMh-9HfnkeezsrdmTrCdjF7FsxqJC2eKDH5WiRItjHJE4x4JB_Ag
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
413
last-modified
Tue, 08 Nov 2022 10:42:35 GMT
server
UploadServer
etag
"483749ebdd3ce30b016713e5624a0bf8"
x-goog-generation
1667904155021583
x-goog-hash
crc32c=4ZqF4w==, md5=SDdJ69084wsBZxPlYkoL+A==
content-type
application/x-javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
413
accept-ranges
bytes
expires
Tue, 29 Nov 2022 18:45:18 GMT
AdoroCinema
cdn.lib.getjad.io/dmp/21636860837/
5 KB
2 KB
Script
General
Full URL
https://cdn.lib.getjad.io/dmp/21636860837/AdoroCinema
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ca3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa01372c2aac8a8e9c84cfb47aaf25ec5c0aa838f34086ab76a2fdb15344de9

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 23:00:29 GMT
server
cloudflare
age
342
etag
W/"13eb-5ee3f5f211483-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-max-age=3600, stale-while-revalidate=3600, stale-if-error=7200
cf-ray
771d2bdad8c23760-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 29 Nov 2022 18:35:21 GMT
universal.min.js
tag.navdmp.com/
14 KB
5 KB
Script
General
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 May 2022 12:22:37 GMT
server
cloudflare
age
2691
etag
W/"6283938d-3671"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
771d2bdb2c2bbafd-MXP
expires
Tue, 29 Nov 2022 18:03:05 GMT
21636860837
cdn.lib.getjad.io/prebid/
296 KB
89 KB
Script
General
Full URL
https://cdn.lib.getjad.io/prebid/21636860837
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ca3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daabaaa4c60e8bb98497c120f60f8c3ead8319aa08ddd7aeb35f0ac3e110b59d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Jul 2022 22:00:05 GMT
server
cloudflare
age
342
etag
W/"49ee2-5e4bc6c45349f-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-max-age=3600, stale-while-revalidate=3600, stale-if-error=7200
cf-ray
771d2bdad8c43760-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 29 Nov 2022 18:25:10 GMT
84dda478-b6d6-4a9b-a5ae-6f1b6b5d17a0
boot.pbstck.com/v1/tag/
1 KB
852 B
Script
General
Full URL
https://boot.pbstck.com/v1/tag/84dda478-b6d6-4a9b-a5ae-6f1b6b5d17a0
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732c268c80bff060e288d843bb13eb4f9a620eaee78214a74890442e6c08809f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
timing-allow-origin
*
cf-ray
771d2bdb2d4f83b2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
59.json
cdn.lib.getjad.io/restrictedurl/b0/09/f1/b4/fa/29/2e/3b/48/38/07/fc/55/d2/97/
55 B
378 B
XHR
General
Full URL
https://cdn.lib.getjad.io/restrictedurl/b0/09/f1/b4/fa/29/2e/3b/48/38/07/fc/55/d2/97/59.json
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:ca3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384ce239bb18b025487edd2785e26714f97641aab5bebf7618eddea94942e976

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Jan 2022 14:08:03 GMT
server
cloudflare
age
2945
etag
W/"37-5d60407daefe8;5dd8aeb2c1258"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600, s-max-age=3600, stale-while-revalidate=3600, stale-if-error=7200
cf-ray
771d2bdae8715a2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 29 Nov 2022 17:43:03 GMT
t3m.js
tags.t.tailtarget.com/
59 KB
15 KB
Script
General
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-10531-7/CT-136
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
8bdad6568b36746e2fcea31c18644d8b732a9bc74e3bab1133126e6afabcef67

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:03:22 GMT
content-encoding
gzip
via
1.1 google
age
6274
x-guploader-uploadid
ADPycdvhVcmLolAiRfTum_yY2skLus27VGV1Nx4pGSvL0pdT6X0XHkm8YHu9_C_P-Jo5uWfMi14L6wIAMhQGfXL9ldP1YxTQ330F
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14502
last-modified
Thu, 14 Apr 2022 16:12:47 GMT
server
nginx/1.8.1
etag
"a2c01dcd281e8785a41e9cc9dbc6c851"
vary
Accept-Encoding
x-goog-generation
1649952767804193
x-goog-hash
md5=osAdzSgeh4WkHpzJ28bIUQ==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
14502
accept-ranges
bytes
expires
Tue, 29 Nov 2022 18:03:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/library/21636860837/AdoroCinema
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf8413ba8207afd3491c90608ef483e76758a036c9ac7efe64d9ff70648474d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27241
x-xss-protection
0
server
sffe
etag
"1406 / 78 of 1000 / last-modified: 1669734345"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 29 Nov 2022 17:47:56 GMT
style
accounts.google.com/gsi/
533 B
608 B
Stylesheet
General
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X3q-X4ACIQcozFLGkrM0uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-security-policy
script-src 'report-sample' 'nonce-X3q-X4ACIQcozFLGkrM0uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 29 Nov 2022 17:47:56 GMT
status
accounts.google.com/gsi/
40 B
529 B
XHR
General
Full URL
https://accounts.google.com/gsi/status?client_id=361569172777-00a9t0oevph439m4rc0sn40uk1ltl137.apps.googleusercontent.com&as=4fSbGAHWjqASW9zwAVo3fw
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c69ed927f7823a83b6857bcef2ccc9d822b9c4afa94517e0563f15bdc7e6dc39
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7kIPdp3OcRWXt6GrsMrgkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7kIPdp3OcRWXt6GrsMrgkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.adorocinema.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
cus
cdn.navdmp.com/
43 B
414 B
Image
General
Full URL
https://cdn.navdmp.com/cus?acc=55810&cus=214837&img=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
cf-cache-status
DYNAMIC
last-modified
Tuesday, 29-Nov-2022 17:47:56 GMT
server
cloudflare
content-type
image/gif
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
act
f0
cf-ray
771d2bdb69de3760-MXP
content-length
43
55810
tag.navdmp.com/u/
616 B
524 B
Script
General
Full URL
https://tag.navdmp.com/u/55810
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be6aeac414234a5029684c4936d051b0d1a49519a3775afcb862621577bb587

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 07 Sep 2021 18:45:00 GMT
server
cloudflare
etag
W/"6137b32c-268"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
771d2bdb7d14bafd-MXP
expires
Tue, 29 Nov 2022 18:47:56 GMT
conversion.js
d.tailtarget.com/
15 KB
6 KB
Script
General
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:24:20 GMT
content-encoding
gzip
age
1416
x-guploader-uploadid
ADPycduGXnvAh6DKpeDschgVk472IUYUv1yEXcOJqEfaqwqwV4DKBc0r3aV2GNcDRQ4goFtV79gHpOLyegW0rUcdp2zt_-2WBi19
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6114
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"1f6a2c178b385e908b632664e93aed26"
x-goog-hash
crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation
1663611635525811
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
expires
Wed, 30 Nov 2022 17:24:20 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/
381 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Nov 2023 17:10:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
315 B
164 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.adorocinema.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b63b9858b4d89edbe33e8e99aebe626144fbeffa73f8735fbedff6f6cc9a7ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
expires
Tue, 29 Nov 2022 17:47:56 GMT
index-monitoring-e116637.js
cdn.pbstck.com/
186 KB
51 KB
XHR
General
Full URL
https://cdn.pbstck.com/index-monitoring-e116637.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/84dda478-b6d6-4a9b-a5ae-6f1b6b5d17a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4903adaee03b0c380254c0ff437b28fb47c72f4b8bc719e0a9598e5022734ab7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
br
cf-cache-status
HIT
age
295852
x-guploader-uploadid
ADPycduKW9tFQB2H_sp5SGWIu7md8bV_B0ut4F3YaWvikkOyVsMt5syZWt9gyzep5LwqluZK0lS5fLfnloLW6Zm174a7eQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Oct 2022 13:13:51 GMT
server
cloudflare
etag
W/"fd39a9469cc274c077fe4dde99c83cfa"
vary
Accept-Encoding
x-goog-hash
crc32c=tQfzUw==, md5=/TmpRpzCdMB3/k3emcg8+g==
x-goog-generation
1666703631064678
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
51526
cf-ray
771d2bdc0d7f5a25-MXP
expires
Sat, 03 Dec 2022 07:13:34 GMT
base.js
d.tailtarget.com/
20 KB
8 KB
Script
General
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:51:34 GMT
content-encoding
gzip
age
3382
x-guploader-uploadid
ADPycdu_zLRvDUKM1Uuqm2-vjaikTzwGnPuyfzksptRE4YeeMuXsoFyPvF4bL-9PFrBWxvnWfdyQzfRBAP1fLl5j6IQiCR-5tcSq
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8332
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash
crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation
1663611635449519
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
expires
Wed, 30 Nov 2022 16:51:34 GMT
trk
tt-10531-7.seg.t.tailtarget.com/
70 B
1 KB
Image
General
Full URL
https://tt-10531-7.seg.t.tailtarget.com/trk?tA=TT-10531-7&tJ=_event:site-adorocinema:1|_event:site_route-seriespage_seasonpage:1|_event:site_section-seriespage:1|_event:environment-web:1|_event:channel-seriespage:1|_event:subchannel-seriesserie23354tempo:1|_event:series_id-23354:1|_event:series_label-amphibia:1|_event:genre-13005:1|_event:genre-13026:1|_event:production_status-em_andamento:1|_event:is_svod_originals-0:1|_event:is_svod_exclusive-0:1|_event:svod_providers-disney:1|_event:countries-USA:1|_channel:adoro_cinema:1|_channel:adorocinema-series2:1|_channel:webediatodososcanais:1|_channel:entretenimentocanais:1&tK=1669744076&tM=direct&tL=direct&tN=direct&tY=3&tZ=522190551
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
syncframe
gum.criteo.com/ Frame 85F5
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.adorocinema.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.adorocinema.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:47:55 GMT
server
Kestrel
server-processing-duration-in-ticks
502643
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.adorocinema.com%2F&domain=www.adorocinema.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.adorocinema.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.adorocinema.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 29 Nov 2022 17:47:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
550453
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.adorocinema.com%2F&domain=www.adorocinema.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.adorocinema.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.adorocinema.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 29 Nov 2022 17:47:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
525166
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.adorocinema.com%2F&domain=www.adorocinema.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=-fmIQnxZRXNiWlZZclZ3VU43N1IxSFNPQkhIZHhsZFpLMW43bU5mQ25Ed243cHZrejJkb2Yzb0lYQXlMWi8wL2N3clQ3b3c5WmwrU01vdDJPQW1acVRVeGltOFJ6a2lPWC9nT1FIL2lZSlJxYy9BNXE3UTJoM3Zid2p1ZE...
455 B
717 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=-fmIQnxZRXNiWlZZclZ3VU43N1IxSFNPQkhIZHhsZFpLMW43bU5mQ25Ed243cHZrejJkb2Yzb0lYQXlMWi8wL2N3clQ3b3c5WmwrU01vdDJPQW1acVRVeGltOFJ6a2lPWC9nT1FIL2lZSlJxYy9BNXE3UTJoM3Zid2p1ZEYwMWlQRkIxUGpBb0dWaUJ4TGc1QkxOZ0gxYURSak91WHJyUXc4ZW13b3RDZit0aU5leTVSRWRiUnRHNGhkYWoveGs5My8vaFJsbGZ0T1ZCVjMzNGtYMUhKaXNXZXUzUjZ6SUtUQWt1dDJTeEF0c3l4Y2FJNHRZbzBRanFocy9LVG03UGZlRTNHbTFHdG9IR1Y5S2ZtSHR1M1dVc3VOK3pFMWs0M2srSW5tYXo3RnZxeHlHND18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7a3264384f8dcc460f46655cbdef8b4019c47619c60cfcaf80e1dd36f05f2676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2165813
expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=-fmIQnxZRXNiWlZZclZ3VU43N1IxSFNPQkhIZHhsZFpLMW43bU5mQ25Ed243cHZrejJkb2Yzb0lYQXlMWi8wL2N3clQ3b3c5WmwrU01vdDJPQW1acVRVeGltOFJ6a2lPWC9nT1FIL2lZSlJxYy9BNXE3UTJoM3Zid2p1ZEYwMWlQRkIxUGpBb0dWaUJ4TGc1QkxOZ0gxYURSak91WHJyUXc4ZW13b3RDZit0aU5leTVSRWRiUnRHNGhkYWoveGs5My8vaFJsbGZ0T1ZCVjMzNGtYMUhKaXNXZXUzUjZ6SUtUQWt1dDJTeEF0c3l4Y2FJNHRZbzBRanFocy9LVG03UGZlRTNHbTFHdG9IR1Y5S2ZtSHR1M1dVc3VOK3pFMWs0M2srSW5tYXo3RnZxeHlHND18&cppv=2
access-control-allow-origin
https://www.adorocinema.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
821520
content-length
0
expires
0
envelope
api.rlcdn.com/api/identity/
0
256 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13772
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.adorocinema.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.adorocinema.com%2F&domain=www.adorocinema.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=lHzDUnw0algrZGU0Mzd0dC9QTUdSZzliZVNjQWFraDd2M09ZeWl2R3NMS3YwMEo0WnBtUHJZa3dKL3Zmam44WmpLWDBIcWNVQTN3d2ZTWlluQUxwWTNOR0Q1SmJpeStScU1JWWMwRW5MY2lGM2RKUmtweTdGZDJCZWZOVH...
461 B
720 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=lHzDUnw0algrZGU0Mzd0dC9QTUdSZzliZVNjQWFraDd2M09ZeWl2R3NMS3YwMEo0WnBtUHJZa3dKL3Zmam44WmpLWDBIcWNVQTN3d2ZTWlluQUxwWTNOR0Q1SmJpeStScU1JWWMwRW5MY2lGM2RKUmtweTdGZDJCZWZOVHJjRTFxVlJRMGQ0OWkrOUFFN2l1QXltcVpTdmViV3QyRi9MUFJ6MVBTZysvb2t3VkZ5VU5aL0lkaklDSGhxSTVPVUFSaG56VjkzcXRydWVWei9aN2lZaEg4Z29rZTFCOGlLeUtmZUc3OEV6Smo1Q2lTYkdFTWxRYkpBTGtlSzVIbGgxSnp1SDdmNkJkckNxdm01cjRoMExQaHhTZHMrajhvclVSS2I3Qk9tU2tyTzJRTFJlZz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4b00abc113a43529afafd5b23f00ebbd6be89c291696b141868fe33011d8e9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2449437
expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=lHzDUnw0algrZGU0Mzd0dC9QTUdSZzliZVNjQWFraDd2M09ZeWl2R3NMS3YwMEo0WnBtUHJZa3dKL3Zmam44WmpLWDBIcWNVQTN3d2ZTWlluQUxwWTNOR0Q1SmJpeStScU1JWWMwRW5MY2lGM2RKUmtweTdGZDJCZWZOVHJjRTFxVlJRMGQ0OWkrOUFFN2l1QXltcVpTdmViV3QyRi9MUFJ6MVBTZysvb2t3VkZ5VU5aL0lkaklDSGhxSTVPVUFSaG56VjkzcXRydWVWei9aN2lZaEg4Z29rZTFCOGlLeUtmZUc3OEV6Smo1Q2lTYkdFTWxRYkpBTGtlSzVIbGgxSnp1SDdmNkJkckNxdm01cjRoMExQaHhTZHMrajhvclVSS2I3Qk9tU2tyTzJRTFJlZz18&cppv=2
access-control-allow-origin
https://www.adorocinema.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
490975
content-length
0
expires
0
sdk.js
connect.facebook.net/pt_BR/
300 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=9a02cd0639a1367412b039d80e381401
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
138600655d5c5e7de4baefc65fa82326ee5061b9e4bd1e18e4ae2f4197ccaefa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.adorocinema.com/
Origin
https://www.adorocinema.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 17:47:56 GMT
content-md5
bUWyvUoSmWsSPy7Gm9xThw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86946
x-fb-rlafr
0
x-fb-debug
8jTejZHq/0rspH/OHkL3Ukx3nJK3zIx4S4Hbi2r5af+Lef0nZEcXXWu/7QJzy7sQxuLjQd0dP1dGgEPALN0AWA==
x-fb-content-md5
0626d2cba89c76e9e2435555bd4e2825
cross-origin-opener-policy
same-origin-allow-popups
etag
"bcf8bae7291dc8b8461023d10fecba75"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 29 Nov 2023 15:37:39 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.adorocinema.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.adorocinema.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 29 Nov 2022 17:47:56 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.adorocinema.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.adorocinema.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 29 Nov 2022 17:47:56 GMT
server
ATS/9.1.10.25
prebid
prebid.media.net/rtb/
1 KB
1008 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUV769PV
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9f1241f32d3392b07d12a894dc143d9801bb327c95a2b2701b8d2becabc4e417

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.adorocinema.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 29 Nov 2022 17:47:56 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
344 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13624&site_id=60612&zone_id=625214%3B551842&size_id=15%3B2&alt_size_ids=10%3B57&rf=https%3A%2F%2Fwww.adorocinema.com%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&tk_flint=pbjs_lite_v7.7.0&x_source.tid=31094056-7b95-48ba-80c1-8d962758e139%3Bcaf7bc97-332f-4e58-9d00-a10e085be1cf&l_pb_bid_id=56486ee9620906%3B6477f085aa7619&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.17813684723655654
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a51fadcc59fc3743365cdc1518034ba497ab43294629a0f6ee955675ec6dbaab

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.adorocinema.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9e60749e72d0f05041a363dba8abb7094a570954fa69b1a65bffbfee37e93591

Request headers

Referer
https://www.adorocinema.com/
x-openrtb-version
2.5
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.adorocinema.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
300 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0573d8dfccf51c0a905651069bd35601eb8d17d37d4629cfd8a223e2dbbda016

Request headers

Referer
https://www.adorocinema.com/
x-openrtb-version
2.5
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.adorocinema.com
access-control-allow-credentials
true
content-length
66
translator
hbopenbid.pubmatic.com/
0
119 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.adorocinema.com
date
Tue, 29 Nov 2022 17:47:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
250 B
949 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
479c5a156cd92a95cda521f80775275d32bbe666c113e1faa3067dea56a13b96
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 17:47:56 GMT
AN-X-Request-Uuid
ccebc2da-3627-4238-a541-1a1f445e40a5
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.adorocinema.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
192.145.127.211; 192.145.127.211; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/
171 B
561 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.adorocinema.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
171 B
561 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:55 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.adorocinema.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/
313 B
485 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=185&av=34&wv=7.7.0&cb=16955294419
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6e5e0e2c9af74956518f79fcb7841737168ef321932f38066a631f66d3a08988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.adorocinema.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
211
sid
mug.criteo.com/ Frame 85F5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=adorocinema.com&sn=ChromeSyncframe&so=0&topUrl=www.adorocinema.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=aMTfRHxnL1VyYU1QNHFmUnhZNnlMcWJsUHNpTnpCN004eDI5ZXFRTURRUmdTd0xUTjQwRXVaa2VkQ1JEa3lLdGErdCtiK0FJM2xyUjd2VEVqdW5BUWN0SDJFYW5FTVErYzdaQXcxQlJxUGdDRDVYZ0hwRkZqQVhwMWFFcm...
439 B
655 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=aMTfRHxnL1VyYU1QNHFmUnhZNnlMcWJsUHNpTnpCN004eDI5ZXFRTURRUmdTd0xUTjQwRXVaa2VkQ1JEa3lLdGErdCtiK0FJM2xyUjd2VEVqdW5BUWN0SDJFYW5FTVErYzdaQXcxQlJxUGdDRDVYZ0hwRkZqQVhwMWFFcmFqOHJvUWxoWkhGN0FDSi81UnVvT0NKY2pDZCtQL3AreXhOU04yOVZvREE5cXdUQjlBVW9NczBjTGJiNkIyT0dxUW1FN0gwSGhEOVczaDFBVEd6WTZaaUJHYWVVd3ZGSS9JSjdkVnN1cmV0TmRXM0pYZnpMN0s3c0NFNUxvTkYvODM0NU9NZ21BVnk5aDdUbDc2VzlqSGhRdW9XRFlQQT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
09809a1959d8460d17235cc9069df51aaaef908d43e1aab69ab31d9467ecb0d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:55 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
7188324
expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=aMTfRHxnL1VyYU1QNHFmUnhZNnlMcWJsUHNpTnpCN004eDI5ZXFRTURRUmdTd0xUTjQwRXVaa2VkQ1JEa3lLdGErdCtiK0FJM2xyUjd2VEVqdW5BUWN0SDJFYW5FTVErYzdaQXcxQlJxUGdDRDVYZ0hwRkZqQVhwMWFFcmFqOHJvUWxoWkhGN0FDSi81UnVvT0NKY2pDZCtQL3AreXhOU04yOVZvREE5cXdUQjlBVW9NczBjTGJiNkIyT0dxUW1FN0gwSGhEOVczaDFBVEd6WTZaaUJHYWVVd3ZGSS9JSjdkVnN1cmV0TmRXM0pYZnpMN0s3c0NFNUxvTkYvODM0NU9NZ21BVnk5aDdUbDc2VzlqSGhRdW9XRFlQQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
497518
content-length
0
expires
0
usr
usr.navdmp.com/
359 B
431 B
Script
General
Full URL
https://usr.navdmp.com/usr?v=7&acc=55810&u=1&new=1&wst=0&wct=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bc4f1e40b4d5f6ee42a779522e01b07fb4eceb6bbc4c3f5f6493a997d07932a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
771d2bdd6977bafd-MXP
expires
Tue, 29 Nov 2022 18:47:56 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=362532407092981&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.adorocinema.com%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=9a02cd0639a1367412b039d80e381401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 29 Nov 2022 17:47:56 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
NFQGPLtkZV36zCQ1+xAnSBoAWa0ioRC/v8AQvmC/J5P/Ms3mDMgiew4eChFjxqH5NZ81YT9ATBjzih1M05TsBw==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.adorocinema.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/login/ Frame 78F4
Redirect Chain
  • https://www.facebook.com/v3.2/plugins/page.php?app_id=362532407092981&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df626f37affbda%26domain%3Dwww.ad...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D362532407092981%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_ar...
0
0
Document
General
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D362532407092981%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df626f37affbda%2526domain%253Dwww.adorocinema.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.adorocinema.com%25252Ff21d2b0ac0a6698%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fadorocinema%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=9a02cd0639a1367412b039d80e381401
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.adorocinema.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Nov 2022 17:47:56 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
vYHS87AMQ6SEphE9qg3JkoZ/+eq8++pjMqvBJl+cjvZ2IgSHmKQQvfHbTtNcyXQld1H6ky0kq0APDpgRbAXnYQ==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 29 Nov 2022 17:47:56 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v9.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D362532407092981%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df626f37affbda%2526domain%253Dwww.adorocinema.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.adorocinema.com%25252Ff21d2b0ac0a6698%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fadorocinema%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse
pragma
no-cache
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
tBkzoeryz4zq7QSjUuWpxr1f8LnHBhcMAkAT/z2ulijzfBPJrfSexvyoRzCnw5Y1BTQ6J+Bk9LKo1z0EVnaRgg==
x-fb-rlafr
0
x-xss-protection
0
u
b.t.tailtarget.com/
54 B
169 B
Script
General
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
868f57535bee974cf2df30da7eba52962abbe8d56e62cd361c01420465c9285b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
req
cdn.navdmp.com/
6 B
77 B
Script
General
Full URL
https://cdn.navdmp.com/req?v=7&id=11d3b3e2849b43d31a99a5d3b910%7C0&acc=55810&tit=Amphibia%25203%25AA%2520temporada%2520-%2520AdoroCinema&url=https%253A%2F%2Fwww.adorocinema.com%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&upd=1&new=1&h1=%2520Amphibia%253A%2520epis%25F3dios%2520de%2520la%25203%25AA%2520temporada
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
771d2bde7f1b3760-MXP
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=76566225540
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=76566225540&google_tc=
  • https://sync2.navdmp.com/sync?prtid=2&id=76566225540&google_gid=CAESEEOy51WEdSXmn1M6HM55gYA&google_cver=1
6 B
59 B
Script
General
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=76566225540&google_gid=CAESEEOy51WEdSXmn1M6HM55gYA&google_cver=1
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
771d2bdfcf1abafd-MXP
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=76566225540&google_gid=CAESEEOy51WEdSXmn1M6HM55gYA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=66796386-45cc-4c00-aaac-cb1db5dd0fe3
43 B
152 B
Image
General
Full URL
https://sync.navdmp.com/sync?img=1&mdia=66796386-45cc-4c00-aaac-cb1db5dd0fe3
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
771d2be0c93abafd-MXP
content-length
43
content-type
image/gif

Redirect headers

Date
Tue, 29 Nov 2022 17:47:56 GMT
Server
MT3 169 32252b7 master nrt-pixel-x19 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=66796386-45cc-4c00-aaac-cb1db5dd0fe3
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Tue, 29 Nov 2022 17:47:55 GMT
cms
cms.analytics.yahoo.com/
0
123 B
Image
General
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=lHzDUnw0algrZGU0Mzd0dC9QTUdSZzliZVNjQWFraDd2M09ZeWl2R3NMS3YwMEo0WnBtUHJZa3dKL3Zmam44WmpLWDBIcWNVQTN3d2ZTWlluQUxwWTNOR0Q1SmJpeStScU1JWWMwRW5MY2lGM2RKUmtweTdGZDJCZWZOVHJjRTFxVlJRMGQ0OWkrOUFFN2l1QXltcVpTdmViV3QyRi9MUFJ6MVBTZysvb2t3VkZ5VU5aL0lkaklDSGhxSTVPVUFSaG56VjkzcXRydWVWei9aN2lZaEg4Z29rZTFCOGlLeUtmZUc3OEV6Smo1Q2lTYkdFTWxRYkpBTGtlSzVIbGgxSnp1SDdmNkJkckNxdm01cjRoMExQaHhTZHMrajhvclVSS2I3Qk9tU2tyTzJRTFJlZz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 29 Nov 2022 17:47:55 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
221706
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=-fmIQnxZRXNiWlZZclZ3VU43N1IxSFNPQkhIZHhsZFpLMW43bU5mQ25Ed243cHZrejJkb2Yzb0lYQXlMWi8wL2N3clQ3b3c5WmwrU01vdDJPQW1acVRVeGltOFJ6a2lPWC9nT1FIL2lZSlJxYy9BNXE3UTJoM3Zid2p1ZEYwMWlQRkIxUGpBb0dWaUJ4TGc1QkxOZ0gxYURSak91WHJyUXc4ZW13b3RDZit0aU5leTVSRWRiUnRHNGhkYWoveGs5My8vaFJsbGZ0T1ZCVjMzNGtYMUhKaXNXZXUzUjZ6SUtUQWt1dDJTeEF0c3l4Y2FJNHRZbzBRanFocy9LVG03UGZlRTNHbTFHdG9IR1Y5S2ZtSHR1M1dVc3VOK3pFMWs0M2srSW5tYXo3RnZxeHlHND18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 29 Nov 2022 17:47:55 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
544972
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
events
bidder.criteo.com/csm/
0
220 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.adorocinema.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/
455 B
674 B
XHR
General
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=IT
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::42 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
29e548dedf75c3334cf7dd1cd5c8a54d22759fd976bedd43e5c9ac7ee7aafb77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.adorocinema.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
b
b.t.tailtarget.com/
105 B
125 B
Script
General
Full URL
https://b.t.tailtarget.com/b?tA=TT-10531-7&tY=1&tS=3&tU=0100007FCC458663E6067F9902468B18&tX=b.52&tZ=223831901
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e4f7fddd89293400421ad4892bbe9062b0449a859012e14500252fd4182632ff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d5vYKSF93QnlVRThQb3A4c3doZ1FQckt4TDFBZFBuRkFaMkZjQUpicXRzRVIzMmFFJTNE%26u%3d%24%7bUSER_ID%7d&...
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3D5vYKSF93QnlVRThQb3A4c3doZ1FQckt4TDFBZFBuRkFaMkZjQUpicXRzRVIzMmFFJTNE%26u%3D%24%7BUSER_ID%7D&...
  • https://ssp-sync.criteo.com/user-sync/match?p=5vYKSF93QnlVRThQb3A4c3doZ1FQckt4TDFBZFBuRkFaMkZjQUpicXRzRVIzMmFFJTNE&u=AADU-E7HDIwAACCU72xVvw&gdpr=false
0
141 B
Image
General
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=5vYKSF93QnlVRThQb3A4c3doZ1FQckt4TDFBZFBuRkFaMkZjQUpicXRzRVIzMmFFJTNE&u=AADU-E7HDIwAACCU72xVvw&gdpr=false
Protocol
H2
Server
2a02:2638::42 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=5vYKSF93QnlVRThQb3A4c3doZ1FQckt4TDFBZFBuRkFaMkZjQUpicXRzRVIzMmFFJTNE&u=AADU-E7HDIwAACCU72xVvw&gdpr=false
Date
Tue, 29 Nov 2022 17:47:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=HSrIn191eU1BRjJmY0MwTGVCdk5VYVJoUHZLVW1USndHUzBubVhYS2lQYTBvVXpFJTNE&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=k-BfaMN1XEdSmt0skoIL-2DSuSLC...
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=HSrIn191eU1BRjJmY0MwTGVCdk5VYVJoUHZLVW1USndHUzBubVhYS2lQYTBvVXpFJTNE&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=k-BfaMN1XEdSmt0skoIL-2...
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=criteo
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=criteo
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5901155758799763828&ssp=criteo
  • https://ssp-sync.criteo.com/user-sync/match?p=HSrIn191eU1BRjJmY0MwTGVCdk5VYVJoUHZLVW1USndHUzBubVhYS2lQYTBvVXpFJTNE&u=e2d5c1cc-dc2e-49ba-89ce-871573e426b0
0
141 B
Image
General
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=HSrIn191eU1BRjJmY0MwTGVCdk5VYVJoUHZLVW1USndHUzBubVhYS2lQYTBvVXpFJTNE&u=e2d5c1cc-dc2e-49ba-89ce-871573e426b0
Protocol
H2
Server
2a02:2638::42 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
//ssp-sync.criteo.com/user-sync/match?p=HSrIn191eU1BRjJmY0MwTGVCdk5VYVJoUHZLVW1USndHUzBubVhYS2lQYTBvVXpFJTNE&u=e2d5c1cc-dc2e-49ba-89ce-871573e426b0
date
Tue, 29 Nov 2022 17:47:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ca
tt-10531-7.seg.t.tailtarget.com/
76 B
115 B
Script
General
Full URL
https://tt-10531-7.seg.t.tailtarget.com/ca?tZ=567636510
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
ac4d7ae3fe808634b42ae83261fcfa79c1519beae4517b0ce52da31667b9a661

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
integrator.js
adservice.google.it/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.it/adsid/integrator.js?domain=www.adorocinema.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.adorocinema.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
76 KB
24 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=695904490517563&correlator=3180688064022654&eid=44761478&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21636860837%2CAdoroCinema%2Cseriespage%2Cseriespage_seasonpage&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x250%7C300x600%2C1x1%2C1x1%2C1x1%2C728x90%7C970x250&ifi=1&adks=4227228630%2C3751905487%2C1355894119%2C516762233%2C3486234723&sfv=1-0-40&ists=14&prev_scp=pos%3D1%26position%3D1%26hb_safeframe%3Dyes%26jad_floor_key%3DDisplay_WEB_Z3_T3_D_NA%26jad_call%3Dfirst%26av_viewability%3D40%2C50%2C60%2C70%7Cpos%3Dinterstitial%26position%3Dinterstitial%26hb_safeframe%3Dyes%26jad_call%3Dfirst%7Cpos%3Dnative_banner%26position%3Dnative_banner%26hb_safeframe%3Dyes%26jad_call%3Dfirst%7Cpos%3Dpulse%26position%3Dpulse%26hb_safeframe%3Dyes%26jad_call%3Dfirst%7Cpos%3Dtop%26position%3Dtop%26hb_safeframe%3Dyes%26jad_floor_key%3DDisplay_WEB_Z3_T3_D_NA%26jad_call%3Dfirst%26av_viewability%3D40%2C50%2C60%2C70&eri=1&cust_params=jad%3Dtrue%26wbads%3Dtrue%26hasHashId%3Dfalse%26notARefresh%3Dtrue%26jad_rendering%3D1%26wbads_rendering%3D1%26site%3Dadorocinema%26site_route%3Dseriespage_seasonpage%26site_section%3Dseriespage%26environment%3Dweb%26channel%3Dseriespage%26subchannel%3Dseries-serie-23354-temporada-40708%26series_id%3D23354%26series_label%3Damphibia%26genre%3D13005%252C13026%26production_status%3Dem_andamento%26is_svod_originals%3D0%26is_svod_exclusive%3D0%26svod_providers%3Ddisney%26countries%3DUSA%26fledge%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1669744076967&lmt=1669736277&dlt=1669744075216&idt=1082&adxs=1082%2C0%2C308%2C0%2C436&adys=844%2C129%2C844%2C4144%2C129&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.adorocinema.com%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&frm=20&vis=1&psz=300x3224%7C1600x4255%7C654x3269%7C1600x4255%7C1024x210&msz=300x250%7C0x0%7C654x0%7C1600x0%7C1024x210&fws=512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=2106588598.1669744076&ga_sid=1669744077&ga_hid=1023143292&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d22d227c0234e7626a5822f25c731e105819af192b39d95208e583449a2d48e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24700
x-xss-protection
0
google-lineitem-id
6158173671,-2,-2,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138413176328,-2,-2,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.adorocinema.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc5744ea4f0f6110c1bd19456c16d84e33c252d7808c7e1170b4b2d42f76fca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11126
x-xss-protection
0
container.html
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F930
6 KB
3 KB
Document
General
Full URL
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adorocinema.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:47:57 GMT
expires
Wed, 29 Nov 2023 17:47:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 17:47:57 GMT
__tt.gif
t.tailtarget.com/
43 B
299 B
Image
General
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10531-7&tE=0&tF=&tI=_milan_lombardy_it_1669744076768_3230760915&tJ=CA18488,CA12931&tQ=adoro_cinema,adorocinema-series2,webediatodososcanais,entretenimentocanais&tU=0100007FCC458663E6067F9902468B18&tX=b.52&tY=1&tZ=126582585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 475C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adorocinema.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
1820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:17:37 GMT
expires
Wed, 29 Nov 2023 17:17:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8FDC
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
66b75833370903bf034d72a553f65ad5f714f98425c157b5821a517425217e3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--D0n9e0Jmlf8GXDaTen0yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.adorocinema.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce--D0n9e0Jmlf8GXDaTen0yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:47:57 GMT
expires
Tue, 29 Nov 2022 17:47:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 475C
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 15:00:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 15:00:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8FDC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=695904490517563&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 475C
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?snxvAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
auction
intake.pbstck.com/v1/intake/
0
64 B
XHR
General
Full URL
https://intake.pbstck.com/v1/intake/auction?sId=2364fc22&tId=84dda478-b6d6-4a9b-a5ae-6f1b6b5d17a0&c=2&ctr=IT
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.adorocinema.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 29 Nov 2022 17:47:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
771d2be48fc15a25-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ Frame DC38
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 17:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 16:10:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 17:47:57 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame DC38
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 10:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:14 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame DC38
388 KB
131 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 10:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134376
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DC38
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
19544
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:13 GMT
l
www.google.com/ads/measurement/ Frame DC38
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDKuOApofi__G0GPNp7f-v8racD3DCyq2aXSCBdpI-sjUbu6mg1L1NdZLj8Td9I5h3oT9jBBALcu0Sbv0i3ygT91GKng
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

container.html
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C136
6 KB
3 KB
Document
General
Full URL
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adorocinema.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:47:57 GMT
expires
Wed, 29 Nov 2023 17:47:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.it/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.it/adsid/integrator.js?domain=www.adorocinema.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.adorocinema.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
131 KB
34 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=695904490517563&correlator=3495222738122416&eid=44761478&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21636860837%2CAdoroCinema%2Cseriespage%2Cseriespage_seasonpage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=6&adks=3771300462&sfv=1-0-40&ists=1&fas=8&prev_scp=pos%3Dinterstitial_web%26position%3Dinterstitial_web%26hb_safeframe%3Dyes%26jad_call%3Drefresh%26jad_refresh%3D1&eri=1&cust_params=jad%3Dtrue%26wbads%3Dtrue%26hasHashId%3Dfalse%26notARefresh%3Dtrue%26jad_rendering%3D1%26wbads_rendering%3D1%26site%3Dadorocinema%26site_route%3Dseriespage_seasonpage%26site_section%3Dseriespage%26environment%3Dweb%26channel%3Dseriespage%26subchannel%3Dseries-serie-23354-temporada-40708%26series_id%3D23354%26series_label%3Damphibia%26genre%3D13005%252C13026%26production_status%3Dem_andamento%26is_svod_originals%3D0%26is_svod_exclusive%3D0%26svod_providers%3Ddisney%26countries%3DUSA%26fledge%3Dfalse%26ttLS%3D%26ttCA%3DCA18488%252CCA12931&sc=1&cookie=ID%3Dfeb2e739bad56455%3AT%3D1669744076%3AS%3DALNI_MbE4R_QYirVzB1xzXD-dsHdTwyFjQ&gpic=UID%3D00000b8a2a3cf547%3AT%3D1669744077%3ART%3D1669744077%3AS%3DALNI_MYMluWTdNk6EYRcXnrGC0I7gnUBJg&abxe=1&dt=1669744077672&lmt=1669736277&dlt=1669744075216&idt=1082&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.adorocinema.com%2Fseries%2Fserie-23354%2Ftemporada-40708%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AMjMPc0qGVVE-qQGJvw1puSElMGH3wreSWcX1tjh8r2OpscTIywPKrWf1awxzfbJJ2k9XJdWYVBSNCzoEH9CXHSh0zSToG3XE9T86sY%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=2106588598.1669744076&ga_sid=1669744077&ga_hid=1023143292&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
657b0de76e36a226beccf9a515c169e15b7045aee55792ece912340920d7aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34964
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.adorocinema.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads_2022111501.js
securepubads.g.doubleclick.net/gpt/
37 KB
14 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:22:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13838
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Nov 2023 12:22:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B528
624 B
670 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC8_LzdAhiz8t_OATAB&v=APEucNVD91pJF1Gs-674qnqkMwiDbrCweuL7jtvty5Pn30rhXkknbla8LTPL_KHslV_clAZA3VUVGZ7vNhH2vOQaGYsvCp1jFSdi3kp2bDDsj3KjTVWbq_3TNkrE7eCEdGqS46AM6WHpKDCL_WPzS7OFCZwLGx6_E7rBHvJWH2l8VWKz5FNCZnU
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:47:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C136
55 KB
20 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay_QWt8MMCOTSZDXBpg5-pUGi3PfXnFDUuKVe0Uy6F61Qr5Yl88QCbmVeqQL_bYRINmlGgvPH_ZR2avC1ohCqwvEUJ0i5xsT1NhaadbgoLKBZpcmfumW6xPcw1ApMk9K7TqP2O6hiQLfTKuQHKIMV3SNiy3p5COxkJWXM7HL9x1qVfnJ8&dbm_d=AKAmf-CaK9qk_dVyi1KVB2kV_CU0-z5AGY9UkztR_ppIl5TKUJSHgibWOWh-DBkjP0XaqBjI1rqMoZPoa4eLb5CXr3aaA9eRN1ztVq2x5Fj7d6BuIOmmolg6pIcuupurvJp7BD5ZNh-IZmeToaNzomma5qkrZfkYDw9u_4zJCrmM6Wejx1Wu9Lv1AFWC66cbkwpC7IiJiAr-D4NY44yQBYjunW-c-E_av5pSk54RTfeb5BwZhLHch5aQEVtdeQmExBIRQyrK_JOztogO5dHw3uoMyZRlowJHtp8Hn2B63r6DVEZZ9b4L9NjekiX21N4qlGJQZGLfUcSI_5HD88qt9ZsIYOYT80gdU2J4-aOr-ObnfWnO3sVrv0z4PGp0Whf3J0Tp7ew9Okf4gTSV3tVcclf3MoZi2JBxahpwITk9aog8XFEltr_vH5jq0jx8Hf4skVDR_7yRAoparRZle4xqS6sSpCrs3nFTDBNYUK7eaqSljxonEjApvs3R-TswzemjKuJ8xFVYgdIUDinKfKdOvfwXF7ckSy_JEntFjwrqv9kQ8gWU9ettnGXIQEJWEv9eS92CmE7OOy__249ibwqSVcUJEPH1ydF3xElTvBh_zW3ihE7Jy-ts1pFid_GE8LVG9HRg_59kRDLJpExud2pEohLnzYxcK7hxAC_1K4oiaGkQQPsgZmXy119edkN9f9ZYAktKxoDi8xI72ApYKnoIGG5kuIzSNTz4TtQumqU0WGv36jO9PjTaE3alp-Gfkml74dHchyuJNJvu4P7Nc70IZLQUBwVvji_3-3CN5PM-T-zxqr7I_XIDz9nobxPXg8qyH2ikOFQja__qF0m1TegXIyTCznGSYy38bFSlprfbeWKJS3cvxhVT8NrgzHYmRps5v4E2ul8cEmR7MqvBsFXDP7aB8Yo9k7VERtq0zWZVOHsyo2nvL1LUcpgQr0gNuePbc8jf28YP0EsX0mnXQlUhXzIez1x5PEhn9xxybf57x6HGMHyUd-5nukT-l4vBj6wCyjF5C93jo2BDv-p1BInCiOO3rHFe7RVPv30IzysXsDhagt-xXvK85VtkPs-UzoQoaJIzLSzCzGMjtXXmlUUFBojpUSANB_EojMijoLYotUbzzGJPQKnILOl7uS6w4kgUX6PcftmAM6P3hagBslRegj9oBQR64hJMmZPmKpmywZokazjBVZQhp4H4sP95K_vOyraid3rfs2gcUSvnhLOIe2zsJRYtDhlRYTCybafSQKm9frxpBc_sPBRo2mCjKy6SNDTdRzK4HWU2q_LtxaM51qHGErc8sx9H6kNrRZc-lcLrEBrENCYiwcWSAdz_MrO9y37mW-sYcI6qBwBySynNhJup3TKNodZ612UhznADobIEeDBSW_DGYUr_scbC9w1BL-_h0-fpIXuJpPGCdwXk54XCEhtpsqEomUo5e3cExt20ar2_cE0Nz5L0L0kKoSlM70_pX-NJOdVC5D3lQF3OlYaNDfSXK5925xZMqwGuG0UWuU3kdrZbi5XgMFgtYNW5fsy-MgoamwydSVukAaHxy6EVTyvHw0UHaSZxotW0efBx-sgfOFJgCtc-qIsDs2wwBcsOhujwxY66sDCA3JzCb5MTFvURZyY3Jo40mS86kbjsjj9-Wt9mTtnr6JpDI7r3qwaeVsdh_0AD58xkSSnr8HYxKYr-R-1gto8nYONnfzbHIwWDr83S9IcOBP-g-zibmTB-CX96GZXFUsyNIIOpCIEY-di7PyzPJu-wuk-6BzMh5RQ74JKG-q2GSHVvxtnqyLumo6cyym-a5prlclS664YkiU-wUOhqew6WivoN64NSI0FzXwr9uW18zcGI1P6dKJFW5yAqerAcFsBLO6DvSKVeor696qboJ8KpXeMIfqebdzbypFzFhgQTtZ-TrcsGfVIlylJOo0bZza9amstBLAep_tx_ESLG8zJ7RuwcrhKgYgBWn0fj3e1q6XGa0rQ0MYdX-FFUTnwKrhX6VZ_1QcIaFjPjR5mOSwyPyeWf-pOwZus8EuHTo205gAZTr7-I2rYM31OUhMgZKJVQhjdMwGq-zFNQtNrFATAeMNo9hnhwkNDsugQVURJ8RUcm6ojVTdVjTp4OLhnDW6r-w6gljcJBrY1SNAW7e2a_mU7k72ZH_WAqgbc8Hq9oP8E-oxkeOAdMXDix9X948lE4Xrumb4-V6hzTLCDUaCmhRUuFggSqNPdOEhQdPJTa3iluGVBqsVkN98MsdIfz7CnxfIJdjz0Mbtgphj5iNslszgRgWMFG6PiVfM-n0vqpaV3BtOkAtb8BY1pfhHpV2mdXJYWMkZ8w7eFpifqmHV1VMAt8ChyVKu69AtwO9_j3zHpSt8lQcz87LRdJZ4bDwZp7UJ0qrLN2a7cwiNoEmDGx9ep6RvApdT8m0zPeOiRxcCaAfmkcTq4ErEONLJKYf4WLBHDoNQrbycR7EZVOMxEf7kk5-CyLBje3gzP62x3N3ZkeHHfmHa2_t6evhg2-Vo2BSxpiu0am3C2XqmwAQKGqkc2YfEUSvwb9_Lewn-7RwtP_5z-llxSKvb7W1ei8a4ViY52hCcJthwzGlKzGwupftOznjZKVXnN0c5hqPSZ3DXMIsEZEduz91TvziT9Vwy2MdX5qIMYwsEKu980S90CXhp5CDXMQw5fAIoc3X3fsFJbX2K7EccsSJnj7bwdqnpr3eZIjrLehOcWW_C4CUbEmHypC5DTgsKoj-_81_Olr9SZjNKsWK6s3EEqNASQaVeFKlLwdHEYZZbjk3G5egKwmlBgr4bxMMM5w6R1dU3LhaFyA-qXPxW0-NRVxs2JL2CJtyQjRhE1dhkjJQZKx7dZ9gUtV7RdqI5SzQgofGeA5IbizcZDLVL14X2B-MNdp4AKMMJOf-DZRm_LYi_rtV3TNu5-KM_qk3Tn5GFkCkCPwXcXcW5fWXeR7ZCOxfxZ5RpubWNh7NCt0I3CYpZ69LDRz9uBtQHGY3CI0SofkSYCIbIia-KG74obxQEs_HdeiFGlArny5ovE55ylszqNE8bYNM7J7JYJCeniSKmqCjIPA6_wDhzY45buBx8oot3mvn0nDdNYK5Y24grMC1fw2gASGA9pA5xlHMNnLEDKsBzDM3HcDh41uPsAnKbD9L_Oy9RN2B8PPQg3cezTED0zltgh2Xd6iL9OBx8DvTFtdZXhGPvwVlUFMfFRghGL8xRGbRrJSrGVrVCoBiyvJFMnCD0_fcb3rvaLKM_UVSMSOu4f75BwCAJB9hHC2DoOsNfzaOnnn2f6xmnQRYrrRNzgCzHzl53JOff66nJy1LgwX-usS2m7JF0DD2yBFfX3YLTTSu1yEj8gzRHAveeDI8xDgRA&cid=CAQSPADq26N9JkzxINpV4lYJf4y2HiZuXR9nPnEEc4ivbbWPR5-oeMAijJ09MRD2ULO_mSVoahILdwG0HEu7oRgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.adorocinema.com%252F%240
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c626c665a215880407494fa0316b211da8b84e7d9757fbbe83609a647663a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20781
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C136
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzFkn4p-1-Ygm2S5heC8tm-wLZOC7YuD5askCrAVsB8YvuBMgT0NXgtTtOTM5BF06tjcoyu3Yb6wk10KJWgg0TaX97nZNdcFxDW3O_kaiFhnR7FO4
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C136
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 16:55:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C136
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
19544
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:13 GMT
l
www.google.com/ads/measurement/ Frame C136
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeqY0gItO0iP9ILxmX6Xo2Ob00AedHXWCPmpIl_DOqYFfgYz12lZt1NW5htB1aNKqbelFoCSzPMunIhgdk5408gKPHDA
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C136
154 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 17:47:57 GMT
csi
csi.gstatic.com/ Frame DC38
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lb2iig4q&c=4595979113727&slotId=2297989556863.5&qqid=CMDozbT50_sCFZnyuwgdMPIDvQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DC38
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adorocinema.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 05:09:29 GMT
x-content-type-options
nosniff
age
391108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 05:09:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DC38
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adorocinema.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
age
361984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 13:14:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC38
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=BCHzqzUWGY4BOmeXv9Q-w5I_oC8rptaxGAAAAEAEg2JOwVTgBWIjsxdCDBGD9gpGE6BGyARN3d3cuYWRvcm9jaW5lbWEuY29tugEJZ2ZwX2ltYWdlyAEF2gE_aHR0cHM6Ly93d3cuYWRvcm9jaW5lbWEuY29tL3Nlcmllcy9zZXJpZS0yMzM1NC90ZW1wb3JhZGEtNDA3MDgvmAKYdakCE5W_YLUDiT7AAgLgAgDqAjkvMjE2MzY4NjA4MzcvQWRvcm9DaW5lbWEvc2VyaWVzcGFnZS9zZXJpZXNwYWdlX3NlYXNvbnBhZ2X4AvLRHpADjAaYA5wEqAMB4AQB0gUGEOeLufgWkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwHgBwHyBwIgAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&eventType=clickstring&clientTime=1669744077872&ai=BCHzqzUWGY4BOmeXv9Q-w5I_oC8rptaxGAAAAEAEg2JOwVTgBWIjsxdCDBGD9gpGE6BGyARN3d3cuYWRvcm9jaW5lbWEuY29tugEJZ2ZwX2ltYWdlyAEF2gE_aHR0cHM6Ly93d3cuYWRvcm9jaW5lbWEuY29tL3Nlcmllcy9zZXJpZS0yMzM1NC90ZW1wb3JhZGEtNDA3MDgvmAKYdakCE5W_YLUDiT7AAgLgAgDqAjkvMjE2MzY4NjA4MzcvQWRvcm9DaW5lbWEvc2VyaWVzcGFnZS9zZXJpZXNwYWdlX3NlYXNvbnBhZ2X4AvLRHpADjAaYA5wEqAMB4AQB0gUGEOeLufgWkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwHgBwHyBwIgAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DC38
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTNuxE4SNsre3pb0SbNNNncqZauXvB_kZUM_KEyPsuVfbgFZ8Tc8bEdY-loncKrllRMdZ2eh8WUiPzDfWQ9NQIhAQ3qmoMuM0Y1EzyOO2_fYcGSrhdtcLNJudUi_dJFkJ2OLBqe7YS6DjNap3fbxPPFyU9HGFbSHmZDp9qc-F3j1yssNdhNg-MW_DOgpYU7UJZbUap7yCXl4AUZDOEqEpjB2ITuDSEDRLUzkpL5DBKwR7dURe4CANlp1NYbDiMTmkJGBeTf5nuffz1ZDEXL5VjHScqY4soHRy2I5oV5DMOKpRT4sgRpefs15gvG15HR0DfuDSJLdfbYbxOIlXprfeOkCIZFjMhLSbuRyTpQblmLFaBlPxJyWZMfN_sD_Y81dwF_Q&sai=AMfl-YRk0wHZR6ujA2e4U4XhzfbLCcbc9bpQ6B0DXqgbQjnCW-X1PY9lX2JQ-V4VMG8N8sDcpwLu6OBtomsHMUcPdYkZ_UIsIDOo4ujNBN__agIu8ZULu18aKae1FXEXBbHDCg&sig=Cg0ArKJSzP_zaqT92IW3EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame DC38
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35ae6ada3e0949b27d879cd8764cd2afcb94019fa89194ee69944aea36c5ad90

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
inread_blackpanther15s.mp4
opec.webedia.com.br/2022/mcdonalds/McLancheFeliz/panteranegra/ Frame DC38
2 MB
2 MB
Media
General
Full URL
https://opec.webedia.com.br/2022/mcdonalds/McLancheFeliz/panteranegra/inread_blackpanther15s.mp4
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aacf0328a261829d1e8aef3344eb81151b0fc8f1f4e3dbd511fec2b191c58d9

Request headers

Referer
https://www.adorocinema.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 29 Nov 2022 17:47:58 GMT
cf-cache-status
HIT
age
2323
x-guploader-uploadid
ADPycduqP5bPo_U8smTheHA4HvvGaxeGTkuKEkQrOIEI8ga6mtxV3BSEZfV_6_f6omwmudrcjJyZ7xCQbDHeIovL_ldNJw
x-goog-storage-class
STANDARD
Content-Range
bytes 0-2100188/2100189
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
2100189
last-modified
Fri, 18 Nov 2022 20:45:10 GMT
server
cloudflare
etag
"dbc5b8c903c27190b803f42aa18dbba1"
vary
Accept-Encoding
x-goog-hash
crc32c=FSiM9A==, md5=28W4yQPCcZC4A/QqoY27oQ==
x-goog-generation
1668804310209706
content-type
video/mp4
access-control-allow-origin
https://www.tudogostoso.com.br
cache-control
public, max-age=3600
x-goog-stored-content-length
2100189
cf-ray
771d2be7989859e3-MXP
expires
Tue, 29 Nov 2022 17:35:53 GMT
csi
csi.gstatic.com/ Frame DC38
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lb2iig4x&c=4595979113727&slotId=2297989556863.5&qqid=CMDozbT50_sCFZnyuwgdMPIDvQ&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&br=1082&mt=video%2Fmp4&vs=1280x720&ulv=1&cll=0&vast_v=4.0&vmfc=1&vhc=0&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&umsem=0&ape=1&ple=1&met.4=videopreviewvisible.q5
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B528
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqEBG1eMFqgL9COQi3ozoM&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqEBG1eMFqgL9COQi3ozoM&google_cver=1&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqEBG1eMFqgL9COQi3ozoM&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC8_LzdAhiz8t_OATAB&v=APEucNVD91pJF1Gs-674qnqkMwiDbrCweuL7jtvty5Pn30rhXkknbla8LTPL_KHslV_clAZA3VUVGZ7vNhH2vOQaGYsvCp1jFSdi3kp2bDDsj3KjTVWbq_3TNkrE7eCEdGqS46AM6WHpKDCL_WPzS7OFCZwLGx6_E7rBHvJWH2l8VWKz5FNCZnU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 17:47:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 17:47:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEDqEBG1eMFqgL9COQi3ozoM&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame B528
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4ZFzkOi0cnMRwLau73plgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqEBG1eMFqgL9COQi3ozoM&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqEBG1eMFqgL9COQi3ozoM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC8_LzdAhiz8t_OATAB&v=APEucNVD91pJF1Gs-674qnqkMwiDbrCweuL7jtvty5Pn30rhXkknbla8LTPL_KHslV_clAZA3VUVGZ7vNhH2vOQaGYsvCp1jFSdi3kp2bDDsj3KjTVWbq_3TNkrE7eCEdGqS46AM6WHpKDCL_WPzS7OFCZwLGx6_E7rBHvJWH2l8VWKz5FNCZnU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 17:47:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqEBG1eMFqgL9COQi3ozoM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame B528
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELz2yChK8Z3J3F_Bht036zs&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELz2yChK8Z3J3F_Bht036zs%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELz2yChK8Z3J3F_Bht036zs%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC8_LzdAhiz8t_OATAB&v=APEucNVD91pJF1Gs-674qnqkMwiDbrCweuL7jtvty5Pn30rhXkknbla8LTPL_KHslV_clAZA3VUVGZ7vNhH2vOQaGYsvCp1jFSdi3kp2bDDsj3KjTVWbq_3TNkrE7eCEdGqS46AM6WHpKDCL_WPzS7OFCZwLGx6_E7rBHvJWH2l8VWKz5FNCZnU
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 17:47:58 GMT
AN-X-Request-Uuid
04d323af-284f-43bd-a095-5aa319fd749e
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
192.145.127.211; 192.145.127.211; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 17:47:57 GMT
AN-X-Request-Uuid
aff8e13f-9949-49d9-8cee-aa70dc937ad3
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELz2yChK8Z3J3F_Bht036zs%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
192.145.127.211; 192.145.127.211; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B528
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM5ODczMjQ0NDM2NDUxODMzNA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM5ODczMjQ0NDM2NDUxODMzNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC8_LzdAhiz8t_OATAB&v=APEucNVD91pJF1Gs-674qnqkMwiDbrCweuL7jtvty5Pn30rhXkknbla8LTPL_KHslV_clAZA3VUVGZ7vNhH2vOQaGYsvCp1jFSdi3kp2bDDsj3KjTVWbq_3TNkrE7eCEdGqS46AM6WHpKDCL_WPzS7OFCZwLGx6_E7rBHvJWH2l8VWKz5FNCZnU
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 17:47:58 GMT
AN-X-Request-Uuid
9d348e82-f80b-4ebd-81ba-7b922764ecff
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM5ODczMjQ0NDM2NDUxODMzNA%3D%3D
Connection
keep-alive
X-Proxy-Origin
192.145.127.211; 192.145.127.211; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1095812/64317497/ Frame C136
47 KB
13 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/1095812/64317497/skeleton.js?ias_dspID=3&ias_campId=26255540&ias_pubId=pub-9189159586664939&ias_chanId=1&ias_placementId=16388744155&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gdKebH640e2OKnLyxGMUMd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay_QWt8MMCOTSZDXBpg5-pUGi3PfXnFDUuKVe0Uy6F61Qr5Yl88QCbmVeqQL_bYRINmlGgvPH_ZR2avC1ohCqwvEUJ0i5xsT1NhaadbgoLKBZpcmfumW6xPcw1ApMk9K7TqP2O6hiQLfTKuQHKIMV3SNiy3p5COxkJWXM7HL9x1qVfnJ8&dbm_d=AKAmf-CaK9qk_dVyi1KVB2kV_CU0-z5AGY9UkztR_ppIl5TKUJSHgibWOWh-DBkjP0XaqBjI1rqMoZPoa4eLb5CXr3aaA9eRN1ztVq2x5Fj7d6BuIOmmolg6pIcuupurvJp7BD5ZNh-IZmeToaNzomma5qkrZfkYDw9u_4zJCrmM6Wejx1Wu9Lv1AFWC66cbkwpC7IiJiAr-D4NY44yQBYjunW-c-E_av5pSk54RTfeb5BwZhLHch5aQEVtdeQmExBIRQyrK_JOztogO5dHw3uoMyZRlowJHtp8Hn2B63r6DVEZZ9b4L9NjekiX21N4qlGJQZGLfUcSI_5HD88qt9ZsIYOYT80gdU2J4-aOr-ObnfWnO3sVrv0z4PGp0Whf3J0Tp7ew9Okf4gTSV3tVcclf3MoZi2JBxahpwITk9aog8XFEltr_vH5jq0jx8Hf4skVDR_7yRAoparRZle4xqS6sSpCrs3nFTDBNYUK7eaqSljxonEjApvs3R-TswzemjKuJ8xFVYgdIUDinKfKdOvfwXF7ckSy_JEntFjwrqv9kQ8gWU9ettnGXIQEJWEv9eS92CmE7OOy__249ibwqSVcUJEPH1ydF3xElTvBh_zW3ihE7Jy-ts1pFid_GE8LVG9HRg_59kRDLJpExud2pEohLnzYxcK7hxAC_1K4oiaGkQQPsgZmXy119edkN9f9ZYAktKxoDi8xI72ApYKnoIGG5kuIzSNTz4TtQumqU0WGv36jO9PjTaE3alp-Gfkml74dHchyuJNJvu4P7Nc70IZLQUBwVvji_3-3CN5PM-T-zxqr7I_XIDz9nobxPXg8qyH2ikOFQja__qF0m1TegXIyTCznGSYy38bFSlprfbeWKJS3cvxhVT8NrgzHYmRps5v4E2ul8cEmR7MqvBsFXDP7aB8Yo9k7VERtq0zWZVOHsyo2nvL1LUcpgQr0gNuePbc8jf28YP0EsX0mnXQlUhXzIez1x5PEhn9xxybf57x6HGMHyUd-5nukT-l4vBj6wCyjF5C93jo2BDv-p1BInCiOO3rHFe7RVPv30IzysXsDhagt-xXvK85VtkPs-UzoQoaJIzLSzCzGMjtXXmlUUFBojpUSANB_EojMijoLYotUbzzGJPQKnILOl7uS6w4kgUX6PcftmAM6P3hagBslRegj9oBQR64hJMmZPmKpmywZokazjBVZQhp4H4sP95K_vOyraid3rfs2gcUSvnhLOIe2zsJRYtDhlRYTCybafSQKm9frxpBc_sPBRo2mCjKy6SNDTdRzK4HWU2q_LtxaM51qHGErc8sx9H6kNrRZc-lcLrEBrENCYiwcWSAdz_MrO9y37mW-sYcI6qBwBySynNhJup3TKNodZ612UhznADobIEeDBSW_DGYUr_scbC9w1BL-_h0-fpIXuJpPGCdwXk54XCEhtpsqEomUo5e3cExt20ar2_cE0Nz5L0L0kKoSlM70_pX-NJOdVC5D3lQF3OlYaNDfSXK5925xZMqwGuG0UWuU3kdrZbi5XgMFgtYNW5fsy-MgoamwydSVukAaHxy6EVTyvHw0UHaSZxotW0efBx-sgfOFJgCtc-qIsDs2wwBcsOhujwxY66sDCA3JzCb5MTFvURZyY3Jo40mS86kbjsjj9-Wt9mTtnr6JpDI7r3qwaeVsdh_0AD58xkSSnr8HYxKYr-R-1gto8nYONnfzbHIwWDr83S9IcOBP-g-zibmTB-CX96GZXFUsyNIIOpCIEY-di7PyzPJu-wuk-6BzMh5RQ74JKG-q2GSHVvxtnqyLumo6cyym-a5prlclS664YkiU-wUOhqew6WivoN64NSI0FzXwr9uW18zcGI1P6dKJFW5yAqerAcFsBLO6DvSKVeor696qboJ8KpXeMIfqebdzbypFzFhgQTtZ-TrcsGfVIlylJOo0bZza9amstBLAep_tx_ESLG8zJ7RuwcrhKgYgBWn0fj3e1q6XGa0rQ0MYdX-FFUTnwKrhX6VZ_1QcIaFjPjR5mOSwyPyeWf-pOwZus8EuHTo205gAZTr7-I2rYM31OUhMgZKJVQhjdMwGq-zFNQtNrFATAeMNo9hnhwkNDsugQVURJ8RUcm6ojVTdVjTp4OLhnDW6r-w6gljcJBrY1SNAW7e2a_mU7k72ZH_WAqgbc8Hq9oP8E-oxkeOAdMXDix9X948lE4Xrumb4-V6hzTLCDUaCmhRUuFggSqNPdOEhQdPJTa3iluGVBqsVkN98MsdIfz7CnxfIJdjz0Mbtgphj5iNslszgRgWMFG6PiVfM-n0vqpaV3BtOkAtb8BY1pfhHpV2mdXJYWMkZ8w7eFpifqmHV1VMAt8ChyVKu69AtwO9_j3zHpSt8lQcz87LRdJZ4bDwZp7UJ0qrLN2a7cwiNoEmDGx9ep6RvApdT8m0zPeOiRxcCaAfmkcTq4ErEONLJKYf4WLBHDoNQrbycR7EZVOMxEf7kk5-CyLBje3gzP62x3N3ZkeHHfmHa2_t6evhg2-Vo2BSxpiu0am3C2XqmwAQKGqkc2YfEUSvwb9_Lewn-7RwtP_5z-llxSKvb7W1ei8a4ViY52hCcJthwzGlKzGwupftOznjZKVXnN0c5hqPSZ3DXMIsEZEduz91TvziT9Vwy2MdX5qIMYwsEKu980S90CXhp5CDXMQw5fAIoc3X3fsFJbX2K7EccsSJnj7bwdqnpr3eZIjrLehOcWW_C4CUbEmHypC5DTgsKoj-_81_Olr9SZjNKsWK6s3EEqNASQaVeFKlLwdHEYZZbjk3G5egKwmlBgr4bxMMM5w6R1dU3LhaFyA-qXPxW0-NRVxs2JL2CJtyQjRhE1dhkjJQZKx7dZ9gUtV7RdqI5SzQgofGeA5IbizcZDLVL14X2B-MNdp4AKMMJOf-DZRm_LYi_rtV3TNu5-KM_qk3Tn5GFkCkCPwXcXcW5fWXeR7ZCOxfxZ5RpubWNh7NCt0I3CYpZ69LDRz9uBtQHGY3CI0SofkSYCIbIia-KG74obxQEs_HdeiFGlArny5ovE55ylszqNE8bYNM7J7JYJCeniSKmqCjIPA6_wDhzY45buBx8oot3mvn0nDdNYK5Y24grMC1fw2gASGA9pA5xlHMNnLEDKsBzDM3HcDh41uPsAnKbD9L_Oy9RN2B8PPQg3cezTED0zltgh2Xd6iL9OBx8DvTFtdZXhGPvwVlUFMfFRghGL8xRGbRrJSrGVrVCoBiyvJFMnCD0_fcb3rvaLKM_UVSMSOu4f75BwCAJB9hHC2DoOsNfzaOnnn2f6xmnQRYrrRNzgCzHzl53JOff66nJy1LgwX-usS2m7JF0DD2yBFfX3YLTTSu1yEj8gzRHAveeDI8xDgRA&cid=CAQSPADq26N9JkzxINpV4lYJf4y2HiZuXR9nPnEEc4ivbbWPR5-oeMAijJ09MRD2ULO_mSVoahILdwG0HEu7oRgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.adorocinema.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9f6f089ebb23c16cb25ade5aef0a575616765f09a2ccb6d59f7da1d04a0d7e1e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
player
realtime.clinch.co/video/player_v1/ Frame 454D
13 KB
13 KB
Document
General
Full URL
https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay_QWt8MMCOTSZDXBpg5-pUGi3PfXnFDUuKVe0Uy6F61Qr5Yl88QCbmVeqQL_bYRINmlGgvPH_ZR2avC1ohCqwvEUJ0i5xsT1NhaadbgoLKBZpcmfumW6xPcw1ApMk9K7TqP2O6hiQLfTKuQHKIMV3SNiy3p5COxkJWXM7HL9x1qVfnJ8&dbm_d=AKAmf-CaK9qk_dVyi1KVB2kV_CU0-z5AGY9UkztR_ppIl5TKUJSHgibWOWh-DBkjP0XaqBjI1rqMoZPoa4eLb5CXr3aaA9eRN1ztVq2x5Fj7d6BuIOmmolg6pIcuupurvJp7BD5ZNh-IZmeToaNzomma5qkrZfkYDw9u_4zJCrmM6Wejx1Wu9Lv1AFWC66cbkwpC7IiJiAr-D4NY44yQBYjunW-c-E_av5pSk54RTfeb5BwZhLHch5aQEVtdeQmExBIRQyrK_JOztogO5dHw3uoMyZRlowJHtp8Hn2B63r6DVEZZ9b4L9NjekiX21N4qlGJQZGLfUcSI_5HD88qt9ZsIYOYT80gdU2J4-aOr-ObnfWnO3sVrv0z4PGp0Whf3J0Tp7ew9Okf4gTSV3tVcclf3MoZi2JBxahpwITk9aog8XFEltr_vH5jq0jx8Hf4skVDR_7yRAoparRZle4xqS6sSpCrs3nFTDBNYUK7eaqSljxonEjApvs3R-TswzemjKuJ8xFVYgdIUDinKfKdOvfwXF7ckSy_JEntFjwrqv9kQ8gWU9ettnGXIQEJWEv9eS92CmE7OOy__249ibwqSVcUJEPH1ydF3xElTvBh_zW3ihE7Jy-ts1pFid_GE8LVG9HRg_59kRDLJpExud2pEohLnzYxcK7hxAC_1K4oiaGkQQPsgZmXy119edkN9f9ZYAktKxoDi8xI72ApYKnoIGG5kuIzSNTz4TtQumqU0WGv36jO9PjTaE3alp-Gfkml74dHchyuJNJvu4P7Nc70IZLQUBwVvji_3-3CN5PM-T-zxqr7I_XIDz9nobxPXg8qyH2ikOFQja__qF0m1TegXIyTCznGSYy38bFSlprfbeWKJS3cvxhVT8NrgzHYmRps5v4E2ul8cEmR7MqvBsFXDP7aB8Yo9k7VERtq0zWZVOHsyo2nvL1LUcpgQr0gNuePbc8jf28YP0EsX0mnXQlUhXzIez1x5PEhn9xxybf57x6HGMHyUd-5nukT-l4vBj6wCyjF5C93jo2BDv-p1BInCiOO3rHFe7RVPv30IzysXsDhagt-xXvK85VtkPs-UzoQoaJIzLSzCzGMjtXXmlUUFBojpUSANB_EojMijoLYotUbzzGJPQKnILOl7uS6w4kgUX6PcftmAM6P3hagBslRegj9oBQR64hJMmZPmKpmywZokazjBVZQhp4H4sP95K_vOyraid3rfs2gcUSvnhLOIe2zsJRYtDhlRYTCybafSQKm9frxpBc_sPBRo2mCjKy6SNDTdRzK4HWU2q_LtxaM51qHGErc8sx9H6kNrRZc-lcLrEBrENCYiwcWSAdz_MrO9y37mW-sYcI6qBwBySynNhJup3TKNodZ612UhznADobIEeDBSW_DGYUr_scbC9w1BL-_h0-fpIXuJpPGCdwXk54XCEhtpsqEomUo5e3cExt20ar2_cE0Nz5L0L0kKoSlM70_pX-NJOdVC5D3lQF3OlYaNDfSXK5925xZMqwGuG0UWuU3kdrZbi5XgMFgtYNW5fsy-MgoamwydSVukAaHxy6EVTyvHw0UHaSZxotW0efBx-sgfOFJgCtc-qIsDs2wwBcsOhujwxY66sDCA3JzCb5MTFvURZyY3Jo40mS86kbjsjj9-Wt9mTtnr6JpDI7r3qwaeVsdh_0AD58xkSSnr8HYxKYr-R-1gto8nYONnfzbHIwWDr83S9IcOBP-g-zibmTB-CX96GZXFUsyNIIOpCIEY-di7PyzPJu-wuk-6BzMh5RQ74JKG-q2GSHVvxtnqyLumo6cyym-a5prlclS664YkiU-wUOhqew6WivoN64NSI0FzXwr9uW18zcGI1P6dKJFW5yAqerAcFsBLO6DvSKVeor696qboJ8KpXeMIfqebdzbypFzFhgQTtZ-TrcsGfVIlylJOo0bZza9amstBLAep_tx_ESLG8zJ7RuwcrhKgYgBWn0fj3e1q6XGa0rQ0MYdX-FFUTnwKrhX6VZ_1QcIaFjPjR5mOSwyPyeWf-pOwZus8EuHTo205gAZTr7-I2rYM31OUhMgZKJVQhjdMwGq-zFNQtNrFATAeMNo9hnhwkNDsugQVURJ8RUcm6ojVTdVjTp4OLhnDW6r-w6gljcJBrY1SNAW7e2a_mU7k72ZH_WAqgbc8Hq9oP8E-oxkeOAdMXDix9X948lE4Xrumb4-V6hzTLCDUaCmhRUuFggSqNPdOEhQdPJTa3iluGVBqsVkN98MsdIfz7CnxfIJdjz0Mbtgphj5iNslszgRgWMFG6PiVfM-n0vqpaV3BtOkAtb8BY1pfhHpV2mdXJYWMkZ8w7eFpifqmHV1VMAt8ChyVKu69AtwO9_j3zHpSt8lQcz87LRdJZ4bDwZp7UJ0qrLN2a7cwiNoEmDGx9ep6RvApdT8m0zPeOiRxcCaAfmkcTq4ErEONLJKYf4WLBHDoNQrbycR7EZVOMxEf7kk5-CyLBje3gzP62x3N3ZkeHHfmHa2_t6evhg2-Vo2BSxpiu0am3C2XqmwAQKGqkc2YfEUSvwb9_Lewn-7RwtP_5z-llxSKvb7W1ei8a4ViY52hCcJthwzGlKzGwupftOznjZKVXnN0c5hqPSZ3DXMIsEZEduz91TvziT9Vwy2MdX5qIMYwsEKu980S90CXhp5CDXMQw5fAIoc3X3fsFJbX2K7EccsSJnj7bwdqnpr3eZIjrLehOcWW_C4CUbEmHypC5DTgsKoj-_81_Olr9SZjNKsWK6s3EEqNASQaVeFKlLwdHEYZZbjk3G5egKwmlBgr4bxMMM5w6R1dU3LhaFyA-qXPxW0-NRVxs2JL2CJtyQjRhE1dhkjJQZKx7dZ9gUtV7RdqI5SzQgofGeA5IbizcZDLVL14X2B-MNdp4AKMMJOf-DZRm_LYi_rtV3TNu5-KM_qk3Tn5GFkCkCPwXcXcW5fWXeR7ZCOxfxZ5RpubWNh7NCt0I3CYpZ69LDRz9uBtQHGY3CI0SofkSYCIbIia-KG74obxQEs_HdeiFGlArny5ovE55ylszqNE8bYNM7J7JYJCeniSKmqCjIPA6_wDhzY45buBx8oot3mvn0nDdNYK5Y24grMC1fw2gASGA9pA5xlHMNnLEDKsBzDM3HcDh41uPsAnKbD9L_Oy9RN2B8PPQg3cezTED0zltgh2Xd6iL9OBx8DvTFtdZXhGPvwVlUFMfFRghGL8xRGbRrJSrGVrVCoBiyvJFMnCD0_fcb3rvaLKM_UVSMSOu4f75BwCAJB9hHC2DoOsNfzaOnnn2f6xmnQRYrrRNzgCzHzl53JOff66nJy1LgwX-usS2m7JF0DD2yBFfX3YLTTSu1yEj8gzRHAveeDI8xDgRA&cid=CAQSPADq26N9JkzxINpV4lYJf4y2HiZuXR9nPnEEc4ivbbWPR5-oeMAijJ09MRD2ULO_mSVoahILdwG0HEu7oRgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.adorocinema.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.82.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-82-233.compute-1.amazonaws.com
Software
clinch /
Resource Hash
afa7d6b3851717158d2f9ac10f897be3073ba0f9f76c49132470c9a281cba659

Request headers

Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store
content-type
text/html; charset=utf-8
date
Tue, 29 Nov 2022 17:47:58 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
clinch
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C136
29 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay_QWt8MMCOTSZDXBpg5-pUGi3PfXnFDUuKVe0Uy6F61Qr5Yl88QCbmVeqQL_bYRINmlGgvPH_ZR2avC1ohCqwvEUJ0i5xsT1NhaadbgoLKBZpcmfumW6xPcw1ApMk9K7TqP2O6hiQLfTKuQHKIMV3SNiy3p5COxkJWXM7HL9x1qVfnJ8&dbm_d=AKAmf-CaK9qk_dVyi1KVB2kV_CU0-z5AGY9UkztR_ppIl5TKUJSHgibWOWh-DBkjP0XaqBjI1rqMoZPoa4eLb5CXr3aaA9eRN1ztVq2x5Fj7d6BuIOmmolg6pIcuupurvJp7BD5ZNh-IZmeToaNzomma5qkrZfkYDw9u_4zJCrmM6Wejx1Wu9Lv1AFWC66cbkwpC7IiJiAr-D4NY44yQBYjunW-c-E_av5pSk54RTfeb5BwZhLHch5aQEVtdeQmExBIRQyrK_JOztogO5dHw3uoMyZRlowJHtp8Hn2B63r6DVEZZ9b4L9NjekiX21N4qlGJQZGLfUcSI_5HD88qt9ZsIYOYT80gdU2J4-aOr-ObnfWnO3sVrv0z4PGp0Whf3J0Tp7ew9Okf4gTSV3tVcclf3MoZi2JBxahpwITk9aog8XFEltr_vH5jq0jx8Hf4skVDR_7yRAoparRZle4xqS6sSpCrs3nFTDBNYUK7eaqSljxonEjApvs3R-TswzemjKuJ8xFVYgdIUDinKfKdOvfwXF7ckSy_JEntFjwrqv9kQ8gWU9ettnGXIQEJWEv9eS92CmE7OOy__249ibwqSVcUJEPH1ydF3xElTvBh_zW3ihE7Jy-ts1pFid_GE8LVG9HRg_59kRDLJpExud2pEohLnzYxcK7hxAC_1K4oiaGkQQPsgZmXy119edkN9f9ZYAktKxoDi8xI72ApYKnoIGG5kuIzSNTz4TtQumqU0WGv36jO9PjTaE3alp-Gfkml74dHchyuJNJvu4P7Nc70IZLQUBwVvji_3-3CN5PM-T-zxqr7I_XIDz9nobxPXg8qyH2ikOFQja__qF0m1TegXIyTCznGSYy38bFSlprfbeWKJS3cvxhVT8NrgzHYmRps5v4E2ul8cEmR7MqvBsFXDP7aB8Yo9k7VERtq0zWZVOHsyo2nvL1LUcpgQr0gNuePbc8jf28YP0EsX0mnXQlUhXzIez1x5PEhn9xxybf57x6HGMHyUd-5nukT-l4vBj6wCyjF5C93jo2BDv-p1BInCiOO3rHFe7RVPv30IzysXsDhagt-xXvK85VtkPs-UzoQoaJIzLSzCzGMjtXXmlUUFBojpUSANB_EojMijoLYotUbzzGJPQKnILOl7uS6w4kgUX6PcftmAM6P3hagBslRegj9oBQR64hJMmZPmKpmywZokazjBVZQhp4H4sP95K_vOyraid3rfs2gcUSvnhLOIe2zsJRYtDhlRYTCybafSQKm9frxpBc_sPBRo2mCjKy6SNDTdRzK4HWU2q_LtxaM51qHGErc8sx9H6kNrRZc-lcLrEBrENCYiwcWSAdz_MrO9y37mW-sYcI6qBwBySynNhJup3TKNodZ612UhznADobIEeDBSW_DGYUr_scbC9w1BL-_h0-fpIXuJpPGCdwXk54XCEhtpsqEomUo5e3cExt20ar2_cE0Nz5L0L0kKoSlM70_pX-NJOdVC5D3lQF3OlYaNDfSXK5925xZMqwGuG0UWuU3kdrZbi5XgMFgtYNW5fsy-MgoamwydSVukAaHxy6EVTyvHw0UHaSZxotW0efBx-sgfOFJgCtc-qIsDs2wwBcsOhujwxY66sDCA3JzCb5MTFvURZyY3Jo40mS86kbjsjj9-Wt9mTtnr6JpDI7r3qwaeVsdh_0AD58xkSSnr8HYxKYr-R-1gto8nYONnfzbHIwWDr83S9IcOBP-g-zibmTB-CX96GZXFUsyNIIOpCIEY-di7PyzPJu-wuk-6BzMh5RQ74JKG-q2GSHVvxtnqyLumo6cyym-a5prlclS664YkiU-wUOhqew6WivoN64NSI0FzXwr9uW18zcGI1P6dKJFW5yAqerAcFsBLO6DvSKVeor696qboJ8KpXeMIfqebdzbypFzFhgQTtZ-TrcsGfVIlylJOo0bZza9amstBLAep_tx_ESLG8zJ7RuwcrhKgYgBWn0fj3e1q6XGa0rQ0MYdX-FFUTnwKrhX6VZ_1QcIaFjPjR5mOSwyPyeWf-pOwZus8EuHTo205gAZTr7-I2rYM31OUhMgZKJVQhjdMwGq-zFNQtNrFATAeMNo9hnhwkNDsugQVURJ8RUcm6ojVTdVjTp4OLhnDW6r-w6gljcJBrY1SNAW7e2a_mU7k72ZH_WAqgbc8Hq9oP8E-oxkeOAdMXDix9X948lE4Xrumb4-V6hzTLCDUaCmhRUuFggSqNPdOEhQdPJTa3iluGVBqsVkN98MsdIfz7CnxfIJdjz0Mbtgphj5iNslszgRgWMFG6PiVfM-n0vqpaV3BtOkAtb8BY1pfhHpV2mdXJYWMkZ8w7eFpifqmHV1VMAt8ChyVKu69AtwO9_j3zHpSt8lQcz87LRdJZ4bDwZp7UJ0qrLN2a7cwiNoEmDGx9ep6RvApdT8m0zPeOiRxcCaAfmkcTq4ErEONLJKYf4WLBHDoNQrbycR7EZVOMxEf7kk5-CyLBje3gzP62x3N3ZkeHHfmHa2_t6evhg2-Vo2BSxpiu0am3C2XqmwAQKGqkc2YfEUSvwb9_Lewn-7RwtP_5z-llxSKvb7W1ei8a4ViY52hCcJthwzGlKzGwupftOznjZKVXnN0c5hqPSZ3DXMIsEZEduz91TvziT9Vwy2MdX5qIMYwsEKu980S90CXhp5CDXMQw5fAIoc3X3fsFJbX2K7EccsSJnj7bwdqnpr3eZIjrLehOcWW_C4CUbEmHypC5DTgsKoj-_81_Olr9SZjNKsWK6s3EEqNASQaVeFKlLwdHEYZZbjk3G5egKwmlBgr4bxMMM5w6R1dU3LhaFyA-qXPxW0-NRVxs2JL2CJtyQjRhE1dhkjJQZKx7dZ9gUtV7RdqI5SzQgofGeA5IbizcZDLVL14X2B-MNdp4AKMMJOf-DZRm_LYi_rtV3TNu5-KM_qk3Tn5GFkCkCPwXcXcW5fWXeR7ZCOxfxZ5RpubWNh7NCt0I3CYpZ69LDRz9uBtQHGY3CI0SofkSYCIbIia-KG74obxQEs_HdeiFGlArny5ovE55ylszqNE8bYNM7J7JYJCeniSKmqCjIPA6_wDhzY45buBx8oot3mvn0nDdNYK5Y24grMC1fw2gASGA9pA5xlHMNnLEDKsBzDM3HcDh41uPsAnKbD9L_Oy9RN2B8PPQg3cezTED0zltgh2Xd6iL9OBx8DvTFtdZXhGPvwVlUFMfFRghGL8xRGbRrJSrGVrVCoBiyvJFMnCD0_fcb3rvaLKM_UVSMSOu4f75BwCAJB9hHC2DoOsNfzaOnnn2f6xmnQRYrrRNzgCzHzl53JOff66nJy1LgwX-usS2m7JF0DD2yBFfX3YLTTSu1yEj8gzRHAveeDI8xDgRA&cid=CAQSPADq26N9JkzxINpV4lYJf4y2HiZuXR9nPnEEc4ivbbWPR5-oeMAijJ09MRD2ULO_mSVoahILdwG0HEu7oRgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.adorocinema.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
27428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 10:10:49 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame C136
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay_QWt8MMCOTSZDXBpg5-pUGi3PfXnFDUuKVe0Uy6F61Qr5Yl88QCbmVeqQL_bYRINmlGgvPH_ZR2avC1ohCqwvEUJ0i5xsT1NhaadbgoLKBZpcmfumW6xPcw1ApMk9K7TqP2O6hiQLfTKuQHKIMV3SNiy3p5COxkJWXM7HL9x1qVfnJ8&dbm_d=AKAmf-CaK9qk_dVyi1KVB2kV_CU0-z5AGY9UkztR_ppIl5TKUJSHgibWOWh-DBkjP0XaqBjI1rqMoZPoa4eLb5CXr3aaA9eRN1ztVq2x5Fj7d6BuIOmmolg6pIcuupurvJp7BD5ZNh-IZmeToaNzomma5qkrZfkYDw9u_4zJCrmM6Wejx1Wu9Lv1AFWC66cbkwpC7IiJiAr-D4NY44yQBYjunW-c-E_av5pSk54RTfeb5BwZhLHch5aQEVtdeQmExBIRQyrK_JOztogO5dHw3uoMyZRlowJHtp8Hn2B63r6DVEZZ9b4L9NjekiX21N4qlGJQZGLfUcSI_5HD88qt9ZsIYOYT80gdU2J4-aOr-ObnfWnO3sVrv0z4PGp0Whf3J0Tp7ew9Okf4gTSV3tVcclf3MoZi2JBxahpwITk9aog8XFEltr_vH5jq0jx8Hf4skVDR_7yRAoparRZle4xqS6sSpCrs3nFTDBNYUK7eaqSljxonEjApvs3R-TswzemjKuJ8xFVYgdIUDinKfKdOvfwXF7ckSy_JEntFjwrqv9kQ8gWU9ettnGXIQEJWEv9eS92CmE7OOy__249ibwqSVcUJEPH1ydF3xElTvBh_zW3ihE7Jy-ts1pFid_GE8LVG9HRg_59kRDLJpExud2pEohLnzYxcK7hxAC_1K4oiaGkQQPsgZmXy119edkN9f9ZYAktKxoDi8xI72ApYKnoIGG5kuIzSNTz4TtQumqU0WGv36jO9PjTaE3alp-Gfkml74dHchyuJNJvu4P7Nc70IZLQUBwVvji_3-3CN5PM-T-zxqr7I_XIDz9nobxPXg8qyH2ikOFQja__qF0m1TegXIyTCznGSYy38bFSlprfbeWKJS3cvxhVT8NrgzHYmRps5v4E2ul8cEmR7MqvBsFXDP7aB8Yo9k7VERtq0zWZVOHsyo2nvL1LUcpgQr0gNuePbc8jf28YP0EsX0mnXQlUhXzIez1x5PEhn9xxybf57x6HGMHyUd-5nukT-l4vBj6wCyjF5C93jo2BDv-p1BInCiOO3rHFe7RVPv30IzysXsDhagt-xXvK85VtkPs-UzoQoaJIzLSzCzGMjtXXmlUUFBojpUSANB_EojMijoLYotUbzzGJPQKnILOl7uS6w4kgUX6PcftmAM6P3hagBslRegj9oBQR64hJMmZPmKpmywZokazjBVZQhp4H4sP95K_vOyraid3rfs2gcUSvnhLOIe2zsJRYtDhlRYTCybafSQKm9frxpBc_sPBRo2mCjKy6SNDTdRzK4HWU2q_LtxaM51qHGErc8sx9H6kNrRZc-lcLrEBrENCYiwcWSAdz_MrO9y37mW-sYcI6qBwBySynNhJup3TKNodZ612UhznADobIEeDBSW_DGYUr_scbC9w1BL-_h0-fpIXuJpPGCdwXk54XCEhtpsqEomUo5e3cExt20ar2_cE0Nz5L0L0kKoSlM70_pX-NJOdVC5D3lQF3OlYaNDfSXK5925xZMqwGuG0UWuU3kdrZbi5XgMFgtYNW5fsy-MgoamwydSVukAaHxy6EVTyvHw0UHaSZxotW0efBx-sgfOFJgCtc-qIsDs2wwBcsOhujwxY66sDCA3JzCb5MTFvURZyY3Jo40mS86kbjsjj9-Wt9mTtnr6JpDI7r3qwaeVsdh_0AD58xkSSnr8HYxKYr-R-1gto8nYONnfzbHIwWDr83S9IcOBP-g-zibmTB-CX96GZXFUsyNIIOpCIEY-di7PyzPJu-wuk-6BzMh5RQ74JKG-q2GSHVvxtnqyLumo6cyym-a5prlclS664YkiU-wUOhqew6WivoN64NSI0FzXwr9uW18zcGI1P6dKJFW5yAqerAcFsBLO6DvSKVeor696qboJ8KpXeMIfqebdzbypFzFhgQTtZ-TrcsGfVIlylJOo0bZza9amstBLAep_tx_ESLG8zJ7RuwcrhKgYgBWn0fj3e1q6XGa0rQ0MYdX-FFUTnwKrhX6VZ_1QcIaFjPjR5mOSwyPyeWf-pOwZus8EuHTo205gAZTr7-I2rYM31OUhMgZKJVQhjdMwGq-zFNQtNrFATAeMNo9hnhwkNDsugQVURJ8RUcm6ojVTdVjTp4OLhnDW6r-w6gljcJBrY1SNAW7e2a_mU7k72ZH_WAqgbc8Hq9oP8E-oxkeOAdMXDix9X948lE4Xrumb4-V6hzTLCDUaCmhRUuFggSqNPdOEhQdPJTa3iluGVBqsVkN98MsdIfz7CnxfIJdjz0Mbtgphj5iNslszgRgWMFG6PiVfM-n0vqpaV3BtOkAtb8BY1pfhHpV2mdXJYWMkZ8w7eFpifqmHV1VMAt8ChyVKu69AtwO9_j3zHpSt8lQcz87LRdJZ4bDwZp7UJ0qrLN2a7cwiNoEmDGx9ep6RvApdT8m0zPeOiRxcCaAfmkcTq4ErEONLJKYf4WLBHDoNQrbycR7EZVOMxEf7kk5-CyLBje3gzP62x3N3ZkeHHfmHa2_t6evhg2-Vo2BSxpiu0am3C2XqmwAQKGqkc2YfEUSvwb9_Lewn-7RwtP_5z-llxSKvb7W1ei8a4ViY52hCcJthwzGlKzGwupftOznjZKVXnN0c5hqPSZ3DXMIsEZEduz91TvziT9Vwy2MdX5qIMYwsEKu980S90CXhp5CDXMQw5fAIoc3X3fsFJbX2K7EccsSJnj7bwdqnpr3eZIjrLehOcWW_C4CUbEmHypC5DTgsKoj-_81_Olr9SZjNKsWK6s3EEqNASQaVeFKlLwdHEYZZbjk3G5egKwmlBgr4bxMMM5w6R1dU3LhaFyA-qXPxW0-NRVxs2JL2CJtyQjRhE1dhkjJQZKx7dZ9gUtV7RdqI5SzQgofGeA5IbizcZDLVL14X2B-MNdp4AKMMJOf-DZRm_LYi_rtV3TNu5-KM_qk3Tn5GFkCkCPwXcXcW5fWXeR7ZCOxfxZ5RpubWNh7NCt0I3CYpZ69LDRz9uBtQHGY3CI0SofkSYCIbIia-KG74obxQEs_HdeiFGlArny5ovE55ylszqNE8bYNM7J7JYJCeniSKmqCjIPA6_wDhzY45buBx8oot3mvn0nDdNYK5Y24grMC1fw2gASGA9pA5xlHMNnLEDKsBzDM3HcDh41uPsAnKbD9L_Oy9RN2B8PPQg3cezTED0zltgh2Xd6iL9OBx8DvTFtdZXhGPvwVlUFMfFRghGL8xRGbRrJSrGVrVCoBiyvJFMnCD0_fcb3rvaLKM_UVSMSOu4f75BwCAJB9hHC2DoOsNfzaOnnn2f6xmnQRYrrRNzgCzHzl53JOff66nJy1LgwX-usS2m7JF0DD2yBFfX3YLTTSu1yEj8gzRHAveeDI8xDgRA&cid=CAQSPADq26N9JkzxINpV4lYJf4y2HiZuXR9nPnEEc4ivbbWPR5-oeMAijJ09MRD2ULO_mSVoahILdwG0HEu7oRgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.adorocinema.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:10:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
27427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 10:10:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C136
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcI7UtyiKcF0XBwRXxcK3Vxoz1sfnVXZ4lzgVfM2HmkOBHTbPz96LMeMbEXKlAfEUGqg2EOwdYqjITBlzGBIuXWaWpTJebluivyKLw5_NCSD7srpEXem9vsn63QT_8s2LOIhQO78hBOuDoNoHcqUtDCcNZpEun2MjOxfwuYUuLdaomJeMmYhjlRKeD_FZrAkdwyQn2_jslaGaeg85A-w41lBmK1utaWQ870uGcIufhBzc2lIyZp2vKnhDARvPc1SuC0uFgtXwL3-WUj5R1-MFNlKTsSJqRt0m1ZYeXXhCRrJR2TpNw2VD9sRkLmYnOBCrdtNnD8M3yBZBr_tdJhaV218cibvvbs4EXMVvV3IMkLXgT7BWZJAUDJlR_OzH6Qm1FtAYUK4Pb7W7SLAqxkXxwvy_BN07FyFRZ2O8PcyY4rE2IHXvhT2b-WVjOiFhB77le-NS_0Cos9qs02EVDbm3njuFx3JoJwPImn0cponq1liwsPjSp4GAvvWSiRuh8gm-HjutTb6jGAL0MCLbHYUZJfWcn7TkQLF1fKCUEnE_CtxgS8m0AJmGdihGCYFRrYfMHDxR3D1fJgtPkLSQ9kNO8FA1TRpsNUpT8FLIaZqyN7kEj3dXDLumNJ8axaOHecrVK1ioVt9URdS80cUprdEqw54tnWthJV9ua2HOTy20xgYyNm_8acUCj6WROT7j-U1ZiLe0qvBIgsNXAkpf4kEdTb_sNXvdiMdHlJIIe8lf-27CCW4H4_qhOyh9I8kAZcaKYIAryUWdT5kxrD6kDWWGo5WOiMDBmyFfI8ObGVwXE4NgsQZYGP987-HVtHvq3BcqaqXdFFeIG8MrXLYLIq0hE0_XqqJBzoM9mYFaGjM6lOez24VNs3Gvq3Hvcfvaw0uDQwvUUTEBf3nQdQ0Wmd4MjZE4VS8hDePVmyFg7KlqzRCGe1h35cU0VUiYI2vs8E4v4pMmPJtzOxlCUfeQ-WyLncbITeH2NLvR1q4Jfl0Y-z4O2Adu2jbDp67jSG7_JqTusHNM1FwnYeQHiAnUJAsI1CcjYsZPKcBSwfwkTTmBUt78H1xYV-rHLFy_PGubGWRB-OUHo0qr7kBXsiHjjZVTusnZ2ZfhydRyoXn-JBES90qQGyfKMI4sv4hUfFE8Vc__rbU_ry4cA53jLnMN6iuzPskM_4JsfBi-_0mLDjRJgTmbPyIrH0qZCJxcGlg&sai=AMfl-YTZviVccaGCBiOYMuh8vcRP_BcYid4dDaB3XfvFzegPXcm60mvGwQY6vtvl9mFMwPBH7Io0WrJHfB_ovhjpNALIj0Z7XMIozFi_b-MwLeKsv7_sXOEBSvHRCgJMxcqXuAJF8K26LT6CMwvvyK1_nvG-18RPJ1eWkv4kYRKlZ-NtzLE3DOCjFV82Tw4Eo_3ydYZfwYZv977bWaqLV2gfxbQSMemxKN-nP0I5WKq8OLZz6U4Y441ztwr1e-PL1z02bHbVoBsPljZv2w&sig=Cg0ArKJSzFadFNXM3iBoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=2&dett=2&cstd=0&cisv=r20221110.07874&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay_QWt8MMCOTSZDXBpg5-pUGi3PfXnFDUuKVe0Uy6F61Qr5Yl88QCbmVeqQL_bYRINmlGgvPH_ZR2avC1ohCqwvEUJ0i5xsT1NhaadbgoLKBZpcmfumW6xPcw1ApMk9K7TqP2O6hiQLfTKuQHKIMV3SNiy3p5COxkJWXM7HL9x1qVfnJ8&dbm_d=AKAmf-CaK9qk_dVyi1KVB2kV_CU0-z5AGY9UkztR_ppIl5TKUJSHgibWOWh-DBkjP0XaqBjI1rqMoZPoa4eLb5CXr3aaA9eRN1ztVq2x5Fj7d6BuIOmmolg6pIcuupurvJp7BD5ZNh-IZmeToaNzomma5qkrZfkYDw9u_4zJCrmM6Wejx1Wu9Lv1AFWC66cbkwpC7IiJiAr-D4NY44yQBYjunW-c-E_av5pSk54RTfeb5BwZhLHch5aQEVtdeQmExBIRQyrK_JOztogO5dHw3uoMyZRlowJHtp8Hn2B63r6DVEZZ9b4L9NjekiX21N4qlGJQZGLfUcSI_5HD88qt9ZsIYOYT80gdU2J4-aOr-ObnfWnO3sVrv0z4PGp0Whf3J0Tp7ew9Okf4gTSV3tVcclf3MoZi2JBxahpwITk9aog8XFEltr_vH5jq0jx8Hf4skVDR_7yRAoparRZle4xqS6sSpCrs3nFTDBNYUK7eaqSljxonEjApvs3R-TswzemjKuJ8xFVYgdIUDinKfKdOvfwXF7ckSy_JEntFjwrqv9kQ8gWU9ettnGXIQEJWEv9eS92CmE7OOy__249ibwqSVcUJEPH1ydF3xElTvBh_zW3ihE7Jy-ts1pFid_GE8LVG9HRg_59kRDLJpExud2pEohLnzYxcK7hxAC_1K4oiaGkQQPsgZmXy119edkN9f9ZYAktKxoDi8xI72ApYKnoIGG5kuIzSNTz4TtQumqU0WGv36jO9PjTaE3alp-Gfkml74dHchyuJNJvu4P7Nc70IZLQUBwVvji_3-3CN5PM-T-zxqr7I_XIDz9nobxPXg8qyH2ikOFQja__qF0m1TegXIyTCznGSYy38bFSlprfbeWKJS3cvxhVT8NrgzHYmRps5v4E2ul8cEmR7MqvBsFXDP7aB8Yo9k7VERtq0zWZVOHsyo2nvL1LUcpgQr0gNuePbc8jf28YP0EsX0mnXQlUhXzIez1x5PEhn9xxybf57x6HGMHyUd-5nukT-l4vBj6wCyjF5C93jo2BDv-p1BInCiOO3rHFe7RVPv30IzysXsDhagt-xXvK85VtkPs-UzoQoaJIzLSzCzGMjtXXmlUUFBojpUSANB_EojMijoLYotUbzzGJPQKnILOl7uS6w4kgUX6PcftmAM6P3hagBslRegj9oBQR64hJMmZPmKpmywZokazjBVZQhp4H4sP95K_vOyraid3rfs2gcUSvnhLOIe2zsJRYtDhlRYTCybafSQKm9frxpBc_sPBRo2mCjKy6SNDTdRzK4HWU2q_LtxaM51qHGErc8sx9H6kNrRZc-lcLrEBrENCYiwcWSAdz_MrO9y37mW-sYcI6qBwBySynNhJup3TKNodZ612UhznADobIEeDBSW_DGYUr_scbC9w1BL-_h0-fpIXuJpPGCdwXk54XCEhtpsqEomUo5e3cExt20ar2_cE0Nz5L0L0kKoSlM70_pX-NJOdVC5D3lQF3OlYaNDfSXK5925xZMqwGuG0UWuU3kdrZbi5XgMFgtYNW5fsy-MgoamwydSVukAaHxy6EVTyvHw0UHaSZxotW0efBx-sgfOFJgCtc-qIsDs2wwBcsOhujwxY66sDCA3JzCb5MTFvURZyY3Jo40mS86kbjsjj9-Wt9mTtnr6JpDI7r3qwaeVsdh_0AD58xkSSnr8HYxKYr-R-1gto8nYONnfzbHIwWDr83S9IcOBP-g-zibmTB-CX96GZXFUsyNIIOpCIEY-di7PyzPJu-wuk-6BzMh5RQ74JKG-q2GSHVvxtnqyLumo6cyym-a5prlclS664YkiU-wUOhqew6WivoN64NSI0FzXwr9uW18zcGI1P6dKJFW5yAqerAcFsBLO6DvSKVeor696qboJ8KpXeMIfqebdzbypFzFhgQTtZ-TrcsGfVIlylJOo0bZza9amstBLAep_tx_ESLG8zJ7RuwcrhKgYgBWn0fj3e1q6XGa0rQ0MYdX-FFUTnwKrhX6VZ_1QcIaFjPjR5mOSwyPyeWf-pOwZus8EuHTo205gAZTr7-I2rYM31OUhMgZKJVQhjdMwGq-zFNQtNrFATAeMNo9hnhwkNDsugQVURJ8RUcm6ojVTdVjTp4OLhnDW6r-w6gljcJBrY1SNAW7e2a_mU7k72ZH_WAqgbc8Hq9oP8E-oxkeOAdMXDix9X948lE4Xrumb4-V6hzTLCDUaCmhRUuFggSqNPdOEhQdPJTa3iluGVBqsVkN98MsdIfz7CnxfIJdjz0Mbtgphj5iNslszgRgWMFG6PiVfM-n0vqpaV3BtOkAtb8BY1pfhHpV2mdXJYWMkZ8w7eFpifqmHV1VMAt8ChyVKu69AtwO9_j3zHpSt8lQcz87LRdJZ4bDwZp7UJ0qrLN2a7cwiNoEmDGx9ep6RvApdT8m0zPeOiRxcCaAfmkcTq4ErEONLJKYf4WLBHDoNQrbycR7EZVOMxEf7kk5-CyLBje3gzP62x3N3ZkeHHfmHa2_t6evhg2-Vo2BSxpiu0am3C2XqmwAQKGqkc2YfEUSvwb9_Lewn-7RwtP_5z-llxSKvb7W1ei8a4ViY52hCcJthwzGlKzGwupftOznjZKVXnN0c5hqPSZ3DXMIsEZEduz91TvziT9Vwy2MdX5qIMYwsEKu980S90CXhp5CDXMQw5fAIoc3X3fsFJbX2K7EccsSJnj7bwdqnpr3eZIjrLehOcWW_C4CUbEmHypC5DTgsKoj-_81_Olr9SZjNKsWK6s3EEqNASQaVeFKlLwdHEYZZbjk3G5egKwmlBgr4bxMMM5w6R1dU3LhaFyA-qXPxW0-NRVxs2JL2CJtyQjRhE1dhkjJQZKx7dZ9gUtV7RdqI5SzQgofGeA5IbizcZDLVL14X2B-MNdp4AKMMJOf-DZRm_LYi_rtV3TNu5-KM_qk3Tn5GFkCkCPwXcXcW5fWXeR7ZCOxfxZ5RpubWNh7NCt0I3CYpZ69LDRz9uBtQHGY3CI0SofkSYCIbIia-KG74obxQEs_HdeiFGlArny5ovE55ylszqNE8bYNM7J7JYJCeniSKmqCjIPA6_wDhzY45buBx8oot3mvn0nDdNYK5Y24grMC1fw2gASGA9pA5xlHMNnLEDKsBzDM3HcDh41uPsAnKbD9L_Oy9RN2B8PPQg3cezTED0zltgh2Xd6iL9OBx8DvTFtdZXhGPvwVlUFMfFRghGL8xRGbRrJSrGVrVCoBiyvJFMnCD0_fcb3rvaLKM_UVSMSOu4f75BwCAJB9hHC2DoOsNfzaOnnn2f6xmnQRYrrRNzgCzHzl53JOff66nJy1LgwX-usS2m7JF0DD2yBFfX3YLTTSu1yEj8gzRHAveeDI8xDgRA&cid=CAQSPADq26N9JkzxINpV4lYJf4y2HiZuXR9nPnEEc4ivbbWPR5-oeMAijJ09MRD2ULO_mSVoahILdwG0HEu7oRgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.adorocinema.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Nov 2022 17:47:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 29 Nov 2022 17:47:58 GMT
impression_pixel
t.myvisualiq.net/ul_cb/ Frame C136
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28129137&si=7080037&ci=174160234&pi=340751602&ad=532516461&advt=8311042&chnl=-7&vndr=115&sz=10125&u=$$26255540_1638...
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28129137&si=7080037&ci=174160234&pi=340751602&ad=532516461&advt=8311042&chnl=-7&vndr=115&sz=10125&u=$$2625554...
43 B
573 B
Image
General
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28129137&si=7080037&ci=174160234&pi=340751602&ad=532516461&advt=8311042&chnl=-7&vndr=115&sz=10125&u=$$26255540_16388744155_433584435$$&viq_did=&pt=i
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
54.227.133.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-133-78.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 29 Nov 2022 17:47:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28129137&si=7080037&ci=174160234&pi=340751602&ad=532516461&advt=8311042&chnl=-7&vndr=115&sz=10125&u=$$26255540_16388744155_433584435$$&viq_did=&pt=i
Date
Tue, 29 Nov 2022 17:47:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ad_impression.gif
beacon.krxd.net/ Frame C136
0
339 B
Image
General
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=vowt70n93&advertiserid=8311042&campaignid=28129137&siteid=7080037&sitename=N778265.4162781DV360IT0&placementid=340751602&adid=532516461&creativeid=174160234
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.90.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-90-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Tue, 29 Nov 2022 17:47:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1669744078
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8A1A
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
27428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 10:10:49 GMT
etag
48472445140208031
expires
Wed, 30 Nov 2022 10:10:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C136
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5945022605fdc9e1d62910c3aec237be1d48181b5800716f8ebb92940ae2e3d1

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 8A1A
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEECLF1Sttyvwy5gd0l7ak8g&google_cver=1&google_push=ASkJ3Fa1tXJShQ-PuewqRboP8_1yAllqoSHlOaUhFcFQGldTEEULQEFwBv0MmQcjwKZFtsAlSF7hxsfWMODV6eglaH4hwAYd1wQl
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8A1A
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMcskKOqL0AQlgRE0OuMxp4&google_cver=1&google_push=ASkJ3FaLUVFj55FM693SCB5RPkKxngAjlA0NKMC_R9YZavBu0ZY862kuFKyXHRaF4Hy2xSofsSC6xBgPMAw...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FaLUVFj55FM693SCB5RPkKxngAjlA0NKMC_R9YZavBu0ZY862kuFKyXHRaF4Hy2xSofsSC6xBgPMAwdElIYjkESp2SavGY&google_hm=OY-qCnGoQZenIhw3z3ovztM
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FaLUVFj55FM693SCB5RPkKxngAjlA0NKMC_R9YZavBu0ZY862kuFKyXHRaF4Hy2xSofsSC6xBgPMAwdElIYjkESp2SavGY&google_hm=OY-qCnGoQZenIhw3z3ovztM
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:57 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FaLUVFj55FM693SCB5RPkKxngAjlA0NKMC_R9YZavBu0ZY862kuFKyXHRaF4Hy2xSofsSC6xBgPMAwdElIYjkESp2SavGY&google_hm=OY-qCnGoQZenIhw3z3ovztM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8A1A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP985LV2me7AHOgFx6oFYjA&google_cver=1&google_push=ASkJ3FZaGwoliP-PV1QcKVrfpyh5Q2fxdgRyG8hSK0C_5pn1lil7364hm0kvEs_lgdj9kN6RhmDQNTXxqeHQYqFqrUlF...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d935ef6a-9b4d-4f42-8dd1-cb71eb1df523&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZaGwoliP-PV1QcKVrfpyh5Q2fxdgRyG8hSK0C_5pn1lil7364hm0kvEs_lgdj9kN6RhmDQNTXxqeHQYqFqrUlFdcnjSEXH&google_hm=4tXBzNwuSbqJzocVc-QmsA==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZaGwoliP-PV1QcKVrfpyh5Q2fxdgRyG8hSK0C_5pn1lil7364hm0kvEs_lgdj9kN6RhmDQNTXxqeHQYqFqrUlFdcnjSEXH&google_hm=4tXBzNwuSbqJzocVc-QmsA==
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZaGwoliP-PV1QcKVrfpyh5Q2fxdgRyG8hSK0C_5pn1lil7364hm0kvEs_lgdj9kN6RhmDQNTXxqeHQYqFqrUlFdcnjSEXH&google_hm=4tXBzNwuSbqJzocVc-QmsA==
date
Tue, 29 Nov 2022 17:47:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8A1A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOwoexrqhCFcnO81reW5pfg&google_cver=1&google_push=ASkJ3FZRUX0MAZ6Ca4alCgKYPEwVmFRlD7CS1pRbUW7vThVM2Gl2R2gm-0zdROEx8zuDGDncQLJo1-cBQX3-pOvJlGGVbtG...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZRUX0MAZ6Ca4alCgKYPEwVmFRlD7CS1pRbUW7vThVM2Gl2R2gm-0zdROEx8zuDGDncQLJo1-cBQX3-pOvJlGGVbtGqNd6U&google_hm=eS05Z3M5T0FoRTJwRnFacV...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZRUX0MAZ6Ca4alCgKYPEwVmFRlD7CS1pRbUW7vThVM2Gl2R2gm-0zdROEx8zuDGDncQLJo1-cBQX3-pOvJlGGVbtGqNd6U&google_hm=eS05Z3M5T0FoRTJwRnFacVhySHguRTkyZEt1cmRBSU8xSn5B
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Nov 2022 17:47:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZRUX0MAZ6Ca4alCgKYPEwVmFRlD7CS1pRbUW7vThVM2Gl2R2gm-0zdROEx8zuDGDncQLJo1-cBQX3-pOvJlGGVbtGqNd6U&google_hm=eS05Z3M5T0FoRTJwRnFacVhySHguRTkyZEt1cmRBSU8xSn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8A1A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENS7ZPMkyVbgBoGNN8rPDKo&google_cver=1&google_push=ASkJ3FbagEimnI-qK4LabUxtMZfYNNidV8j9XcqjpjGUXhUwwO022QEiqDSjaTMJif6k5X03tFYceS1l...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkwMTE1NTc1ODc5OTc2MzgyOA&google_push=ASkJ3FbagEimnI-qK4LabUxtMZfYNNidV8j9XcqjpjGUXhUwwO022QEiqDSjaTMJif6k5X03tFYceS...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkwMTE1NTc1ODc5OTc2MzgyOA&google_push=ASkJ3FbagEimnI-qK4LabUxtMZfYNNidV8j9XcqjpjGUXhUwwO022QEiqDSjaTMJif6k5X03tFYceS1lfNeiLVdjSwqLGUfzmjQ5
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkwMTE1NTc1ODc5OTc2MzgyOA&google_push=ASkJ3FbagEimnI-qK4LabUxtMZfYNNidV8j9XcqjpjGUXhUwwO022QEiqDSjaTMJif6k5X03tFYceS1lfNeiLVdjSwqLGUfzmjQ5
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8A1A
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEDsI66bZMLb9EDZB0_-vh6E&google_cver=1&google_push=ASkJ3FbHn1MsfllMXYSIB08L6eB4FfYeJi9Gtd4YRHltrkwSFCopgYmsNFXHpKwdTEjN-pyNSRfeNq7pjqEZGJbkExtkwN...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDsI66bZMLb9EDZB0_-vh6E&google_cver=1&google_push=ASkJ3FbHn1MsfllMXYSIB08L6eB4FfYeJi9Gtd4YRHltrkwSFCopgYmsNFXHpKwdTEjN-pyNSRfeNq7pjqEZGJbk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3p6YAHf3SmmxpbFYjYBpNg&google_push=ASkJ3FbHn1MsfllMXYSIB08L6eB4FfYeJi9Gtd4YRHltrkwSFCopgYmsNFXHpKwdTEjN-pyNSRfeNq7pjqEZGJb...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3p6YAHf3SmmxpbFYjYBpNg&google_push=ASkJ3FbHn1MsfllMXYSIB08L6eB4FfYeJi9Gtd4YRHltrkwSFCopgYmsNFXHpKwdTEjN-pyNSRfeNq7pjqEZGJbkExtkwNJwth8
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3p6YAHf3SmmxpbFYjYBpNg&google_push=ASkJ3FbHn1MsfllMXYSIB08L6eB4FfYeJi9Gtd4YRHltrkwSFCopgYmsNFXHpKwdTEjN-pyNSRfeNq7pjqEZGJbkExtkwNJwth8
access-control-allow-origin
*
date
Tue, 29 Nov 2022 17:47:58 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame 8A1A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAMflJ4FAaOvFzXFPkknjWs&google_cver=1&google_push=ASkJ3FarIk6MKX-C2W8GXHOB7Um9v9gVuQcNoHAO2oEqwEcrPWazYNJJc2eQOm0sowAmvVdFuPg1PIipIOd...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FarIk6MKX-C2W8GXHOB7Um9v9gVuQcNoHAO2oEqwEcrPWazYNJJc2eQOm0sowAmvVdFuPg1PIipIOd1hHnBDAajphr86w4jvw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8A1A
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L7k2MC_wWGQ8mCkLshNhn93SQT6I_2vNgizVvv3r6HhKqObxW4NsmIMe1_5uJp2I4S7cFRrw
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=695904490517563&bg=!LC-lL2vNAAbvMpMzzzI7ACkAdvg8WlqwOx2PvSxziSpvJsZDe4nmtRz3Fvht0XxBEpKYz7rLgU1AbQIAAABQUgAAAAJoAQcKACoBhlQJHwFq6vXGumm2HlW_--FhzgTn1ZWA8vtN-56qUfAOlQD3uQWJcFaZAqi4Wb0DcUtQBQRYZ9WxwoNEtpsv-WoYg3a95AJdgBSv13e8w2LsXG3xEFjeUcvFZfyR-PVqm7G5j8utggjEfTFLABhgabby-3CaSjoPTtXg8jstzw8VsgtWCNa6UpFOAvNORCMYAJJ9JyuVrm2G5R8mv4busX91xX8nk4zf4KZFnipLhlcYF-u2ffJl8v-gQ_sNSJJi97uI5jb2oKx70XOsIZjoaLciK5LleGlFj62Yla5BdC8KDPxlSvrEjKGmskneVVo_mnkedAY2ntpMQH4pvMaKNAS0O5UBh6jwJ8E4uAEG0wAEIQ8vZ7vqKIBDnjIzbSOotjmT9nloWvKsK1nALomkmjjWDcOAmr5zLGv8RaOkk3Ml1jtsNlIw4M6CEQngOiDBWpVNeHPAAzABqmKwAT7SomNjBxislIcDQB0pbyQe6Eg0z5ZgSEyVnAvYT85xR9o39eOqG2LCFDsRKoJuA6JujlN8ybT2WXcIltVnH1DYvaCTiCWK-qpM9QON5MInWKZI-X-FYWwIVoC3I7JHtWSMBzdla4GwAGSBinuSEF1vXH1wUIyvgrdd5AGkxT43ObzupkCZZGl9EJjk8ZasAbTw7JPbAXSyOdvy-3kLFKFzk9VXNRAQPl-zCtQi3RqE8Bn0-LOvRzlD8lMrH7uCkjmRwRt3K21U8xaCrXlC9kSt7X7PsnjsBhDfJzXzdv0-iUSJRVofxRYfAg-UBH_g-2jgIgvKxb1qY4hapzMYX5WikVYDUmoIuFPhX7ssdKz1S9DMqAmiRTBHl-aCfyC1AdGavdNJpS4TVw2MDUnxjh3sfr_FulJlf__tg2VTe76JjqPP9vU90OXBY1s1TbxxLYOB7TPn6yluOzwECDPzD5hJ3vELi054Fugq-0qxlm5b4x0u_Sh3Fw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

/
pubads.g.doubleclick.net/pagead/interaction/ Frame DC38
42 B
536 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BCHzqzUWGY4BOmeXv9Q-w5I_oC8rptaxGAAAAEAEg2JOwVTgBWIjsxdCDBGD9gpGE6BGyARN3d3cuYWRvcm9jaW5lbWEuY29tugEJZ2ZwX2ltYWdlyAEF2gE_aHR0cHM6Ly93d3cuYWRvcm9jaW5lbWEuY29tL3Nlcmllcy9zZXJpZS0yMzM1NC90ZW1wb3JhZGEtNDA3MDgvmAKYdakCE5W_YLUDiT7AAgLgAgDqAjkvMjE2MzY4NjA4MzcvQWRvcm9DaW5lbWEvc2VyaWVzcGFnZS9zZXJpZXNwYWdlX3NlYXNvbnBhZ2X4AvLRHpADjAaYA5wEqAMB4AQB0gUGEOeLufgWkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwHgBwHyBwIgAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=ZWZv1t7f5UE&label=part2viewed&ad_mt=6&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,4464%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15060%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D659245301%26psm%3D1%26psv%3D1%26psfv%3D1%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1669744078114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=1;dc_exteid=12036405270064603275;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame DC38
42 B
494 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=1;dc_exteid=12036405270064603275;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,4464%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15060%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D659245301%26psm%3D1%26psv%3D1%26psfv%3D1%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1669744078114?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DC38
42 B
63 B
Image
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCGzJxs8x6f9EsqDfQvDBSusMfsbWzxKvbCb35NDIjZgxVoV83XhoIpgNwE8sgjJ8xVh-f5D3rtveHRtABv6NsTk8qwK831H_BIfCEgNlpObLoscZlf-e4EY5vSfmutI4y06eV2fyIIOa0t8WMkRavASekUwjkYY2Ypit3dIJLsoXE8Rs&cry=1&dbm_d=AKAmf-D7pkbhX9hnmPPFZ9HPXlVMeEA22RATa47FIz7PWDS3gLLB2LMU43l-WQqx4xmnPovd5ZugzwUWzNlBlDRrhV0UHWPxFFCSoqlzA2d3-Ca7-tv0tTlio_79PyGWKWobTa2tPzpHoRN0chruLQ6bmVpRxedPl10mtSSKirC5_cUM-B5vY0hxDoUAYH3tZYo4yKEVrcK0QSdYQJ4rtC1SmGRYmKJEhEKpruBYexXRkS55XW3GWhYBubi6MObTLoeRdxgP0ymgE6FKgWb9D7Xrld4tJ-tXi_tI2Bbr5L8Zh8O4CO94sTskpTfWMCfzPL0cdYqLfDUgtCHi5EXrtQmunGe8Zv2s_FJ5UgFnUKJ1dHyi43oo_0ZgA_i_Wmuf5OMOyQGvq4mnEnXulgCqLrfef9QaYivXb9r6jbbxofb2khJZPNq7-qa9n_aimUkYXUHJzE6IXrnlNIzUN1L8tjo76PBu_-3IBwyzpupvvq0DV39qSev_6lLol2KvbPHTCXPlRWFUhnH9ovNllo_ivfy6_TT4ZA5xugypTthnxdcJy7qxOqzIx6bgM3Qnz6WXWnD7ct-tN-V5-fPc7cg9lZM_cDH7bBkm9daatyrs5IY9Zv-nCRkPdlkweEOeVpWeL9O2gkYisvA3kW5o401-_9fWc1F3SesLIYRwtezSQ7wJZjmaWLPnmgfBOFqqbP1ENdsluasdIm6L6yF45lN--zxSBtO5w6WvSD2Niydm3BI9x4Xx1RoUkUjkkUg1re2vlfoRLyPNa-gTjog9oRa0T2ju3-xtZeDqEkx3SkTfFr-Zq3JabPNpCeEO_6HKV38GyqTRIhLBUhfgVWKnlSJFYs6JmOrzgAg8Tp53Fa8_kYdBALZlRffAACW5Cf36-1FkgJfpfw9_44M8GAfaXXWrt0D2oJg-MaxfBvYLQ3ebE_Q1qAIjKh7wL4wzvHv6gM0Q4ymcW7iU058MJJoPwTZmkCg7bo9zmMbGPRzU0Xi1anwPO1tQJrO9-AF9lUgcfjJmuLJVMVwb_Mvfeib-hzj7ZMrJlz9mGPDJC2XdLMD9ZnsL5Eb1SXgJXkjt6i_6VoQI0DubFE1gESXktrhmQhWgDWy3a5Wpa4KTXLRmlDSaWf3ENcA4jArw9U9-v4yDjuPyFxIj1r9AKtqFiPsz1ZrinDcRFm-7_zIUrsHocvoTeBG2xrVNxefiH5j-QUqZ6tC4-t-yUFtB2iwbivPwEeNS3pGuHnNTbVk8x6vG2tnn6c54O5CqfDV6LexPvwbaPfFKOezC3N1gpsLiCdZ6VDXQHqDq0dlhWdbkVMy93Fo-bmT5xWfT4ch4SdcRQaOuVoZ-dJD3nyhxhDkmISTKxzeDp1onRQjXaxphvxFXY0pQFWswptsq5vSaQdtjNHnLD8inIJqs8gBsoVmYRBnGviRLxd6L6ylaXjofx3BXz97b-nuxGCRfjh8hcJQmfne_IabFAQlzcDGCUpQJT4ZaXkcGYPhmOft__ZBA8uuH6gZz2k0Bsr5Q8NmSSxhZuly_r6cOIlvCgir6xNaYFzFsNnmPHHHMpQ1fEIQ2b3QxOMiHwoYV2agdgjxTHZGPy1qOdNhxEZB-FkGC0yLoH0ImlFrBNLMo_5kItyAz11pMfEJdQ8zD9GtYfstRKCqrD_90GbM91djx44TAWE7bKh9umr9O0SEMb7Pb3qxpYPQ0gGLf9WHzwy2rOqhv1UwH_bmoWWkQ58YAQK_q1Jld0BfKmGfV11kOJbWaV3AQWjViZPf1gjXboSv1_KYzjf46RhDYm7on8OhjChmV2CdMTZaGSuc5MyJ3-IeORtEQbVHX21HPFPNFfJ5J61SY9C9FS9OG43GdzyzVZXLqoqt6tl_tBhsKJ62H7DOzprgHp1GS2ikUwb-yPUt_IfcU1z7huZpH4-UjoRRgDeY8Xtbgwy2jHmfmjpAHw23KY-lhOmJil0OrSdrKkQ-r8VahlBKoxBlkOVv8_u-ARitsTxtkM_0VcaOgjUExu45h-z6RaRbKg56Xxn_nF2AK3bO_jwtAQdJYqnnFWt4spxJ8a13Vm2C2FvFax01g2dGZfpsgopSH8mKQKXcy6w-fEwhr68w56Klb6wQeexGVDhOJgzoSvP9iQyrHEbs2RKrH_CaX5z4DkU31aOEhrDjb_P4f9wMMnS2CyaE5XdTSpiXyj84IqDicJRD21RWqLinck1u3fM0aA0IPJFi-xbda31SnF5FSyFfHypv6I7wT1sVVM2Ddke-4ttBCzoamjK_kSB0TNSB_pmMCWYLg5EgQdT94xn6fdqQAxqORYD6oOykGLMwcxD0DjiMSidp3rOfnfygdMeC8d9i8Y3koyseHSmAVTtoV4PM0yU0gXJPngdOARuUyCbdh6GuXGCYg8P6OP-PnaRj6JbUYxkvDStf6YVJmG7J9vg4l3AE8xaZuOn-J0OdjUYFg-BAqILbiAodqYo1WRBxyC4ioE_MYL2HW50336ILkzxY-qYtFrTwQiiQ_EKA9YRGyN49a4LGt_ZQF15GbmKvuvZt6w5iO3-X-nasn4v-fQ4u4vSNT6M0NVP-PX0zzNX4pgVA5A1bPwFJY9fWneVPKJ_jWGnmWyW1jXVj6IzY9K0A62kWdcDHhOP71xTsZntJ3-3LG0Ba2uG6MPNJuO2rCN_EoK3yiYvrIgrBHlEqxXs0Tej6bME0sOp-JqgXFBmp3muTizhAMTzH7deFGiVmW18KRxxgi1iY_kx3xVnde_aYcT_KiJKJMXcpv0SwPkYCgvwHRINhYkOrt4qlGYjLUXkMTkWvqbn3OadRA6lf47czAU7Ath7nVFm_7VVxaAkJ6d_CHDuCMOJNOM7iUuLBhHmnQnEckA4ila3XAxyXx7x0xfGsSLHIRRQOq2CV-em2gtm7BicuaIrAF3QMOU6trgGsNcdzbJL9LLK8TKDZ9N7GMGEGPCA0ibRe7TcIKefekzw5f_WkRBx0FZm9hPodSvbck27I9a-A1k4Mwf5SZw_WwMp1m6GXp_zOuyKlOGjSDiP8E986mPoozt1lWWK3_4ZvQ4qU0JUQR_H0lhHsDUZnLxTAO4gf4PPWeccel6RXD7jaBglV-FTyHM-QUw-kV7awlRzWFZVtCbyLBpwk0OTXjss2VOZTINxDxBb35jGz22qB01tp12fWnIv875RnOfsE5dRCZqdpoVzz1qlHdsgmXPn7LPqumKqtpiBsoDskeGGIZtYtClIAS8238S_ddSJf1dvXiQ71A02ZVb7YKx_y_lII8Qoj31zYaZ5_FWE_r9NptJeRvmPSD79aPwDbpNGQ0uzWaNZdz7uYSoXsW3RthxjjrUNXALhbOuDMuELW2OTtnrcDyeqfsqw-6VRPx0brmnw84HRxZNSoxwIHt1UPlQMFTgDTwYXdG9yKxo27La2Jqj7VEz5Xpi_KnOknQSU3JMrWqHC58E_JVHIMv00lJ2cZO9SQqP19hPZulCWDu7Tspd2_KGnYsrE4dIvKZG3xPm9waN6OdCElot86KzXkjDC9jZMX6MhtgAAxJRu4iJw8GwRy4DQA8aUy8d_UrlXpfB_kpYLVElkXCoh76tMjLL5PCrQVxLm2NPRzqbNig_8BKDJJaPX9eLsVKWNokZaWg00HTH770M3UpA9d8qQhxlRa6KqvOCsrt9uP_PV74q3CzCb9eIsGrMKl8OU9O0mlUHVb_cW52tj1u1PhapnwmPChXzW6RPOZscowFHQNq-QCw1qNaSn5p6k9xZ9F8V9O0PZ2I5rF2VtA9y6D7CibN4MHXBe28IAXvXJ32fDSxEeuXluqn7U0j6NlwwZHqJbnASNwBY60uAlrk-Os-qNTQxOdmlhguCVNp5bblx6rVzqrVLiC40qvIodr17_ywHwQf__m2Sb0JYuQE-q6QDpbk3a5QZ4tQQkMWVhlv-CTRool8c1wxOnNQfYBpmkTwls3z4ssmrvriOyhmq9s&cid=CAQSPADq26N9JkzxINpV4lYJf4y2HiZuXR9nPnEEc4ivbbWPR5-oeMAijJ09MRD2ULO_mSVoahILdwG0HEu7oRgBIBM&dc_pubid=1&dc_exteid=12036405270064603275&dc_av=524824&dc_sk=0&dc_ctype=35&dc_spid=CMDozbT50_sCFZnyuwgdMPIDvQ&dc_opmode=1&dc_ref=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DC38
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3E28Tm21Gym17auYpJJTXxP_0of6DzT99qQdmbNEqSxIVAmIAk8sQCoMxmwFOreNUIYUfzvRHcs0ItY-JALUxcsDgmh530VXeOSwuayrjh-Ocnc1u-zROoO4K1R2W5Hx0zBewPLGcFFXJn4g3DvwJ-dUN_hq464kgv2VzA2txGjuQacIu6AZCkNLB1reKju2y-L5kenLGFXj1cWoOhn7LlQ&sai=AMfl-YSby-ZrVzKGGDcDrFHqYkEC1cVHUHOV1HeJzgz2hCWb42E_OyjNOutFLaLUcXW92BlHU2H5B_Lkk3Tqdb_XfjqeHtT8qkoAf2sysNF50Tyf9INFeHKIiknZBdSSNs8&sig=Cg0ArKJSzJOV3V4XXmHdEAE&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,4464%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15060%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D659245301%26psm%3D1%26psv%3D1%26psfv%3D1%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1669744078114&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=1;dc_exteid=12036405270064603275;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D0,0,0,0,0%26mtos%3D0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame DC38
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=1;dc_exteid=12036405270064603275;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,4464%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15060%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D659245301%26psm%3D1%26psv%3D1%26psfv%3D1%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1669744078114?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame DC38
42 B
108 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BCHzqzUWGY4BOmeXv9Q-w5I_oC8rptaxGAAAAEAEg2JOwVTgBWIjsxdCDBGD9gpGE6BGyARN3d3cuYWRvcm9jaW5lbWEuY29tugEJZ2ZwX2ltYWdlyAEF2gE_aHR0cHM6Ly93d3cuYWRvcm9jaW5lbWEuY29tL3Nlcmllcy9zZXJpZS0yMzM1NC90ZW1wb3JhZGEtNDA3MDgvmAKYdakCE5W_YLUDiT7AAgLgAgDqAjkvMjE2MzY4NjA4MzcvQWRvcm9DaW5lbWEvc2VyaWVzcGFnZS9zZXJpZXNwYWdlX3NlYXNvbnBhZ2X4AvLRHpADjAaYA5wEqAMB4AQB0gUGEOeLufgWkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwHgBwHyBwIgAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=ZWZv1t7f5UE&label=vast_creativeview&ad_mt=6&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,4464%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15060%26vmtime%3D6%26is%3D275%26i0%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D659245301%26psm%3D1%26psv%3D1%26psfv%3D1%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1669744078114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
c.t.tailtarget.com/view/TT-10531-7/6POAL7BD93/ Frame DC38
43 B
107 B
Image
General
Full URL
https://c.t.tailtarget.com/view/TT-10531-7/6POAL7BD93/track?tZ=407776567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:58 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
img
cdn.navdmp.com/ Frame DC38
Redirect Chain
  • https://cdn.navdmp.com/cus?acc=55810&cus=235285&img=1
  • https://cdn.navdmp.com/img?acc=55810&cus=235285&img=1
43 B
118 B
Image
General
Full URL
https://cdn.navdmp.com/img?acc=55810&cus=235285&img=1
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:58 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
771d2be968b33760-MXP
content-length
43
content-type
image/gif

Redirect headers

date
Tue, 29 Nov 2022 17:47:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tuesday, 29-Nov-2022 17:47:58 GMT
server
cloudflare
content-type
text/html
location
https://cdn.navdmp.com/img?acc=55810&cus=235285&img=1
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
act
f0
cf-ray
771d2be86ede3760-MXP
csi
csi.gstatic.com/ Frame DC38
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lb2iig5x&c=4595979113727&slotId=2297989556863.5&qqid=CMDozbT50_sCFZnyuwgdMPIDvQ&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&br=1082&mt=video%2Fmp4&vs=1280x720&dm=15000&event_name=first_play&asset_bytes=146520&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=4&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.w7~videopreviewstarted.wa
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.366.js
static.adsafeprotected.com/ Frame C136
196 KB
61 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.366.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1095812/64317497/skeleton.js?ias_dspID=3&ias_campId=26255540&ias_pubId=pub-9189159586664939&ias_chanId=1&ias_placementId=16388744155&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gdKebH640e2OKnLyxGMUMd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:219c:1a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 21:37:52 GMT
x-amz-version-id
DTz7DAGx5H1oATkuvwxjIs9w8gvuFjKB
content-encoding
gzip
via
1.1 19fefe7d41cfedb99873c7b5cd95d410.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C2
age
677407
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 21 Nov 2022 19:50:49 GMT
server
AmazonS3
etag
W/"ca4194ffbaa3712186a83d16b497895d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
3FKusHbyW9CHzPk57j2OTn_HiI8faPeL86sgcbG7PYuddIM3-RTQnw==
container.html
7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4457
6 KB
3 KB
Document
General
Full URL
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adorocinema.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:47:57 GMT
expires
Wed, 29 Nov 2023 17:47:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runtime_10_22.min.js
cdn.clinch.co/a_js/dispad/ Frame 454D
134 KB
42 KB
Script
General
Full URL
https://cdn.clinch.co/a_js/dispad/runtime_10_22.min.js
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b4cb7fbcc4e77a640291a8825bafacd8ae0a2b2923929bd769555a4a6877f6f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:47:58 GMT
Content-Encoding
gzip
x-amz-request-id
T7GHX4MFD92QWDG1
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
ayCm80eG8GGd4EflSPxI7MKCkVsxftQy1qQgAdiOz5v24qo4PPRtjQx/VRwUxZ3fru1d/xgqvUk=
Last-Modified
Wed, 23 Nov 2022 11:51:57 GMT
Server
AmazonS3
ETag
"fe43c31854b7f1d1dddb95f853217390"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Cache-Control
max-age=31506112
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 29 Nov 2023 09:29:50 GMT
970ax250_v10_u1573858684_es_movie.js
cdn.clinch.co/a_styles/3600/js/ Frame 454D
76 KB
38 KB
Script
General
Full URL
https://cdn.clinch.co/a_styles/3600/js/970ax250_v10_u1573858684_es_movie.js
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c22698439e60a8b79817f1d27fa54b3607e87cb08ce2e3cca5dbd3e657313b7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:47:58 GMT
Content-Encoding
gzip
x-amz-request-id
C9ZND76HZ1W8XMN9
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
37841
x-amz-id-2
Mf6IV46gzKaVRW1XIyzEIlD4w3Ud45lWMZzKGTFccIuq2GheDQmkI+RsssGOQwaWL7t4ldmZxM4=
Last-Modified
Tue, 08 Nov 2022 10:52:09 GMT
Server
AmazonS3
ETag
"448bd7a45ef350e9a1d13eafd4d9c27c"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Cache-Control
max-age=29697424
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 08 Nov 2023 11:05:02 GMT
970ax250_v10_u1573858684_1574053069_mapping.js
cdn.clinch.co/a_styles/3600/js/ Frame 454D
10 KB
2 KB
Script
General
Full URL
https://cdn.clinch.co/a_styles/3600/js/970ax250_v10_u1573858684_1574053069_mapping.js
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83261ca5be5b6d29ea92b5c3c510ddfb50ca57aa3154ab0f0537d705ebb6ab79

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:47:58 GMT
Content-Encoding
gzip
x-amz-request-id
C9ZKDB8TK6H1887R
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
921
x-amz-id-2
2ZYUiLwE4mzWgmm46f/4VI/klbq9pV6awEwMp4AB3wvSk7VWENP1mlm3FHRu9snvhMwN4lfi9yo=
Last-Modified
Tue, 08 Nov 2022 10:52:09 GMT
Server
AmazonS3
ETag
"1577e475f58b5058760ff7fa4ef6c11d"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Cache-Control
max-age=29697424
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 08 Nov 2023 11:05:02 GMT
css2
fonts.googleapis.com/ Frame 4457
4 KB
636 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 17:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 16:59:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 17:47:58 GMT
css
fonts.googleapis.com/ Frame B0F8
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 17:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 16:17:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 17:47:58 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B0F8
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
21163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 11:55:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame B0F8
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 09:49:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
28692
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 09:49:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B0F8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 16:55:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B0F8
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
19545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:13 GMT
l
www.google.com/ads/measurement/ Frame B0F8
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMTh6wzsYg8B7TfXKsRzjk0GhlcdBUPwomKlG-r9QSP-HXRLZm4dznEQav0JRHUOlUBOxrlUi1Zxg-Mg23PjIxSbnCpA
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B0F8
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 17:47:58 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame B0F8
34 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.adorocinema.com
URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 15:56:11 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 4457
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 12:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
19545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8086
x-xss-protection
0
server
cafe
etag
7427986489964165156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:22:13 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4457
205 B
294 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:26:20 GMT
x-content-type-options
nosniff
age
4898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Nov 2023 16:26:20 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4457
604 B
918 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:40:12 GMT
x-content-type-options
nosniff
age
466
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Nov 2023 17:40:12 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7CA9
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
1154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:28:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DE7D
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
27429
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 10:10:49 GMT
etag
48472445140208031
expires
Wed, 30 Nov 2022 10:10:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame DE7D
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKRIaZkiwjN-UE0XMllZ2TE&google_cver=1&google_push=ASkJ3FZ_IMQlk3_3BDUY8bXNXB-7irEFBkNMjlfBu96nv4z5KNxoxq6P56JkbAl-bpzlOiOO9tZcpYrVWEqS2YpItldl6P7hSaap
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame DE7D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFHGtPmRw7RBT-0a5fiFl-0&google_cver=1&google_push=ASkJ3Fb8vys-cJe-hnJtVHSKRtT9C8tIiQwSVSysjjORxc_LS1ffQf11037IFn8lDyVSjQwA5M5Kc7sIj5w4ZbZI...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ZnljhkXMTACqrMsdtd0P4w&google_push=ASkJ3Fb8vys-cJe-hnJtVHSKRtT9C8tIiQwSVSysjjORxc_LS1ffQf11037IFn8lDyVSjQwA5M5Kc7sIj5w4ZbZIlJ4b3shj...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ZnljhkXMTACqrMsdtd0P4w&google_push=ASkJ3Fb8vys-cJe-hnJtVHSKRtT9C8tIiQwSVSysjjORxc_LS1ffQf11037IFn8lDyVSjQwA5M5Kc7sIj5w4ZbZIlJ4b3shjP8Ma
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 29 Nov 2022 17:47:59 GMT
Server
MT3 169 32252b7 master nrt-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=ZnljhkXMTACqrMsdtd0P4w&google_push=ASkJ3Fb8vys-cJe-hnJtVHSKRtT9C8tIiQwSVSysjjORxc_LS1ffQf11037IFn8lDyVSjQwA5M5Kc7sIj5w4ZbZIlJ4b3shjP8Ma
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 29 Nov 2022 17:47:58 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame DE7D
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHL_PLdDngjcPhCjoVDINL0&google_cver=1&google_push=ASkJ3FZyy-KuxyQvWO5pv2wfWyOWlY6cEKv7MxRejN5C6lgYuPdRR1frJFamGHv9MGsOgb1uRmIyPDyM0kmqfa2ukQkuRUvX3H-K
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 29 Nov 2022 17:47:57 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame DE7D
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEDsI66bZMLb9EDZB0_-vh6E&google_cver=1&google_push=ASkJ3FbG5wlxUVXcPfOZnN8hBR_t8QVAP2yLQWz7j3vH5tTGd241O5Jsdeb2QY191F8-ncAPB8JfrbgJ9NGPhs1Bbwr7RS...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3p6YAHf3SmmxpbFYjYBpNg&google_push=ASkJ3FbG5wlxUVXcPfOZnN8hBR_t8QVAP2yLQWz7j3vH5tTGd241O5Jsdeb2QY191F8-ncAPB8JfrbgJ9NGPhs1...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3p6YAHf3SmmxpbFYjYBpNg&google_push=ASkJ3FbG5wlxUVXcPfOZnN8hBR_t8QVAP2yLQWz7j3vH5tTGd241O5Jsdeb2QY191F8-ncAPB8JfrbgJ9NGPhs1Bbwr7RSUI-8aXCw
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3p6YAHf3SmmxpbFYjYBpNg&google_push=ASkJ3FbG5wlxUVXcPfOZnN8hBR_t8QVAP2yLQWz7j3vH5tTGd241O5Jsdeb2QY191F8-ncAPB8JfrbgJ9NGPhs1Bbwr7RSUI-8aXCw
access-control-allow-origin
*
date
Tue, 29 Nov 2022 17:47:58 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame DE7D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFbrkVOSuGQlUms01XKrYMA&google_cver=1&google_push=ASkJ3FZSx1pm9NYs4jFKqqJOL8ih3_1oY-BZoO2woP3xC1H8GEd3rB9Ue-cU1xZ-hYpwG0dcIA...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nbVNkWWxGRTJ1RlYuaEJOanhqM1dZX1BCVkx0NGdNU35B&google_push=ASkJ3FZSx1pm9NYs4jFKqqJOL8ih3_1oY-BZoO2woP3xC1H8GEd3rB9Ue...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nbVNkWWxGRTJ1RlYuaEJOanhqM1dZX1BCVkx0NGdNU35B&google_push=ASkJ3FZSx1pm9NYs4jFKqqJOL8ih3_1oY-BZoO2woP3xC1H8GEd3rB9Ue-cU1xZ-hYpwG0dcIAWu5gWa7uDEFupA7cWJLK5M9zgN9w
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nbVNkWWxGRTJ1RlYuaEJOanhqM1dZX1BCVkx0NGdNU35B&google_push=ASkJ3FZSx1pm9NYs4jFKqqJOL8ih3_1oY-BZoO2woP3xC1H8GEd3rB9Ue-cU1xZ-hYpwG0dcIAWu5gWa7uDEFupA7cWJLK5M9zgN9w
date
Tue, 29 Nov 2022 17:47:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame DE7D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAMflJ4FAaOvFzXFPkknjWs&google_cver=1&google_push=ASkJ3FYyOVkkE_Dd1T89NxPS59_08bb8-OFBn9dGpJpRSOtes9jhgTbjQRbEBQr8F3mgSb81rb5JaNPoH9L...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYyOVkkE_Dd1T89NxPS59_08bb8-OFBn9dGpJpRSOtes9jhgTbjQRbEBQr8F3mgSb81rb5JaNPoH9Lvmjlxu_0rFo1HCaiYh-w
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame DE7D
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOoLf5s7mrYv5Of4_6A9rWI&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FbOwV26USqmcGgAr-EaMR9NVajxpFRDdDU9ceC8UVW7_GrLgHoEgs2fn2XCFsxRUMUDDEFUxK8a_Oyd-P80-5U-wdGJrRo6ig
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires
Tue, 29 Nov 2022 17:47:58 GMT
pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DE7D
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqzeSxHnQJxfyE1rV67x870aNOBIiq0MnBmlqMyUFRlJGZch2NdZQTfuooktwXh0rL06UXNwgp
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:47:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7CA9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:47:58 GMT
expires
Tue, 29 Nov 2022 17:47:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:47:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 454D
17 KB
17 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1c96c6323d6da21573bb6affd4bdff4a380525df8e955062cb904c92cd697ce

Request headers

Referer
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/ Frame 454D
17 KB
17 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7f63544b1fc93e7a64c7b66271969dea03ff975fcecf7d21d5878d61a79257e

Request headers

Referer
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
/
img-cdn.clinch.co/img2/uda841/970/250/3/0a0a0a0/ Frame 454D
1 KB
1 KB
Image
General
Full URL
https://img-cdn.clinch.co/img2/uda841/970/250/3/0a0a0a0/?u=%2F%2Fcdn.clinch.co%2Fa_styles%2F3600%2F970a250%2Fassets%2FlogoBianco970_1652095968914_compressed.png
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6821 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
clinch /
Resource Hash
c4699c33fdb03d350e7a88a4ef93bbdae70a8a2c23d1a23bbdd589ab8ad96ef7

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:47:58 GMT
Server
clinch
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=689564
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
1170
frame1_970x250_1652095968936_compressed.jpg
cdn.clinch.co/a_styles/3600/970a250/assets/ Frame 454D
110 KB
110 KB
Image
General
Full URL
https://cdn.clinch.co/a_styles/3600/970a250/assets/frame1_970x250_1652095968936_compressed.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b7d1316a9939184f1258eef50d38b23d009ad2b8108ebcfddcf9425bef93903

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:47:58 GMT
x-amz-request-id
8M2NK92JWPTJWYS5
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
112192
x-amz-id-2
sSgEGEqLEp3fRznHdiOrYb+fH1EIzOR1gGogHCBC6BWEN0dIvnwIQ8pWORESV1DFUCOaejeX2Vg=
Last-Modified
Mon, 09 May 2022 11:33:15 GMT
Server
AmazonS3
ETag
"0c2ad335581fb561ca691ea0f5f7aa87"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=19445629
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 12 Jul 2023 19:21:47 GMT
/
img-cdn.clinch.co/img2/uda841/970/250/3/0a0a0a0/ Frame 454D
1 KB
1 KB
Image
General
Full URL
https://img-cdn.clinch.co/img2/uda841/970/250/3/0a0a0a0/?u=%2F%2Fcdn.clinch.co%2Fa_client_styles%2F27328%2F63788916745916.png
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6821 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
clinch /
Resource Hash
69516e52c61a27c7979fef7a870dbf2ec8a9d4a2b8b0e30b988173817c293d8a

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:47:58 GMT
Server
clinch
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=666887
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
1096
63804972422767.jpg
cdn.clinch.co/a_client_styles/35939/ Frame 454D
32 KB
32 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/35939/63804972422767.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
778bfe872d72aed064ec017387409b5ba160215df1ea3b7ad7e6beacb41b32c1

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:47:58 GMT
x-amz-request-id
1VPD7SCHYGCCKCJZ
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
32442
x-amz-id-2
Z4FH2sU821FQTmJ/DOX+uYk8dZYGoX2ngsshoYGaVQYD2znQCbX26goNR7S/twPUjZ5Yc+iSY8M=
Last-Modified
Fri, 25 Nov 2022 11:27:05 GMT
Server
AmazonS3
ETag
"b16d2f7cfc536a13bdf8f9a6281984b2"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31170433
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Sat, 25 Nov 2023 12:15:11 GMT
63794549054938.jpg
cdn.clinch.co/a_client_styles/29812/ Frame 454D
37 KB
38 KB
Image
General
Full URL
https://cdn.clinch.co/a_client_styles/29812/63794549054938.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
612ad9faaf90b148720a35dbe58c8814287ffee6078e7ac09e12470ff971ceb5

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:47:58 GMT
x-amz-request-id
1BATQND3G56GFC2A
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
37800
x-amz-id-2
3YeGUEVmv8aAstsSehs1aPnu653YQp3T11vKk/R/lkhwf1FRyhuJZlFtq0utyzhDJoYr7deH8vE=
Last-Modified
Wed, 27 Jul 2022 20:04:18 GMT
Server
AmazonS3
ETag
"b87e35adcbfb65f67cedda08596ca8ef"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=29665593
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 08 Nov 2023 02:14:31 GMT
frame3_970x250_1652095968924_compressed.jpg
cdn.clinch.co/a_styles/3600/970a250/assets/ Frame 454D
67 KB
68 KB
Image
General
Full URL
https://cdn.clinch.co/a_styles/3600/970a250/assets/frame3_970x250_1652095968924_compressed.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
347e7622a36ad1aa5921f361fb0a17cf07b00db982605b2cef67dd320792c781

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:47:58 GMT
x-amz-request-id
8M2QZZWBBVK791T8
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
68491
x-amz-id-2
EmGDYiCxcYwcvjieSnXFfvtItzssEeTOJTBbI4pJmHAy06PCq1d3wRwNjINg4hNW1+SBf8MA/cE=
Last-Modified
Mon, 09 May 2022 11:33:14 GMT
Server
AmazonS3
ETag
"f2596b40700abd876b3ceb07205ae5dd"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=19445619
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 12 Jul 2023 19:21:37 GMT
frame2_970x250_1652095968930_compressed.jpg
cdn.clinch.co/a_styles/3600/970a250/assets/ Frame 454D
64 KB
64 KB
Image
General
Full URL
https://cdn.clinch.co/a_styles/3600/970a250/assets/frame2_970x250_1652095968930_compressed.jpg
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab92a3916c175d01946bab6c38becb0af8f282b9ac47dc75725625e12a108e4c

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:47:58 GMT
x-amz-request-id
8M2X1BBVZTFV14WH
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
65092
x-amz-id-2
2HfWdywNhl3xrwNpCNcrwUZyyDF8bO/yervIM5zhH9v5aysLrnt5wgdwEiREN182SpMGkeZgxro=
Last-Modified
Mon, 09 May 2022 11:33:14 GMT
Server
AmazonS3
ETag
"e81ea3c0fc1c61ee08e77fdc27384aab"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=19445600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 12 Jul 2023 19:21:18 GMT
imp
trk.clinch.co/ Frame 454D
43 B
219 B
Image
General
Full URL
https://trk.clinch.co/imp?cid=uda841&caid=12379&caversid=13161&frmt=970a250&csid=35940&dsp=cm360_p1&plcid=Opel_IT_Programmatic_DV360&plc=285222&iid=815753c0-7282-41dd-a05a-6c0a5e804b06&env=web&fcpath=lZJhApJiEpJjAZJkAZJlwA&prd=Ecommerce&ids=Opel_Italy_BlackFriday_Generic_Promo&isrc=topItems&issrc=Black_Friday_-_Generic&feed=2469&tilid=11275&lpsrc=DSP&locsrc=Ip2LocDb&locsrcs=3533550333&dspiid=rnd-2551788693&dsp_caid=16388744155&dsp_ad_id=532516461&dsp_pub_id=DV360&domain=7080037&dsp_plc_id=340751602&dsp_insertion_order_id=26255540&dsp_crid=174160234&dsp_c0=[keyword_id]&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_dma=0&ct=IT&city=7980&st=CO&stName=Como&zip=20153&isp=m247%20europe%20srl&contype=2&tc=1,0000000000,00,,&a=1669744078609
Requested by
Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12379&format=_970ax250a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsv_cAW-_sFmDsyH7_VZCl2W2CJS-srTnVKHdMJI8ZhWYodFJXpe3VweTT2aNuZoWzu4MFROLyKjiNc5mmfSilgZaayGAg0qNFkSQy78284YMP71EjWPisUwWrHSKdKOxcGEpL4QBxG5_wa1NSTBvfeQELPXISBsBbqPSgA0Cl-DtZUbroLZv-iiS1xjmqux225oDZdyhbWGC1S-rD0oozwNJZmsBiG6pGGbVLyzHouQtiydlp65wj7__q4VCqCQWI5s1FCwN-SfVWduCTBTvuAt-uARQ94gVhaeBiG95M9bwyrG45W667Om3QzLeeBT65bQf2HCSJb-yl381Otot0eG8soroGTrzROsTybA61Y0PXxVc-D-F89jX-HAOshJfOdrwMSX1uArdT7jBXrVjhAfVncU-AhSzmMXyC6-zxigwxQzkEOlyj5dHjC4aeMyrkiTlXit8CgdHyBy5dP8NwGR3H4u2mG9oChSZ1mjcqxNZBXFp4CeJHYDtUKde1vEmBKyRk6MWf-qR7FZxV5vgvUeXKLVO8I-bTfsnwU2FjJtvNq9mABiX5NyoTEM0G84l8Lqyfcr_I2Cr070vC5WlZPBIMaZjXe8RuxE1QFpVV0-rmsjnEWDoahMVZGJ_f_7T6PjgINBsRloms72-mnyTyccgCtC-Op4kk-BQNqUS4n1Zjr75SKxJhFE0nL5QdNVzNZhAdE1tYe2ZrfY-Dq5GYzhSyQ8lW7mDbBRKuyckt-sfrKp__T61_3IAGwN-vwUxNDObr_q0wIxCPNzPTNhT-GLhA3YbP5zqmOrxu7MBv44BDJs5gHZnQyn8WLfM4bPrkuYv37_wvFXTkS4e7MFG2w6rssiFCPFLGPGW3l6Q-SNrP4jQIM8n2kas8oVgeK5uQsmQ8pojaTvNc_W04C90YXriZa7n1jnITnYDUyXiApbCMlYPohuJazmFGIYe7-WfN85F-0q502aDHkZRNl-ovcbBrjTi6XnmT28TlJv9jX-u5WXyzTR1zBj3_7pWPsmmY7nmpYtuNYU9A94BZeEjrVNZxoqgDkEQWFh4qIACtdn-TGo34phhPvgxkUwvcGawWOk8TmeL5f5KuVGEIIiPEOhny_Dy-OOhKJM8k0OZ0F-59FTd0QPtOlL4-BBsrv5Gw1H2UTbWjsaqcxYlN_QeFAQEkQdW9fiInEwdK0E4x6L7tLQPibwKOryo2Fs4G6o8vsau7Q%26sai%3DAMfl-YQjeLwrHZ6R62GHzSYNuBw9S8ll5cgCkgoKoASvf5yCZ289aRmJXXRtt3lKad1QuNLn_9X5hV4P7xxWgzbFZxeivell9HwFbBT8pmgDK5YvF4ng8j9SQzJYDWoEDE8fkHjG4g3stiAo97uCXCqPFwbjo89lNS9L4SWk9lI0K-5M1yO6JaM-zwAdrK4dhX9LwSZyi_HPSo5P8w8wB6ktuNkQ5opd-3-Xkk2i31UKZ5no_NuXxGnq76lJv0HlURvUrWWlmvtGR9ou7aRCGT4umutC%26sig%3DCg0ArKJSzLVxejFPoDPeEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Opel_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Dvowt70n93%26kxadvertiserid%3D8311042%26kxcampaignid%3D28129137%26kxsiteid%3D7080037%26kxsitename%3DN778265.4162781DV360IT0%26kxplacementid%3D340751602%26kxadid%3D532516461%26kxcreativeid%3D174160234%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28129137%26si%3D7080037%26ci%3D174160234%26pi%3D340751602%26ad%3D532516461%26sv1%3D%5Bkeyword_id%5D%26advt%3D8311042%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%2426255540_16388744155_433584435%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.opel.it%2Fofferte%2Fofferte-index%2Ffree-to-move-lease%2Fbusiness%2Fofferte-mokka-e.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=340751602&site_id=7080037&dsp_insertion_order_id=26255540&dsp_ad_id=532516461&dsp_caid=16388744155&dsp_grid=&dsp_crid=174160234&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=3&rnd=2551788693&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.179.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-179-185.compute-1.amazonaws.com
Software
clinch /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 29 Nov 2022 17:47:58 GMT
cache-control
no-store
server
clinch
x-robots-tag
none
content-length
43
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
skeleton.js
static.adsafeprotected.com/ Frame C136
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1095812/64317497/skeleton.js?ias_dspID=3&ias_campId=26255540&ias_pubId=pub-9189159586664939&ias_chanId=1&ias_placementId=16388744155&bidurl=&ias_dealId=&adsafe...
  • https://static.adsafeprotected.com/skeleton.js
17 B
485 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:219c:1a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 07:05:03 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 19fefe7d41cfedb99873c7b5cd95d410.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C2
age
1939376
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
x-amzn-internal-status
206
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
AqndbGakjMaiURXt-tOjWP6lquH5XqmpTV0ynfGQlbr4YBsArX33og==

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:58 GMT
server
nginx
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2044
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:219c:1a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 13:37:53 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 19fefe7d41cfedb99873c7b5cd95d410.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C2
age
1397406
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ZS-KOmrvNSXczwtMJTJmWBuPfN5HOwjwh9_VncdMTr6darPY7AsNBg==
dt
dt.adsafeprotected.com/ Frame C136
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095812&asId=c15c702a-6499-f6f8-7705-43a4d52a71e3&tv=%7Bc:vnBmGt,pingTime:-3,time:667,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:254,t:645%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:667,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:645,wc:0.0.1600.1200,ac:NaN.NaN.970.254,am:sp,cc:0.0.970.254,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~970.254%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toBdZhQ+11%7C12%7C13%7C14%7C15%7C16%7C17*.1095812-64317497%7C171%7C172%7C173%7C1811%7C1812,idMap:17*,rmeas:1,rend:0,renddet:na,siq:647%7D&br=c
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:59 GMT
server
nginx
x-server-name
dt29.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C136
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095812&asId=c15c702a-6499-f6f8-7705-43a4d52a71e3&tv=%7Bc:vnBmGu,pingTime:-6,time:668,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:668,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:645,wc:0.0.1600.1200,ac:NaN.NaN.970.254,am:sp,cc:0.0.970.254,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~970.254%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toBdZhQ+11%7C12%7C13%7C14%7C15%7C16%7C17*.1095812-64317497%7C171%7C172%7C173%7C1811%7C1812,idMap:17*,rmeas:1,rend:0,renddet:na,siq:647%7D&tpiLookup=ao:www.adorocinema.com*&br=c
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:59 GMT
server
nginx
x-server-name
dt30.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C136
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095812&asId=c15c702a-6499-f6f8-7705-43a4d52a71e3&tv=%7Bc:vnBmGB,pingTime:-2,time:675,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:530,beZ:532,mfA:1160,cmA:1161,inA:1161,inZ:1165,prA:1165,prZ:1171,si:1176,poA:1177,poZ:1191,cmZ:1191,mfZ:1191,loA:1198,loZ:1200,ltA:1204,ltZ:1204,mdA:532,mdZ:1150%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.254,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:254,t:645%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:675,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:645,wc:0.0.1600.1200,ac:NaN.NaN.970.254,am:sp,cc:0.0.970.254,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~970.254%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toBdZhQ+11%7C12%7C13%7C14%7C15%7C16%7C17*.1095812-64317497%7C171%7C172%7C173%7C1811%7C1812,idMap:17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:647,sinceFw:27,readyFired:true%7D&br=c
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:59 GMT
server
nginx
x-server-name
dt31.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C136
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095812&asId=c15c702a-6499-f6f8-7705-43a4d52a71e3&tv=%7Bc:vnBmIY,time:822,type:e,im:%7Bpci:%7Btdr:153%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:822,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:645,wc:0.0.1600.1200,ac:NaN.NaN.970.254,am:sp,cc:0.0.970.254,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B189~0%5D,as:%5B189~970.254%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toBdZhQ+11%7C12%7C13%7C14%7C15%7C16%7C17*.1095812-64317497%7C171%7C172%7C173%7C1811%7C1812,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:647,sis:821%7D&br=c
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:59 GMT
server
nginx
x-server-name
dt32.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame C136
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssq3PzJusarRd6QJ4sDZW0b8c8PcHa9a6AT_RI4HMOLb6giRlz1mEhZUhDeGYH62MJIiOgkjgPk_Gr8w_Qe1i0QhD3NyY_qv0Q1cOiAAPLC2HvWrn21dXaAELXlvev5A82916KniA&sai=AMfl-YQykYQ8afpE6DQVeDCKaJhe2p0omWx6GPzn8JZKGcTaa-2w15BlIRa1q90l-sHwvjf7ucIUCb0gfgpPB-rwVedXL3Qn4KjcIMjmqQweiObzwSbc_JkAcwzRwxGFbKw&sig=Cg0ArKJSzA6lMJr3ifglEAE&cid=CAQSPADq26N9JkzxINpV4lYJf4y2HiZuXR9nPnEEc4ivbbWPR5-oeMAijJ09MRD2ULO_mSVoahILdwG0HEu7oRgBIBM&id=lidar2&mcvt=1002&p=129,315,383,1285&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3486234723&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669744077660&rpt=343&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C136
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095812&asId=c15c702a-6499-f6f8-7705-43a4d52a71e3&tv=%7Bc:vnBmNL,pingTime:-10,time:1119,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669744079308%7C%7Cc97b4f25e625b9fe9bdb4c89486f2e0c%7C%7C6663fc817094191839d96ef6de7d9494%7C%7Ccd2641654f37e0d6bcbb443f52f9d0dd%7C%7Ccf35730bdea8643c1e82ff8bdeff0388%7C%7C89774f6e4d42cda297458aaf68afa1e4%7C%7Ce73fd2556bf3811f9db60705402e8e6e%7C%7C6dc986b712af183d8df81438de9575be%7C%7C1663701684%7D
Requested by
Host: 7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
URL: https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:47:59 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view_y
trk.clinch.co/ Frame 454D
43 B
218 B
Image
General
Full URL
https://trk.clinch.co/view_y?cid=uda841&caid=12379&caversid=13161&frmt=970a250&csid=35940&dsp=cm360_p1&plcid=Opel_IT_Programmatic_DV360&plc=285222&iid=815753c0-7282-41dd-a05a-6c0a5e804b06&env=web&fcpath=lZJhApJiEpJjAZJkAZJlwA&prd=Ecommerce&ids=Opel_Italy_BlackFriday_Generic_Promo&isrc=topItems&issrc=Black_Friday_-_Generic&feed=2469&tilid=11275&lpsrc=DSP&locsrc=Ip2LocDb&locsrcs=3533550333&dspiid=rnd-2551788693&dsp_caid=16388744155&dsp_ad_id=532516461&dsp_pub_id=DV360&domain=7080037&dsp_plc_id=340751602&dsp_insertion_order_id=26255540&dsp_crid=174160234&dsp_c0=[keyword_id]&dsp_c2=bleclick.net/ddm/adj/N778265.4162781DV360IT0/B28129137.340751602&dsp_c1=8311042&dsp_dma=0&ct=IT&city=7980&st=CO&stName=Como&zip=20153&isp=m247%20europe%20srl&contype=2&tc=1,0000000000,00,,&a=1669744079667
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.179.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-179-185.compute-1.amazonaws.com
Software
clinch /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://realtime.clinch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 29 Nov 2022 17:47:59 GMT
cache-control
no-store
server
clinch
x-robots-tag
none
content-length
43
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
async_usersync.html
acdn.adnxs.com/dmp/ Frame F6A9
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.lib.getjad.io
URL: https://cdn.lib.getjad.io/prebid/21636860837
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.adorocinema.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 29 Nov 2022 17:48:00 GMT
ETag
"623de86a-cf34"
Expires
Wed, 30 Nov 2022 17:48:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame F6A9
0
747 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 17:48:00 GMT
AN-X-Request-Uuid
0129a63c-20bc-4a3e-9270-1333d6d7170e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
192.145.127.211; 192.145.127.211; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DC38
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3E28Tm21Gym17auYpJJTXxP_0of6DzT99qQdmbNEqSxIVAmIAk8sQCoMxmwFOreNUIYUfzvRHcs0ItY-JALUxcsDgmh530VXeOSwuayrjh-Ocnc1u-zROoO4K1R2W5Hx0zBewPLGcFFXJn4g3DvwJ-dUN_hq464kgv2VzA2txGjuQacIu6AZCkNLB1reKju2y-L5kenLGFXj1cWoOhn7LlQ&sai=AMfl-YSby-ZrVzKGGDcDrFHqYkEC1cVHUHOV1HeJzgz2hCWb42E_OyjNOutFLaLUcXW92BlHU2H5B_Lkk3Tqdb_XfjqeHtT8qkoAf2sysNF50Tyf9INFeHKIiknZBdSSNs8&sig=Cg0ArKJSzJOV3V4XXmHdEAE&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D2165,0,0,0,0%26mtos%3D2165,2165,2165,2165,2165%26amtos%3D0,0,0,0,0%26mcvt%3D2165%26ps%3D1600,4464%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2165%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D202%26dur%3D15060%26vmtime%3D2175%26dtos%3D2165%26dtoss%3D1%26dvs%3D2165%26dfvs%3D2165%26dvpt%3D2165%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D659245301%26psm%3D7%26psv%3D7%26psfv%3D7%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2165&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1669744078114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:48:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=1;dc_exteid=12036405270064603275;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D2165,0,0,0,0%26mtos%3D2...
ade.googlesyndication.com/ddm/activity_ext/ Frame DC38
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=1;dc_exteid=12036405270064603275;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D2165,0,0,0,0%26mtos%3D2165,2165,2165,2165,2165%26amtos%3D0,0,0,0,0%26mcvt%3D2165%26ps%3D1600,4464%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2165%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D202%26dur%3D15060%26vmtime%3D2175%26dtos%3D2165%26dtoss%3D1%26dvs%3D2165%26dfvs%3D2165%26dvpt%3D2165%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D659245301%26psm%3D7%26psv%3D7%26psfv%3D7%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2165;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1669744078114?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:48:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C136
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095812&asId=c15c702a-6499-f6f8-7705-43a4d52a71e3&tv=%7Bc:vnBncS,pingTime:1,time:2676,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:254,t:645%7D,%7Bpiv:98,vs:i,r:,t:1674%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1674,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:645,wc:0.0.1600.1200,ac:NaN.NaN.970.254,am:sp,cc:0.0.970.254,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1041~0,0~75%5D,as:%5B1041~970.254%5D%7D%7D,%7Bsl:i,t:1674,wc:0.0.1600.1200,ac:NaN.NaN.970.254,am:sp,cc:0.0.970.254,piv:98,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~75%5D,as:%5B1002~970.254%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:322,fm:toBdZhQ+11%7C12%7C13%7C14%7C15%7C16%7C17*.1095812-64317497%7C171%7C172%7C173%7C1811%7C1812,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:647,sis:821%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:a19c:ee18:a235:a64b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:48:00 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame F6A9
0
747 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 17:48:01 GMT
AN-X-Request-Uuid
d66f20f4-fe2d-4bb3-87fe-bb7bdd7d015e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
192.145.127.211; 192.145.127.211; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
frame2_970x250_1652095968930_compressed.jpg
cdn.clinch.co/a_styles/3600/970a250/assets/ Frame 454D
64 KB
64 KB
Image
General
Full URL
https://cdn.clinch.co/a_styles/3600/970a250/assets/frame2_970x250_1652095968930_compressed.jpg
Requested by
Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/dispad/runtime_10_22.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:b::210:f1cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab92a3916c175d01946bab6c38becb0af8f282b9ac47dc75725625e12a108e4c

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:48:02 GMT
x-amz-request-id
8M2X1BBVZTFV14WH
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
65092
x-amz-id-2
2HfWdywNhl3xrwNpCNcrwUZyyDF8bO/yervIM5zhH9v5aysLrnt5wgdwEiREN182SpMGkeZgxro=
Last-Modified
Mon, 09 May 2022 11:33:14 GMT
Server
AmazonS3
ETag
"e81ea3c0fc1c61ee08e77fdc27384aab"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=19445596
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 12 Jul 2023 19:21:18 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame DC38
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BCHzqzUWGY4BOmeXv9Q-w5I_oC8rptaxGAAAAEAEg2JOwVTgBWIjsxdCDBGD9gpGE6BGyARN3d3cuYWRvcm9jaW5lbWEuY29tugEJZ2ZwX2ltYWdlyAEF2gE_aHR0cHM6Ly93d3cuYWRvcm9jaW5lbWEuY29tL3Nlcmllcy9zZXJpZS0yMzM1NC90ZW1wb3JhZGEtNDA3MDgvmAKYdakCE5W_YLUDiT7AAgLgAgDqAjkvMjE2MzY4NjA4MzcvQWRvcm9DaW5lbWEvc2VyaWVzcGFnZS9zZXJpZXNwYWdlX3NlYXNvbnBhZ2X4AvLRHpADjAaYA5wEqAMB4AQB0gUGEOeLufgWkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwHgBwHyBwIgAdIIEQiA4YAQEAEYHTICqgI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=ZWZv1t7f5UE&label=videoplaytime25&ad_mt=3952&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D3940,0,0,0,0%26mtos%3D3940,3940,3940,3940,3940%26amtos%3D0,0,0,0,0%26mcvt%3D3940%26ps%3D1600,4464%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3940%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D202%26dur%3D15060%26vmtime%3D3952%26dtos%3D1775%26dtoss%3D2%26dvs%3D1775%26dfvs%3D1775%26dvpt%3D1775%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3940,3940,3940,3940,3940%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D659245301%26psm%3D15%26psv%3D15%26psfv%3D15%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3940&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1669744078114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:48:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=1;dc_exteid=12036405270064603275;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D3940,0,0,0,0%26mtos%3D3...
ade.googlesyndication.com/ddm/activity_ext/ Frame DC38
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=1;dc_exteid=12036405270064603275;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D885,993,1053,1291%26tos%3D3940,0,0,0,0%26mtos%3D3940,3940,3940,3940,3940%26amtos%3D0,0,0,0,0%26mcvt%3D3940%26ps%3D1600,4464%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3940%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D202%26dur%3D15060%26vmtime%3D3952%26dtos%3D1775%26dtoss%3D2%26dvs%3D1775%26dfvs%3D1775%26dvpt%3D1775%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3940,3940,3940,3940,3940%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D659245301%26psm%3D15%26psv%3D15%26psfv%3D15%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3940;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1669744078114?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.adorocinema.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:48:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
img-cdn.clinch.co/img2/uda841/970/250/3/0a0a0a0/ Frame 454D
1 KB
1 KB
Image
General
Full URL
https://img-cdn.clinch.co/img2/uda841/970/250/3/0a0a0a0/?u=%2F%2Fcdn.clinch.co%2Fa_styles%2F3600%2F970a250%2Fassets%2FlogoBianco970_1652095968914_compressed.png
Requested by
Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/dispad/runtime_10_22.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6821 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
clinch /
Resource Hash
c4699c33fdb03d350e7a88a4ef93bbdae70a8a2c23d1a23bbdd589ab8ad96ef7

Request headers

Referer
https://realtime.clinch.co/
Origin
https://realtime.clinch.co
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:48:02 GMT
Server
clinch
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=689564
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
1170

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| dataLayerGA object| JadConfig object| JadIds object| WadsKeywords object| AC object| webpackChunkallocine_js object| dataLayer object| asyncDataLayers object| jsEntities object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| routingData object| MqState boolean| desobfuscationDone object| jad boolean| adsReady undefined| plagio string| GoogleAnalyticsObject function| fbAsyncInit object| google_tag_data function| ga object| gaplugins object| gaGlobal object| gaData function| _0x2419 function| _0x22447a function| _0x5b47 number| refresh object| opec object| didomiEventListeners boolean| adsPositionsReady object| googletag object| position object| librairiesToLoad object| Criteo object| __iasPET function| Navegg object| naveggReady object| nvgID object| pbjs object| pbstck object| Pubstack object| relevantDigital object| otherLibToLoadPromise object| timeoutPromise object| libLoadedOrTimeoutPromise object| gptPromise object| loadAllPromise object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_780650 string| referrerself function| getTailTargetParam object| _ttconversion string| key string| keyvalue object| data object| nvgGenre object| nvgNationality object| nvgCompany object| nvgSection object| nvgKids object| nvgShowtime object| nvgProvider object| vngSoon object| img function| sendNavegg object| pbjsChunk object| _pbjsGlobals object| mnet object| librariesRequested object| nvg55810 object| TTTagManager function| TTTagManagerError object| _ttq string| n object| cmds undefined| t3m_i object| ttcNamespace object| ggeac object| google_js_reporting_queue string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_132 object| Criteo_132 string| floorConfigName object| FB object| regeneratorRuntime object| pbstckQ undefined| google_measure_js_timing function| nvgGetSegment function| ltgc object| __buffer function| TTBase function| ttBaseE object| _ttqHolder string| kw object| floorTargeting object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_reactive_ads_global_state number| google_global_correlator object| google_image_requests object| _ttprofilescache

68 Cookies

Domain/Path Name / Value
.adorocinema.com/ Name: _ga
Value: GA1.2.2106588598.1669744076
.adorocinema.com/ Name: _gid
Value: GA1.2.2139033946.1669744076
.adorocinema.com/ Name: _gat
Value: 1
www.adorocinema.com/ Name: fidcsnt
Value: 1
www.adorocinema.com/ Name: tt_c_vmt
Value: 1669744076
www.adorocinema.com/ Name: tt_c_c
Value: direct
www.adorocinema.com/ Name: tt_c_s
Value: direct
www.adorocinema.com/ Name: tt_c_m
Value: direct
www.adorocinema.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.adorocinema.com/ Name: _lr_retry_request
Value: true
www.adorocinema.com/ Name: _lr_env_src_ats
Value: false
.navdmp.com/ Name: ac3
Value: 1
.criteo.com/ Name: uid
Value: 4481c858-2c8b-4363-962e-30e519e6dc25
.tt-10531-7.seg.t.tailtarget.com/ Name: trk
Value: RKTP2QVxFIkfpgzvqAEMiKOgllR6ZNMqoc9kAAmK7xNwZIJZnFqei5wj8i0PA9rz6L9FlVqoINZhELwRjUFNTAWa5BQdz97qrP58PWwR6bKi0wdGkASp6o6Jl/sMsuiKSHkmP+NmQeYjwCtA328ue9d31zSpwut2MaW4EnVLSDTKYdKOZkRfuDfaP8rvkfpfLKcM9LkecELCgeqP6NxJZikWtZQ6Fnjf3ZrOqBSE4TEn1aoQLEbXU123nQlgIcnnURiyeLx/ti6H/ygJzZXNbo73Q888jFsa/kmtxP2qwO1h6CUkqvDU/3uDK7yTnU6IEyqP5fVMoC3itAoBdBe5Ui0uVwau6PELHITMmvMwcWLefsy1i7IMBtVInTRrcKmXLSAQPdqZ7kzb1RHtviK6W52fxnsAbhwQOhGROGQjx/SDXpj2UhSn1NlYo2U7mjbzssipWk46Igs8ZP+woc3VI2SC3DHVZ9lQuQzNB8JjkF9Va9iAGhETV++/CFAiJFYiClNK/47bmneQ8HHFmQZJXAoNFcbwCam44eHC3fMaIpgvqVI2k0ngFDEUgNTwQVOOUktyoS9mX/06Cyi4M7LxCAaRpoyg5RA2W+6AWuXRx0e8LNDoNHgmmLpp8Sv7jg9O+drcD/jb1emOz7AZ1EkuYendyH/l7ylzHOlX47TYO6M4jNIhSJzd+ciXU/d3UJbt6VHEmqKNkUhsuEHU1CdKBg==
.t.tailtarget.com/ Name: u
Value: fwAAAWOGRcyZfwbmGItGAgB=
.t.tailtarget.com/ Name: _ssc
Value: y
www.adorocinema.com/ Name: _ttuu.s
Value: 1669744076421
.navdmp.com/ Name: nid
Value: 11d3b3e284d8072e0617c2f66b10|1|359
.adorocinema.com/ Name: nvg55810
Value: 11d3b3e2849b43d31a99a5d3b910|0_334
www.adorocinema.com/ Name: tt.u
Value: 0100007FCC458663E6067F9902468B18
.rubiconproject.com/ Name: khaos
Value: LB2IIEZS-G-GGNU
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0BBK0UhQ8DX1qbBgMWySGKaxJuuRhJfvfAPz/wIGhkeFzRE9HY7WQoK2glzsQgCBrzsnQZf0mpkmjYHTlS9mMvinTyVLuF0ceyqVI1k5poNA==
.adorocinema.com/ Name: country_code
Value: IT
.adorocinema.com/ Name: geocode
Value: 649279
.adorocinema.com/ Name: geolevel1
Value: 500008
.adorocinema.com/ Name: geolevel2
Value: 500875
.adorocinema.com/ Name: geolevel3
Value: 512179
.doubleclick.net/ Name: IDE
Value: AHWqTUmrduIMHMSD0NfyWUtD37X8di64LOFXwcOSdxjrwnCRuYX0OpDQ14UOHENiGZ0
.adorocinema.com/ Name: cto_bundle
Value: bRf4bF80WWVoaCUyQnFXaEJaaUp1YkNtTCUyRlZiWGpqNXVwUVo5aHNuNDU4czdHdVNEVmdQTEE3ZVNFT1dYaExIeGJKMVhrSG1PJTJGQjNXSzJBcDBrOGhNJTJCJTJGT3I2TyUyRnBkOTRWbmN2NnZadUs3bXVOWWNxaVZiSTVEOU9WTXR0RkUlMkZwU3pVNURUdEwxbkxyZWRUUjh3TFdsZ2RjVDFBQSUzRCUzRA
.t.tailtarget.com/ Name: ttbprf
Value: _milan_lombardy_it_1669744076768_3230760915
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
.adorocinema.com/ Name: cto_bidid
Value: Wr2i2F9TaDVHajdsd2I1JTJCbHdLbXlQRGQxQiUyRmsxQloxdzY2MmlGVnJkeXJ1U0RtbEQlMkZRYiUyRiUyQlNVMWYxdk5jOXIxUDlFUDN4bkJRZkNqRUk0VFptNXdsSW93dTJzWjN5U0RoeGFQbTBqS1Y2M2EyVHU5N3lhdVVveE85b2VlYmQ2V0p3OHk
www.adorocinema.com/ Name: tt.nprf
Value:
.mathtag.com/ Name: uuid
Value: 66796386-45cc-4c00-aaac-cb1db5dd0fe3
.bidr.io/ Name: bito
Value: AADU-E7HDIwAACCU72xVvw
.bidr.io/ Name: bitoIsSecure
Value: ok
.tt-10531-7.seg.t.tailtarget.com/ Name: ttca
Value: CA18488,CA12931_1669744076
.bidswitch.net/ Name: tuuid
Value: e2d5c1cc-dc2e-49ba-89ce-871573e426b0
.bidswitch.net/ Name: c
Value: 1669744077
.bidswitch.net/ Name: tuuid_lu
Value: 1669744077
.www.adorocinema.com/ Name: _ttdmp
Value: |LS:|CA:CA18488,CA12931
.t.tailtarget.com/ Name: n
Value: 1669744077
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5901155758799763828
.adorocinema.com/ Name: __gads
Value: ID=feb2e739bad56455:T=1669744076:S=ALNI_MbE4R_QYirVzB1xzXD-dsHdTwyFjQ
.adorocinema.com/ Name: __gpi
Value: UID=00000b8a2a3cf547:T=1669744077:RT=1669744077:S=ALNI_MYMluWTdNk6EYRcXnrGC0I7gnUBJg
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$MvTK<v!]tbPl1M>e)ZlrFUfJ+tGXxo<Tz7F!P>=Y=_)Zd#bQm>ZN`(C]_/!u@V@1#.*bpRz*qF1`*b]lB)aIFh
.adnxs.com/ Name: uuid2
Value: 2727840292247030252
.ctnsnet.com/ Name: gid_CAESEMcskKOqL0AQlgRE0OuMxp4
Value: 1
.ctnsnet.com/ Name: cid_398faa0a71a84197a7221c37cf7a2fce
Value: 1
.quantserve.com/ Name: d
Value: EGcBCQHYJ4EA
.quantserve.com/ Name: mc
Value: 638645ce-1e5dc-7c050-c1a95
.krxd.net/ Name: _kuid_
Value: POmxyWH2
.yahoo.com/ Name: A3
Value: d=AQABBM5FhmMCEG-gv6fNJaFKIDjHbz6ERPUFEgEBAQGXh2OQYwAAAAAA_eMAAA&S=AQAAAiE8oAY9yCvlOY9_aMKyC7U
.360yield.com/ Name: tuuid
Value: de9e9800-77f7-4a69-b1a5-b1588d806936
.360yield.com/ Name: tuuid_lu
Value: 1669744078
.casalemedia.com/ Name: CMID
Value: Y4ZFzkOi0cnMRwLau73plgAA
.casalemedia.com/ Name: CMPS
Value: 2149
.casalemedia.com/ Name: CMPRO
Value: 2149
ads.avct.cloud/ Name: uuid
Value: d935ef6a-9b4d-4f42-8dd1-cb71eb1df523
.clinch.co/ Name: clinch-sid
Value: 06108006-ce70-40d9-8279-6e64dbc40aad
.myvisualiq.net/ Name: tuuid
Value: 8cecb6e3-d549-4f61-ba44-aeb107fede4a
.myvisualiq.net/ Name: c
Value: 1669744078
.myvisualiq.net/ Name: tuuid_lu
Value: 1669744078
.doubleclick.net/ Name: DSID
Value: NO_DATA
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~28kh
.mathtag.com/ Name: mt_mop
Value: 4:1669744079

4 Console Messages

Source Level URL
Text
other warning URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Message:
A preload for 'https://assets.adorocinema.com/skin/font/icon/font-icon-c83bfc331d.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13772
Message:
Failed to load resource: the server responded with a status of 451 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security warning URL: https://www.adorocinema.com/series/serie-23354/temporada-40708/
Message:
Mixed Content: The page at 'https://www.adorocinema.com/series/serie-23354/temporada-40708/' was loaded over HTTPS, but requested an insecure element 'http://c.t.tailtarget.com/view/TT-10531-7/6POAL7BD93/track?tZ=407776567'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7589039fb3e21f9f3ef306a6f277c0be.safeframe.googlesyndication.com
accounts.google.com
acdn.adnxs.com
ade.googlesyndication.com
ads.avct.cloud
adservice.google.com
adservice.google.it
api.rlcdn.com
api.tudogostoso.com.br
assets.adorocinema.com
b.t.tailtarget.com
beacon.krxd.net
bidder.criteo.com
boot.pbstck.com
c.t.tailtarget.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.clinch.co
cdn.lib.getjad.io
cdn.navdmp.com
cdn.pbstck.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
d.tailtarget.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
imasdk.googleapis.com
img-cdn.clinch.co
intake.pbstck.com
match.360yield.com
match.prod.bidr.io
mug.criteo.com
onetag-sys.com
opec.webedia.com.br
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.mathtag.com
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
pubads.g.doubleclick.net
realtime.clinch.co
securepubads.g.doubleclick.net
ssp-sync.criteo.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync.mathtag.com
sync.navdmp.com
sync.teads.tv
sync2.navdmp.com
t.myvisualiq.net
t.tailtarget.com
tag.navdmp.com
tags.t.tailtarget.com
tpc.googlesyndication.com
trk.clinch.co
tt-10531-7.seg.t.tailtarget.com
ups.analytics.yahoo.com
usr.navdmp.com
www.adorocinema.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.229.205.242
104.75.89.75
142.250.185.194
172.217.18.98
178.250.2.146
18.156.0.31
18.195.153.121
185.64.189.112
185.80.39.216
185.89.211.132
2.18.232.130
2001:4860:4802:34::178
212.82.100.182
216.58.212.130
23.3.109.5
2600:1f13:800:7782:a19c:ee18:a235:a64b
2600:9000:219c:1a00:8:48e:53c0:93a1
2602:803:c004:200::140
2606:4700:10::6816:15d
2606:4700:10::ac43:1997
2606:4700::6810:cf3
2606:4700::6810:df3
2606:4700::6812:1c0d
2606:4700::6812:1d0d
2606:4700::6812:ca3
2606:4700::6812:e24
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2010
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200d
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9d
2a00:1450:400e:801::2003
2a02:2638:1::1a
2a02:2638:1::3
2a02:2638::1c
2a02:2638::42
2a02:26f0:3500:c::5c7b:6821
2a02:26f0:480:b::210:f1cf
2a02:fa8:8806:12::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3605:aa90:4442:d391:12dd
3.218.179.185
34.102.185.99
34.107.148.139
34.120.133.55
34.243.37.252
35.186.193.173
35.201.123.184
37.157.6.246
51.38.120.206
52.208.172.23
52.215.179.1
52.28.203.152
52.49.90.126
54.158.181.68
54.159.82.233
54.227.133.78
54.229.167.95
66.155.71.25
81.17.55.112
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
031ba9f0e36ddb39f92f3aa591820e4f469e8dcbae82d0ca57744fe02c73ad26
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
0573d8dfccf51c0a905651069bd35601eb8d17d37d4629cfd8a223e2dbbda016
09809a1959d8460d17235cc9069df51aaaef908d43e1aab69ab31d9467ecb0d2
0aacf0328a261829d1e8aef3344eb81151b0fc8f1f4e3dbd511fec2b191c58d9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
138600655d5c5e7de4baefc65fa82326ee5061b9e4bd1e18e4ae2f4197ccaefa
1794b412ab1fd2c35913fc45c006a4117067908e33f867b30cd34c956e6c501d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aa01372c2aac8a8e9c84cfb47aaf25ec5c0aa838f34086ab76a2fdb15344de9
1bc4f1e40b4d5f6ee42a779522e01b07fb4eceb6bbc4c3f5f6493a997d07932a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1ea4290ce6a41739da98316fba39766a0f034d78a26dc5f70b9e40cdab8ada78
29e548dedf75c3334cf7dd1cd5c8a54d22759fd976bedd43e5c9ac7ee7aafb77
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
347e7622a36ad1aa5921f361fb0a17cf07b00db982605b2cef67dd320792c781
35ae6ada3e0949b27d879cd8764cd2afcb94019fa89194ee69944aea36c5ad90
373d62cc93466a39462ead11f6077e86054e3cb8e657bd7f21da12f8a8bb16a6
384ce239bb18b025487edd2785e26714f97641aab5bebf7618eddea94942e976
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479c5a156cd92a95cda521f80775275d32bbe666c113e1faa3067dea56a13b96
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4903adaee03b0c380254c0ff437b28fb47c72f4b8bc719e0a9598e5022734ab7
4b00abc113a43529afafd5b23f00ebbd6be89c291696b141868fe33011d8e9f2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5945022605fdc9e1d62910c3aec237be1d48181b5800716f8ebb92940ae2e3d1
5b7d1316a9939184f1258eef50d38b23d009ad2b8108ebcfddcf9425bef93903
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c626c665a215880407494fa0316b211da8b84e7d9757fbbe83609a647663a50
612ad9faaf90b148720a35dbe58c8814287ffee6078e7ac09e12470ff971ceb5
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657b0de76e36a226beccf9a515c169e15b7045aee55792ece912340920d7aab2
66b75833370903bf034d72a553f65ad5f714f98425c157b5821a517425217e3f
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69516e52c61a27c7979fef7a870dbf2ec8a9d4a2b8b0e30b988173817c293d8a
6b4cb7fbcc4e77a640291a8825bafacd8ae0a2b2923929bd769555a4a6877f6f
6b63b9858b4d89edbe33e8e99aebe626144fbeffa73f8735fbedff6f6cc9a7ff
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be6aeac414234a5029684c4936d051b0d1a49519a3775afcb862621577bb587
6e5e0e2c9af74956518f79fcb7841737168ef321932f38066a631f66d3a08988
71b45a9ea996132143e96dd0ab2978defddc3059805dcd8b20ed7a4c535330b1
732c268c80bff060e288d843bb13eb4f9a620eaee78214a74890442e6c08809f
741a48d0125f98733b8bde4486c45981b9d558d15330c5803ba13926282ecb07
778bfe872d72aed064ec017387409b5ba160215df1ea3b7ad7e6beacb41b32c1
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7a3264384f8dcc460f46655cbdef8b4019c47619c60cfcaf80e1dd36f05f2676
7dd804223e989c6fa1516178df3f0d58809bda95fc7c418ef85108c104bb9af7
81fcc293ddd2b9750b701071503602aca2df533944bf063872d3c83f4ab039a5
83261ca5be5b6d29ea92b5c3c510ddfb50ca57aa3154ab0f0537d705ebb6ab79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
868f57535bee974cf2df30da7eba52962abbe8d56e62cd361c01420465c9285b
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
8bdad6568b36746e2fcea31c18644d8b732a9bc74e3bab1133126e6afabcef67
8c22698439e60a8b79817f1d27fa54b3607e87cb08ce2e3cca5dbd3e657313b7
94cd74beb168fbd1e42849f3ee0619d3cb2f3da277afc96a5e57ca98174d144e
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a0be1678fb27836fba9453a29914702070cc954f5f04e6983b7dce6cd78d7aa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e60749e72d0f05041a363dba8abb7094a570954fa69b1a65bffbfee37e93591
9f1241f32d3392b07d12a894dc143d9801bb327c95a2b2701b8d2becabc4e417
9f6f089ebb23c16cb25ade5aef0a575616765f09a2ccb6d59f7da1d04a0d7e1e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1c96c6323d6da21573bb6affd4bdff4a380525df8e955062cb904c92cd697ce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a51fadcc59fc3743365cdc1518034ba497ab43294629a0f6ee955675ec6dbaab
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab92a3916c175d01946bab6c38becb0af8f282b9ac47dc75725625e12a108e4c
abec58b56bf8092dd3dc80f03a464601accc4586859c95abdf6e124105539ebf
ac4d7ae3fe808634b42ae83261fcfa79c1519beae4517b0ce52da31667b9a661
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa7d6b3851717158d2f9ac10f897be3073ba0f9f76c49132470c9a281cba659
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bc5744ea4f0f6110c1bd19456c16d84e33c252d7808c7e1170b4b2d42f76fca9
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4699c33fdb03d350e7a88a4ef93bbdae70a8a2c23d1a23bbdd589ab8ad96ef7
c478abe360a67e346be938ecdae1efe8735689c726560af2fc3ade19b456ad1d
c69ed927f7823a83b6857bcef2ccc9d822b9c4afa94517e0563f15bdc7e6dc39
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8413ba8207afd3491c90608ef483e76758a036c9ac7efe64d9ff70648474d5
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d22d227c0234e7626a5822f25c731e105819af192b39d95208e583449a2d48e0
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
daabaaa4c60e8bb98497c120f60f8c3ead8319aa08ddd7aeb35f0ac3e110b59d
e0e18c35fce4a44c2903f64e7e916949e772dacec7438feb149503baa1b95efe
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f7fddd89293400421ad4892bbe9062b0449a859012e14500252fd4182632ff
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
eabf4a0b1abfd22536c9d8e232df86c074e10feb0fe9516c333bc9d7951719f8
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699
ec7bec251d2fa5454022f6bc6977959f65cac44b63a87cac0c7287795606fc30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c36ae89214e216a7bb9613be0e1e9c11c5384dc16c5e25317f5f3764469d94
f7f63544b1fc93e7a64c7b66271969dea03ff975fcecf7d21d5878d61a79257e
fe40139835cd99a7273682986097946d9aeb8d32b461e06282f1906e0e1808d5
ff0d16ed19c19afa3460c636f68938b31cd6c3cdf61dfddd7f2645a625297137