urlscan.io logo urlscan.io
SecurityTrails logo

pelotainvernal.com Open in urlscan Pro
52.22.201.165  Public Scan

Go To Rescan Add Verdict Report
URL: https://pelotainvernal.com/
Submission: On December 20 via api from DO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 14 countries across 84 domains to perform 403 HTTP transactions. The main IP is 52.22.201.165, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pelotainvernal.com. The Cisco Umbrella rank of the primary domain is 478236.
TLS certificate: Issued by Amazon on August 5th 2022. Valid for: a year.
This is the only time pelotainvernal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 52.22.201.165 14618 (AMAZON-AES)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
15 54.231.136.152 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 99.86.4.102 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 9 142.250.185.134 15169 (GOOGLE)
1 88.221.169.78 16625 (AKAMAI-AS)
3 104.18.131.145 13335 (CLOUDFLAR...)
1 3.19.54.139 16509 (AMAZON-02)
32 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
14 2a02:2638:1::8 44788 (ASN-CRITE...)
1 2a02:2638:1::17 44788 (ASN-CRITE...)
2 34.149.50.64 15169 (GOOGLE)
2 3 185.89.210.244 29990 (ASN-APPNEX)
1 72.251.249.14 32475 (SINGLEHOP...)
2 3 104.18.33.19 13335 (CLOUDFLAR...)
2 2602:803:c003... 26667 (RUBICONPR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 6 51.89.9.253 16276 (OVH)
8 151.139.128.10 20446 (STACKPATH...)
3 95.101.27.149 20940 (AKAMAI-ASN1)
5 5 18.195.83.19 16509 (AMAZON-02)
1 1 146.0.227.110 29066 (VELIANET-...)
2 3.69.201.248 16509 (AMAZON-02)
3 3 3.126.56.137 16509 (AMAZON-02)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
7 69.20.43.192 27357 (RACKSPACE)
2 5 2a00:1450:400... 15169 (GOOGLE)
5 5 35.214.223.115 15169 (GOOGLE)
20 146.20.128.200 27357 (RACKSPACE)
7 9 2001:678:cb4:... 56396 (AMOBEE)
5 5 54.85.151.23 14618 (AMAZON-AES)
21 146.20.132.192 27357 (RACKSPACE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 162.19.138.116 16276 (OVH)
2 2600:1901:0:7... 15169 (GOOGLE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
7 18 216.58.212.130 15169 (GOOGLE)
4 4 103.229.205.243 30419 (MEDIAMATH...)
3 4 35.204.158.49 396982 (GOOGLE-CL...)
2 98.98.134.241 21859 (ZEN-ECN)
1 1 2600:9000:211... 16509 (AMAZON-02)
6 6 213.19.147.45 26120 (RHYTHMONE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.255.17.182 16509 (AMAZON-02)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2600:9000:206... 16509 (AMAZON-02)
20 2.18.233.180 16625 (AKAMAI-AS)
8 8 84.200.5.215 44066 (DE-FIRSTC...)
2 78.46.85.162 24940 (HETZNER-AS)
2 46.4.41.145 24940 (HETZNER-AS)
2 2 184.24.12.207 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 5 185.64.190.78 62713 (AS-PUBMATIC)
17 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.2.151 44788 (ASN-CRITE...)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 2 52.94.222.140 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 54.154.216.185 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
2 3 37.157.3.29 198622 (ADFORM)
2 52.223.40.198 16509 (AMAZON-02)
3 185.64.189.111 62713 (AS-PUBMATIC)
3 185.64.190.89 62713 (AS-PUBMATIC)
3 3.132.27.205 16509 (AMAZON-02)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 1 15.235.15.221 16276 (OVH)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 185.183.112.155 60350 (VP)
1 185.80.39.216 27381 (CASALE-MEDIA)
1 2.23.192.21 16625 (AKAMAI-AS)
2 2 151.101.66.49 54113 (FASTLY)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 63.251.232.165 32475 (SINGLEHOP...)
1 162.55.120.196 24940 (HETZNER-AS)
1 1 141.94.240.143 16276 (OVH)
1 1 141.94.171.215 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 185.89.210.82 29990 (ASN-APPNEX)
1 35.186.193.173 ()
403 91
6    52.22.201.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-201-165.compute-1.amazonaws.com
pelotainvernal.com
3    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
partner.googleadservices.com
2    2606:4700:20::681a:179 (United States)

ASN13335 (CLOUDFLARENET, US)
flower-ads.com
15    54.231.136.152 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700:3031::ac43:b7f8 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-conectate.kiskoo.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
17    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    99.86.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-102.fra6.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
9    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
1    88.221.169.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-78.deploy.static.akamaitechnologies.com
widgets.outbrain.com
3    104.18.131.145 (None, )

ASN13335 (CLOUDFLARENET, US)
t.seedtag.com
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
32    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
14    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
1    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
3    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
3    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum.casalemedia.com
2    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
6    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
8    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
ad.lkqd.net
3    95.101.27.149 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-149.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    18.195.83.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-83-19.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
2    3.69.201.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-201-248.eu-central-1.compute.amazonaws.com
a.vidoomy.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2600:9000:223c:aa00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
7    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
20    146.20.128.200 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
9    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
5    54.85.151.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-151-23.compute-1.amazonaws.com
sync.srv.stackadapt.com
21    146.20.132.192 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
24    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
18    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
cm.g.doubleclick.net
4    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    2600:9000:211e:6c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
6    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.255.17.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-17-182.eu-west-1.compute.amazonaws.com
match.360yield.com
4    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    2600:9000:206f:9200:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
20    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
8    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.o2online.de
2    46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de
partner.blau.de
2    184.24.12.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-12-207.deploy.static.akamaitechnologies.com
www.awin1.com
2    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
17    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
2    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
3    54.154.216.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-216-185.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
3    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
3    185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
3    3.132.27.205 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-27-205.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2a05:d018:d29:3601:1fd9:6969:7081:2e2b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    2.23.192.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-192-21.deploy.static.akamaitechnologies.com
cs.media.net
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    141.94.240.143 (France)

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh
green.erne.co
1    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel-eu.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
Apex Domain
Subdomains		 Transfer
56 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 22754
v.lkqd.net — Cisco Umbrella Rank: 11551
cs.lkqd.net — Cisco Umbrella Rank: 2756
t.lkqd.net — Cisco Umbrella Rank: 18312
221 KB
53 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
474 KB
51 pubmatic.com
vpaid.pubmatic.com — Cisco Umbrella Rank: 4684
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 852
vid.pubmatic.com — Cisco Umbrella Rank: 8864
st.pubmatic.com — Cisco Umbrella Rank: 973
aktrack.pubmatic.com — Cisco Umbrella Rank: 148338
aud.pubmatic.com — Cisco Umbrella Rank: 4185
image4.pubmatic.com — Cisco Umbrella Rank: 824
295 KB
50 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
ad.doubleclick.net — Cisco Umbrella Rank: 161
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
320 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 28664
ad4m.at — Cisco Umbrella Rank: 9760
assets.ad4m.at — Cisco Umbrella Rank: 37651
767 KB
24 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
pix.eu.criteo.net — Cisco Umbrella Rank: 7930
csm.eu.criteo.net — Cisco Umbrella Rank: 8005
162 KB
15 amazonaws.com
s3.amazonaws.com
145 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
128 KB
11 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173
ads.eu.criteo.com — Cisco Umbrella Rank: 7675
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9848
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
dis.criteo.com — Cisco Umbrella Rank: 658
66 KB
9 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
r.turn.com — Cisco Umbrella Rank: 3099
4 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
354 KB
7 springserve.com
vpaid.springserve.com — Cisco Umbrella Rank: 9310
vid-io-cle.springserve.com — Cisco Umbrella Rank: 8553
354 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
1 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
5 KB
6 pelotainvernal.com
pelotainvernal.com — Cisco Umbrella Rank: 478236
29 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
2 KB
5 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
2 KB
5 seedtag.com
t.seedtag.com — Cisco Umbrella Rank: 13646
s.seedtag.com — Cisco Umbrella Rank: 5800
135 KB
4 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 71689
1 KB
4 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 73979
951 B
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
3 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
3 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 89292
static-de.ad4mat.net — Cisco Umbrella Rank: 126078
8 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
2 KB
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
dsum.casalemedia.com — Cisco Umbrella Rank: 1324
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 414
4 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8549
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541
739 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
793 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 939
pixel.quantserve.com — Cisco Umbrella Rank: 666
cms.quantserve.com — Cisco Umbrella Rank: 639
11 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 595
3 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1884
mp.4dex.io — Cisco Umbrella Rank: 1980
25 KB
3 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 22938
a.vidoomy.com — Cisco Umbrella Rank: 8039
6 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
44 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
749 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3040
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12965
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3765
623 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1107
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
529 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4459
562 B
2 conrad.de
www.conrad.de — Cisco Umbrella Rank: 59744
949 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14058
1 KB
2 blau.de
partner.blau.de — Cisco Umbrella Rank: 90883
2 KB
2 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 81505
3 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2234
785 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
382 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 958
id5-sync.com — Cisco Umbrella Rank: 413
17 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1148
cs.media.net — Cisco Umbrella Rank: 1387
1015 B
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 23217
cdn.firstimpression.io — Cisco Umbrella Rank: 23306
96 KB
2 kiskoo.com
cdn-conectate.kiskoo.com — Cisco Umbrella Rank: 192086
3 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
36 KB
2 flower-ads.com
flower-ads.com — Cisco Umbrella Rank: 861580
165 KB
1 ctnsnet.com
ipac.ctnsnet.com
369 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
464 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16075
367 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5627
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1303
283 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5149
277 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1368
712 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014
555 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838
104 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 707
759 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2401
382 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 655
444 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 868
1 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2368
582 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
405 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1353
3 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 830
474 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
43 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
30 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 audrte.com Failed
a.audrte.com — Cisco Umbrella Rank: 1899 Failed
0 contextweb.com Failed
bh.contextweb.com Failed
403 84
Domain Requested by
32 tpc.googlesyndication.com googleads.g.doubleclick.net
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
21 t.lkqd.net ad.lkqd.net
20 cs.lkqd.net ad.lkqd.net
18 cm.g.doubleclick.net 7 redirects a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
pelotainvernal.com
18 pagead2.googlesyndication.com pelotainvernal.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
tpc.googlesyndication.com
15 s3.amazonaws.com pelotainvernal.com
14 pix.eu.criteo.net ads.eu.criteo.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
13 simage2.pubmatic.com ads.pubmatic.com
12 assets.ad4m.at as.ad4m.at
9 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
9 static.criteo.net ads.eu.criteo.com
securepubads.g.doubleclick.net
9 ad.doubleclick.net 8 redirects pelotainvernal.com
8 vpaid.pubmatic.com vpaid.springserve.com
blank
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
8 ad.lkqd.net pelotainvernal.com
ad.lkqd.net
8 www.gstatic.com googleads.g.doubleclick.net
8 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
flower-ads.com
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
8 www.googletagservices.com pelotainvernal.com
googleads.g.doubleclick.net
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
7 ad.turn.com 7 redirects
7 v.lkqd.net ad.lkqd.net
6 onetag-sys.com 2 redirects flower-ads.com
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
6 fonts.googleapis.com pelotainvernal.com
googleads.g.doubleclick.net
6 pelotainvernal.com pelotainvernal.com
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
5 sync.srv.stackadapt.com 5 redirects
5 csync.loopme.me 5 redirects
5 www.google.com 2 redirects a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 x.bidswitch.net 5 redirects
4 image2.pubmatic.com ads.pubmatic.com
4 www.lead-alliance.net 4 redirects
4 www.telefonica-partner.de 4 redirects
4 vpaid.springserve.com ad.lkqd.net
4 sync.1rx.io 4 redirects
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 aktrack.pubmatic.com
3 vid-io-cle.springserve.com vpaid.springserve.com
3 st.pubmatic.com
3 vid.pubmatic.com vpaid.pubmatic.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 sync.crwdcntrl.net ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 ads.stickyadstv.com pelotainvernal.com
ad.lkqd.net
3 ib.adnxs.com 2 redirects flower-ads.com
3 mug.criteo.com pelotainvernal.com
3 t.seedtag.com flower-ads.com
t.seedtag.com
3 a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cdn.jsdelivr.net pelotainvernal.com
securepubads.g.doubleclick.net
2 sync-tm.everesttech.net 2 redirects
2 dsum.casalemedia.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 match.adsrvr.org ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 www.conrad.de as.ad4m.at
2 www.awin1.com 2 redirects
2 partner.blau.de as.ad4m.at
2 partner.o2online.de as.ad4m.at
2 match.360yield.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 static-de.ad4mat.net as.ad4m.at
2 sync.targeting.unrulymedia.com 2 redirects
2 pixel-sync.sitescout.com a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
ads.pubmatic.com
2 r.turn.com a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
2 prod-rtb.ad4mat.net a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
2 a.vidoomy.com pelotainvernal.com
2 fastlane.rubiconproject.com flower-ads.com
2 s.seedtag.com t.seedtag.com
2 script.4dex.io flower-ads.com
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn-conectate.kiskoo.com pelotainvernal.com
2 cdnjs.cloudflare.com pelotainvernal.com
2 flower-ads.com pelotainvernal.com
flower-ads.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cs.media.net
1 dsum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 pixel.quantserve.com pelotainvernal.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com t.seedtag.com
1 inv-nets.admixer.net 1 redirects
1 prebid.media.net flower-ads.com
1 mp.4dex.io flower-ads.com
1 htlb.casalemedia.com flower-ads.com
1 ap.lijit.com flower-ads.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 ads.vidoomy.com flower-ads.com
1 widgets.outbrain.com pelotainvernal.com
1 ecdn.firstimpression.io pelotainvernal.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com pelotainvernal.com
1 code.jquery.com pelotainvernal.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 a.audrte.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
403 131

This site contains links to these domains. Also see Links.

Domain
www.conectate.com.do
emisorasdominicanasonline.com
Subject Issuer Validity Valid
pelotainvernal.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-24		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ad.lkqd.net
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.springserve.com
Amazon		 2022-03-31 -
2023-04-29		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh

This page contains 77 frames:

Primary Page: https://pelotainvernal.com/
Frame ID: 5A11044A9CA73BF3BA11E0084E70F57B
Requests: 96 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 460EED0890D05F2D0CD6DD38E7AB0E48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Frame ID: B12EB66B490C3EC3C03CB98B04EF8588
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671509531&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530970&bpp=1&bdt=176&idt=102&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5iTa8SbArS&p=https%3A//pelotainvernal.com&dtd=105
Frame ID: 123EC05BE15F00D3DD6A781C7531DECD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1671509531&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509531160&bpp=2&bdt=366&idt=2&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90&nras=1&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=12
Frame ID: 7EEAA3FCE6B343CA394EDF636F584DB6
Requests: 1 HTTP requests in this frame

Frame: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FF78B7A8D2E24756DB16F9375CCF84E5
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Frame ID: BBB7E6A398C422FF9C4493D17B6F7649
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 97FAF4058A409A64739F888DF6397D0A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 898B7D24B0F322B63503DD51057C852E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 81822692E9D1ADC2D53ACED1DABC6243
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: D38DF2A47659D2066F26C1B611E69B17
Requests: 13 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 01111E32A24E4CB960CCA9FFC462F6B6
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 78C4A54511A9BF9F4BFF75C5DBD27F13
Requests: 2 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: BD8148539AACCC0ED1AE33F58C1D3D93
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 59139011641E1E21726ED1233067C337
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C736EF5D4B7CCC5256E80C152A82A70C
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: FBB4256AAF3394615A5F999D6D8C029E
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 4D606617B7310DC1B1F790FF5530CFC4
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9CE3DD424C9F10D954115835A24049D9
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1CFA5318DB1F00D397ECB7BB30E049BF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 0D2F9F34D8AC79C0A34D08C37F2968F7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: EA5B4AB077F97E71532A5160E3D126C6
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B76B39209B72EBBA12B8804931F423FB
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: CCDACB5139B288013601391EF12440E3
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 886CE15B63AEB0F616AA88BFB8E2747B
Requests: 3 HTTP requests in this frame

Frame: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 104C02935BF5D28D6E09BC082C02E98E
Requests: 2 HTTP requests in this frame

Frame: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 636773A0DAC16A2011F8900D1DD38EF6
Requests: 11 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3BA58DA3FC8309B0492D737F18F9AC37
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com
Frame ID: 0C7E8943EC4A8A04DA68D0DAFBF1D6A1
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1khwe7700e380hf4rewa700qccwhqchvn9cs74h2pdyzy11gj6v8spqbqjwsmy5zygxhh11qfjhjx9dx6tsh4vzt88nesfb64zn04qqenj5c91xkk1kv8cwxs9v1t70krp7r9eqkq53j21c1eb149te84jdyvng6w6tnb9g0s9jq8fwzd7yg5wntxtf9y7e4j0n5fygydwn281r3gtkf4f0qjm82fkf8c57m90v9rhc6s6jw76vj3kn6svbzn8khn8xp3vv7v8enss0pbyv8zzd36ch9647nayh80mpfxc4140scac1yhwd1s8g3mptq0mnm1cwwezmy5r459vvgxwsphn4q6rbyxw4m9bgc8nkc0vy2j2rspdj323qqxe6q6jez1anme7qt1393m0bxny9xqw0vgrf9zrppyv8v5r7cktc22ay0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%26client%3Dca-pub-7872228587460333%26adurl%3D
Frame ID: 9CBC1DAE2028DF62855DA726B21D6687
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 07A2AF810967D6A15C4EEB107D7CC102
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js
Frame ID: 20BDA5198776F2E1D018A95A29292A3D
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g6h28ap4rc4fcywaa8w3tajqnx1mezzrvv8rkbqshjz98pdmp8ec6krqkrmck4b0jny1k4g8c3csx2w3mnth4jw80s6w60jnsqf6nyr7nnyajs1jk3gxfk46fjgv7ezjdsxs2h4aj2y86en6ryhsdk3tpwnpmxpvbehkjqkrybpv6x9penmeewymkarw88qw7y5dn2e0vw8p8knmhnk0brmkp8veggrpq1k5fntsy4gf1tq1gftbqe3cxm89ehyf86yv1qhx160ykhf1mg0fz3cwm2r17yh724gdw2629d39x77pbsnk8k4amf3azs8ng9dy2kbkx35hjdsz1174rfzn9hv5smd2dt5zfhz5vwk7hvjmjgmzje7hf0h3r6w93b4zvcby14btv2bzhcetdgcqnhzqftbzvjhmenx1b6bmrv7rr4tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%26client%3Dca-pub-7872228587460333%26adurl%3D
Frame ID: DB6F9350DE57BA58FE4EB265FB203146
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AEDB88C6D746098F3D79D974DBDD010B
Requests: 9 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 61ED3C5C1D0C9B12762CCF493FBF290B
Requests: 5 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6E541786D8D7EF08B681147D95EA77BE
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: EEB69029E97C1794EDD8C6F5D78CFDC8
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: 3DDE9B44A31C47839ED4332248599D4D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8CF7784F36DE5BC7D414931B80D3AB1C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E141C57FF7C58AD3426D98B4BA1804FA
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Frame ID: C8D25D5C38385688E0D801D5EA83C22E
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Frame ID: C02AC73CC34B375AC603C0D9A1D4CF8F
Requests: 11 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Frame ID: E8E4AE2643F9B615B773F63C81B47B39
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7273DC97BC498B9FBDF79ED1C0B13E01
Requests: 11 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:295063a1-361d-4e00-8d9f-4c459ae8fd05&gdpr=0&gdpr_consent=
Frame ID: 5916229A5767CB4C59DE2AF9BE176F1E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 2C00642996C2AF2B8937451816DA0CE6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3236300610912310540
Frame ID: D52F2FAC119246A4D2DEE47E70C217D3
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3E4CB774-585C-4BAA-AADE-66B7516F7715&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: A0E397C1006F0212D31EA483BEBC14E2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3288839038734860477&gdpr=0&gdpr_consent=
Frame ID: 47CCE27F7F4EF54530E2712F2A06004A
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: 4DEC9DDE947D6B6484BCC8D4C1E72E8C
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Frame ID: 77F7A19F97C37C9D3C5DEBD3EA900C45
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7EEF11368B80F476569136C248FE666C
Requests: 12 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QIYHB0WDV1VbjF4HENRLUBeHUABbglVSE9TP0yhp
Frame ID: 57B6BD4A558207177A92185A12550D16
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7179078779192801427&gdpr=0&gdpr_consent=
Frame ID: 39A4D25CC86D94B309D656E0E3485BAE
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJypk7HQmwAAB9bdKpdXw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3613290900590066763%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0
Frame ID: 4A308612545ADBBC0E9F58DDB04F1F27
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
Frame ID: 71A54E14975A8FCF26F72D7D45F7EA3A
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 4E68B40FEF3157D64A96078922AEFD2F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: EE1B63AAC93525F0224AE8E9BAEF0FBF
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9096E95F06B52EB36492037C98CF1013
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: 3773234E820095F48109725E663ACA9B
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Frame ID: 5FD440E0EFC8BBADF3ED0F94C35D21F2
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 86ABD970C68A02C179414887D4DFE94D
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr=0&gdpr_consent=
Frame ID: 71A9F9BB55C9FCB600EBB6ED38CC57F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6E2IQAAAK_PlgAZ&gdpr=0&gdpr_consent=&_test=Y6E2IQAAAK_PlgAZ
Frame ID: 81A26DF7ADA17B494A003F6A2ADAD24C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 5A7899EA6F28C392EF0E7EF091DD23CD
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 5BE6D10F6BCD251C5CD74BAFCD216B6F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3398606614
Frame ID: 90F4ED77F30DF863300F1FE07861356B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: AF253C39EDF9A5BB28E56BA735EF69D5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 7A5763EDCED56C95A1D66CFF9F32DCD9
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 56D3C936E1F86D030D7CDEA3169008A7
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgTUnXMTanYTSMQXU
Frame ID: CD94D6DECD46EC7539FADA422DE785F0
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: B66983AFFB695078BE64FA5E041B0647
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Frame ID: 7FFE69911F0477B495A20B097D99E077
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4223CD6D5A31560C8EDEDD271B4BD0F1
Requests: 2 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: DF96171150F4763629573980817A6A15
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: CD0E6B0451EDF6B54BA752B5825E7AAF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7131E7A3816D4807AD8A674E72AAA387&gdpr=0&gdpr_consent=
Frame ID: F4FC778DACACA5B2844FBE371A27AA5D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PelotaInvernal.com | Resultados, Calendarios y Posiciones

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

403
Requests

87 %
HTTPS

38 %
IPv6

84
Domains

131
Subdomains

91
IPs

14
Countries

3986 kB
Transfer

11420 kB
Size

107
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=MewNg3x6K2RJVEVJU0dwMFhMb05JN0pSYkhyZ3hhUzBCcUxUQTl4RDBtRytqYzlHcmtmek12bGNRSzZCOGQzY3RNSzgvazZMaE4vMFlFYW5FeXVXWnVvWUxYQjQwdEZZdkkwVTdGNHdGVnZ2Y3l5TDZWSi93SHUrcStoSExDT2FuL0xuWi9lZS9uMURGbWZ5WDJySlA2UFRKTFpBVndZK3B3dmVlZDJuc2t1NnR6MU9aUlNmUWY3NjNHTGlIdW15c283ZEw1TUFiQlk5NnNVekVMOXUyTTBRMlRBUlU2R3dtUXhhZTJqRUtOQWR5eXFXQVR6OUJYMy9NYStvTzFCalVWUHJlfA&cppv=2
Request Chain 150
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=223271723.021023271700261610.7723794 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=223271723.021023271700261610.7723794 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dvidoomy%26bsw_param%3D4b77473c-85ef-44a2-ab4e-37afbe8c5694%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=115fb7c42e304e84a753b3fe0b5a183d&ssp=vidoomy&bsw_param=4b77473c-85ef-44a2-ab4e-37afbe8c5694&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=4b77473c-85ef-44a2-ab4e-37afbe8c5694
Request Chain 151
  • https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-E3o4GA1E2uFu.wJc0Idj8mBOHHak5IubMIY2QNc-~A
Request Chain 174
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 177
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8bed87d3-8845-4908-abc4-6686be6ff4f2
Request Chain 180
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4461085968874832705
Request Chain 181
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N8uhxGORT851XXgLnku6MdlAlwg
Request Chain 182
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1461268b-c745-4b17-83dd-3a264b38969e
Request Chain 185
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
Request Chain 186
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=XZTvBJn7S8dwBHVolmfqe9lAlwg
Request Chain 187
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 213
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=5c500637-03b8-47ea-972b-63e52dcc8e22
Request Chain 216
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
Request Chain 217
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
Request Chain 229
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=sUOIQV9jSlBCMnFseGhlWVR3dHhzbk5mWHpvaldJemlyRjA4NnNoOUolMkJUMCUyQm9JUExxZkVyMGlFWEl2ZTEzY1Y4a0FqaXUwTm1kY1Ezb3NnZVlBRW0wNjJqSSUyRktCUkxOcEFmeFRTQnVjS0EwVk81NXJwUlp2R0dPWiUyRmk4VWh1UnNNZExr&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=jcMcenwxTGQ2cUdIZHVFMzc4NGdJMjB5R3dLTXVrZmdOekE0d0VnMkVmYWhUNlhFbUM4ZmRqUm1ienlra2ZqdmdTSU4zcEhHRVQ3a3FYSURuMGZOaFU2SndsYkRwaDdpZE1jTEVlWk9vUnpuTDA4OGliRVRvTzRzU1AvQU1ucnl6a2RyYUcvVGRjQ24xcW9wdk5jZzB6WXZUODM1M2FaZ25lWVM4VXVDYXQxQUk5MkZGcWYzUUdqV3ZwUHZ1K1E1VU1MTEpRWGhYclQ2eXBXeDN6L2FTN3RZc21wdWswOTU2SWJMeGZiQ3lzdHpDWm1HVVQ3Z3BmRWZUbU5vU3RnbFc2b05QTVBoRmtRdkl3OUx0bjdSWmdtaEZvZEtlY1dMS2JCd25wRFBhZFMxSnAvbz18&cppv=2
Request Chain 236
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1&google_push=AavPq0PdlQyU5H5E3yd29TJ0CVYOIXNEuuyhSW1gLcajrDTKT8l3ddR8PBP_eznft1bEr6csgURalPw0tWOAoX09_TNvD6QIfEc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM4OTAyODM3NDgzNjkwNDc2OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1
Request Chain 237
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKpYqB5eF_6th6HkMd6fBIc&google_cver=1&google_push=AavPq0NIHAcK_TUrvfpaxRMUjgbUmxdlLfJ3iXVNO1tn_0AUZ9rjRkSjWF4bt9SbF_S3g8owSFqcrfN6vKh_3b14a9vfYLeBAcvN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0NIHAcK_TUrvfpaxRMUjgbUmxdlLfJ3iXVNO1tn_0AUZ9rjRkSjWF4bt9SbF_S3g8owSFqcrfN6vKh_3b14a9vfYLeBAcvN
Request Chain 238
  • https://um.simpli.fi/gp_match?google_gid=CAESEA52fGAn8yutUOikslAGlWw&google_cver=1&google_push=AavPq0OWtIoebRGJclk32B-3nMjkeXp6-nt14jDW054vEPZwOO5OWrGfsNgq6OZTVrif1PCFv7S_WyKhe03dvzbIiyYt9P26kn2u HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7131E7A3816D4807AD8A674E72AAA387&google_push=AavPq0OWtIoebRGJclk32B-3nMjkeXp6-nt14jDW054vEPZwOO5OWrGfsNgq6OZTVrif1PCFv7S_WyKhe03dvzbIiyYt9P26kn2u
Request Chain 240
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKANiZS5TWfiyAABVixNlQ8&google_cver=1&google_push=AavPq0NBZrTHg4T5ykjf5NpUQZbvBXEUD2f42LdjGPjP3qx4UtMoyWCiZ1ByPVISwMCsfWsu_j4KGeGBaf-q-W1hCXAsSLDe6FZ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NBZrTHg4T5ykjf5NpUQZbvBXEUD2f42LdjGPjP3qx4UtMoyWCiZ1ByPVISwMCsfWsu_j4KGeGBaf-q-W1hCXAsSLDe6FZ_
Request Chain 241
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP2CZIadrqAaxphW5fOn5Gg&google_cver=1&google_push=AavPq0PVwuKrtXSpaqH-GyUkVb0kDa4xluEE6-gva2sVMsxYAbz_VlEu9DzleHJ_4W9zRQ5MXWgXTyIKQpgzxGaVq7iqAZmVecHk HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0PVwuKrtXSpaqH-GyUkVb0kDa4xluEE6-gva2sVMsxYAbz_VlEu9DzleHJ_4W9zRQ5MXWgXTyIKQpgzxGaVq7iqAZmVecHk&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1671509533195 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d425808b-4618-4f4a-b4c4-f3b4993ed65f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0PVwuKrtXSpaqH-GyUkVb0kDa4xluEE6-gva2sVMsxYAbz_VlEu9DzleHJ_4W9zRQ5MXWgXTyIKQpgzxGaVq7iqAZmVecHk%26google_hm%3DA9QlgItGGE9KtMTztJk-1l8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PVwuKrtXSpaqH-GyUkVb0kDa4xluEE6-gva2sVMsxYAbz_VlEu9DzleHJ_4W9zRQ5MXWgXTyIKQpgzxGaVq7iqAZmVecHk&google_hm=A9QlgItGGE9KtMTztJk-1l8
Request Chain 242
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJX-iXzFLnR3SPArc0O5Cc&google_cver=1&google_push=AavPq0P1wgOSUYaB11sNn2asrmbuzjNjmLHVhJ89koDyD4DtzT1-F-iacKiUDryhC-r-CSmAufZ-x2cJZym71o1AtaZXZCQQ3AE00A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0P1wgOSUYaB11sNn2asrmbuzjNjmLHVhJ89koDyD4DtzT1-F-iacKiUDryhC-r-CSmAufZ-x2cJZym71o1AtaZXZCQQ3AE00A HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 250
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1&google_push=AavPq0PInlF-UTkrwwhQkPDzN1lk33IzO-ZxYLagfWA6QH8Ww1yXTYxrA1zAm8QOnsNySVnAqtQR8gkAAoxHNr5Lc0337JT6nJM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM4OTAyODM3NDgzNjkwNDc2OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKpYqB5eF_6th6HkMd6fBIc&google_cver=1&google_push=AavPq0P02mZiHcNFG-_Q8Gig535Jv--foOluUlCH3MJAv4irO3bMntP6kNjp6Y8JBzuOnjBNEkdPkDs4KmBE3fR8yU9PFPBL3aE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0P02mZiHcNFG-_Q8Gig535Jv--foOluUlCH3MJAv4irO3bMntP6kNjp6Y8JBzuOnjBNEkdPkDs4KmBE3fR8yU9PFPBL3aE
Request Chain 252
  • https://um.simpli.fi/gp_match?google_gid=CAESEA52fGAn8yutUOikslAGlWw&google_cver=1&google_push=AavPq0MLGy9pWxDcaWyDmCK5-Wuq8X8dreRpShNgZusEWOSlr_DLVvSDpWMVrULcwU6zIUlKIXcUG8yjrrzRKxXsJvchxYcxROM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7131E7A3816D4807AD8A674E72AAA387&google_push=AavPq0MLGy9pWxDcaWyDmCK5-Wuq8X8dreRpShNgZusEWOSlr_DLVvSDpWMVrULcwU6zIUlKIXcUG8yjrrzRKxXsJvchxYcxROM
Request Chain 253
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENFexr3AjoYNiYR3n9CHO9Q&google_cver=1&google_push=AavPq0NL1OjJVb_4mC4M2Y7Xn-bEPnChoPkol0tEVnYwkySVkNheodU3nNKrVulPsG236chqZSnlw_7s2Gl6I8SPCkgWmnrGNrc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTA3ODc3OTE5MjgwMTQyNw%3D%3D&google_push=AavPq0NL1OjJVb_4mC4M2Y7Xn-bEPnChoPkol0tEVnYwkySVkNheodU3nNKrVulPsG236chqZSnlw_7s2Gl6I8SPCkgWmnrGNrc
Request Chain 254
  • https://match.360yield.com/match/ebda?google_gid=CAESEO53t5DTmb0S88nTyWDJGAM&google_cver=1&google_push=AavPq0PWYecYuZcPlP4KIA2zMsXzj2JkLdSuEoqolFcfwd-FmPSL8hqRkPeTcF5a7WM6vWRXcvYsJUI3vR8wXKcG3GL5s_daq3M HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO53t5DTmb0S88nTyWDJGAM&google_cver=1&google_push=AavPq0PWYecYuZcPlP4KIA2zMsXzj2JkLdSuEoqolFcfwd-FmPSL8hqRkPeTcF5a7WM6vWRXcvYsJUI3vR8wXKcG3GL5s_daq3M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=p3SJCez7T_qa6FIeaKDaeA&google_push=AavPq0PWYecYuZcPlP4KIA2zMsXzj2JkLdSuEoqolFcfwd-FmPSL8hqRkPeTcF5a7WM6vWRXcvYsJUI3vR8wXKcG3GL5s_daq3M
Request Chain 255
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP2CZIadrqAaxphW5fOn5Gg&google_cver=1&google_push=AavPq0N0VdJO6-owIS2q8tC7fSmfOUC_QPvLLsymBLQ4V8Y1oOaxmaqJn9yrTVhYKQrJJdJrqI07pSJ3qmOyNQ6XS5MZsRS_L4c HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d425808b-4618-4f4a-b4c4-f3b4993ed65f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0N0VdJO6-owIS2q8tC7fSmfOUC_QPvLLsymBLQ4V8Y1oOaxmaqJn9yrTVhYKQrJJdJrqI07pSJ3qmOyNQ6XS5MZsRS_L4c%26google_hm%3DA9QlgItGGE9KtMTztJk-1l8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0N0VdJO6-owIS2q8tC7fSmfOUC_QPvLLsymBLQ4V8Y1oOaxmaqJn9yrTVhYKQrJJdJrqI07pSJ3qmOyNQ6XS5MZsRS_L4c&google_hm=A9QlgItGGE9KtMTztJk-1l8
Request Chain 256
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJX-iXzFLnR3SPArc0O5Cc&google_cver=1&google_push=AavPq0O3tN9Pf-TzI6A9OC0j_ZhP86-7pbGI8xTTefPcRfLZ9JI0CbSSusaquNNlKZ4Uu8iFTcHE_spEoZDsC_8BE8y0ddhUuayd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0O3tN9Pf-TzI6A9OC0j_ZhP86-7pbGI8xTTefPcRfLZ9JI0CbSSusaquNNlKZ4Uu8iFTcHE_spEoZDsC_8BE8y0ddhUuayd HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 286
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CI_d_J-qh_wCFcN_4AodtGIBiA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122005121379666138469X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122005121379666138469X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Request Chain 289
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CKGY_Z-qh_wCFdIo4AodHcEI5Q;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022122005121379666138467X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Request Chain 292
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1671509533_7b7cced1-801c-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 296
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIzn_J-qh_wCFWyW_QcdPUkJWg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122005121379666138463X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122005121379666138463X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Request Chain 299
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPmg_Z-qh_wCFfLhuwgddWIJdg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122005121379666138465X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 302
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1671509533_7b7cced0-801c-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 308
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:295063a1-361d-4e00-8d9f-4c459ae8fd05&gdpr=0&gdpr_consent=
Request Chain 309
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 310
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3236300610912310540
Request Chain 311
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3E4CB774-585C-4BAA-AADE-66B7516F7715&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3E4CB774-585C-4BAA-AADE-66B7516F7715&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 312
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3288839038734860477&gdpr=0&gdpr_consent=
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pky3dFhcS6qq3ma3UW93FQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 316
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=235290195 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3E4CB774-585C-4BAA-AADE-66B7516F7715
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0U0Q0I3NzQtNTg1Qy00QkFBLUFBREUtNjZCNzUxNkY3NzE1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENFuhmk7q10txmHu55xtVzM&google_cver=1
Request Chain 320
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3247431370098024696
Request Chain 338
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QIYHB0WDV1VbjF4HENRLUBeHUABbglVSE9TP0yhp
Request Chain 339
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7179078779192801427&gdpr=0&gdpr_consent=
Request Chain 340
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKeXBrN0hRbXdBQUI5YmRLcGRYdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJypk7HQmwAAB9bdKpdXw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3613290900590066763&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJypk7HQmwAAB9bdKpdXw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3613290900590066763%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0
Request Chain 341
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
Request Chain 342
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3E4CB774-585C-4BAA-AADE-66B7516F7715 HTTP 302
  • https://a.audrte.com/p
Request Chain 343
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3E4CB774-585C-4BAA-AADE-66B7516F7715&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3E4CB774-585C-4BAA-AADE-66B7516F7715&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 344
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3E4CB774-585C-4BAA-AADE-66B7516F7715&addseg=19,36,42
Request Chain 345
  • https://pixel.onaudience.com/?partner=214&mapped=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a76e2f70e378fd26/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 346
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685625348156625&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b77473c-85ef-44a2-ab4e-37afbe8c5694&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 348
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3E4CB774-585C-4BAA-AADE-66B7516F7715&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JqX9QZtE2uUmCI2JdC2xuL8BlKU2EIw-~A&gdpr=0&gdpr_consent=
Request Chain 351
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:dc2b5e8e-1d54-4360-9d91-d30acd60c296&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 352
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=088322040039a0053bc7b74a&expiration=[EXPIRATION]&gdpr=0
Request Chain 366
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e8cd9ca8-bce4-4b30-8918-9ae74b50fae3
Request Chain 369
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
Request Chain 370
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
Request Chain 386
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y6E2IQAAAK_PlgAZ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6E2IQAAAK_PlgAZ&gdpr=0&gdpr_consent=&_test=Y6E2IQAAAK_PlgAZ
Request Chain 387
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 388
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 389
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3398606614
Request Chain 393
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgTUnXMTanYTSMQXU
Request Chain 394
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=295063a1-361d-4e00-8d9f-4c459ae8fd05
Request Chain 395
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4389028374836904769&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 396
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3288839038734860477
Request Chain 411
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7131E7A3816D4807AD8A674E72AAA387&gdpr=0&gdpr_consent=

403 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pelotainvernal.com/ 		80 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-201-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
48b4c71365efa44df7c705f5ca9229a5f0028a5a6eef612eebedb9c66cfba6f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:10 GMT
server
nginx
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/ 		160 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/bootstrap.min.css
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23655019
x-jsd-version
5.1.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19165-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"28033-Lut6yvcPnqX8AiDhXoU9TgvRAp8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKPUJIU935UOqPdOtENuRKEGWjWLXMemdC3Ggnsm5Rz6ABH5fQfev5WqfT62LqtbKvZ1HBYqHxYPY90pMp60j8mGnWsbsYZATuc4etQyZFkZpc8WPkIsiT2ciwC1MXRVcE8r0opj9xX%2F1yzt9tM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
77c589c7adcc9b82-FRA
responsiveslides.css
pelotainvernal.com/vendor/slider/ 		490 B
421 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/vendor/slider/responsiveslides.css
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-201-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2017 10:38:14 GMT
server
nginx
etag
W/"59dca316-1ea"
vary
Accept-Encoding
content-type
text/css
site.css
pelotainvernal.com/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/css/site.css?v=2.50
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-201-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
gzip
last-modified
Sun, 26 Dec 2021 10:53:15 GMT
server
nginx
etag
W/"61c8499b-4711"
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 02:26:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 04:12:10 GMT
smart-app-banner.css
pelotainvernal.com/js/smartapp/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/js/smartapp/smart-app-banner.css
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-201-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
gzip
last-modified
Thu, 18 Oct 2018 12:50:23 GMT
server
nginx
etag
W/"5bc8818f-17b9"
vary
Accept-Encoding
content-type
text/css
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69690d82a2e41e82f4dbe6fd851eb7e66b20e41eab4eed6e7f367cc125b66121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49501
x-xss-protection
0
server
cafe
etag
16433612670345498531
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 04:12:10 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1426 / 530 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 20 Dec 2022 04:12:10 GMT
pelotainvernal.js
flower-ads.com/tag/pelotainvernal/ 		231 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3620d28357207cd4b8092fe728bed5a606c78c07d4043ed225b7c3e8e58fa731

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 30 Nov 2022 14:17:03 GMT
server
cloudflare
etag
W/"39a62-638765df-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4O2vSF3Ca6Vzjb%2BfQdH2QMCYfC9h5sClHMzrcF4e37bluHldr%2FA7IBF7su74QvY2IvvL9NHJvM2TxwKe4ovRVVAKFxIrU3yQkc4XRizFWxx%2FgE1AFuOLvJM9bueqd9N1ykqwrYaQ4UJWv81"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=300
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
77c589c8bacd9171-FRA
expires
Tue, 20 Dec 2022 04:16:57 GMT
7902d366eeaba88fdaf00c9aad70217a.png
s3.amazonaws.com/cdn.baseball-new.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/7902d366eeaba88fdaf00c9aad70217a.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Sun, 22 Nov 2020 13:46:40 GMT
Server
AmazonS3
x-amz-request-id
5J4SJJTDEF08R2SH
ETag
"883334535bb63d443032135b065e0884"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
4585
x-amz-id-2
lvBYV0s+IyolVoVTSQOHnk4NrL1KF3yiSguDLxP2UC5kBZG8qZCOflSZeiBzFKmcjUXjeIPkFo8=
f0fb0b8bc2a38afca24fa01fd5f74635.png
s3.amazonaws.com/cdn.baseball-new.com/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/f0fb0b8bc2a38afca24fa01fd5f74635.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Sat, 14 Nov 2020 22:58:57 GMT
Server
AmazonS3
x-amz-request-id
5J4H4JG0Q5STZ3J1
ETag
"c8fac8558e3e9e13ca76375e6b1e95fa"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
11566
x-amz-id-2
kBz84qFKWfipgWovkKXsi0VklZOsqZDJgM0KKa/goOjfEHL4zAYFviOqqrJk+lktp5E7fveUa+o=
bc83c5669a23ea41ef5f755bfbd50ebd.png
s3.amazonaws.com/cdn.baseball-new.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/bc83c5669a23ea41ef5f755bfbd50ebd.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Sat, 14 Nov 2020 22:59:20 GMT
Server
AmazonS3
x-amz-request-id
5J4W52RHQ64BFPD9
ETag
"97c26d2ba9057f036660b0f2c8b181ab"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
12564
x-amz-id-2
QyGSNwoa9YF7SRSqXTB3RFra48f+ZXwN+5NwDAP3VRs8cUG1sUYThovN51+2F5FEXE/NCh2g89Y=
0d180431331e93a791f23a77d4b94122.png
s3.amazonaws.com/cdn.baseball-new.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/0d180431331e93a791f23a77d4b94122.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Sat, 14 Nov 2020 22:59:14 GMT
Server
AmazonS3
x-amz-request-id
5J4MM65MWBFHQJAR
ETag
"1fc02092dc83a776e055b8df83f64b50"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
11790
x-amz-id-2
FiUfpmSSMHd9wJHvmMJUzBiiAYyLWT2pLweWChUOMRbjDF+J11pTZagFoqlTSSataAXSsN8sOmU=
3657a463e594aec7d83697355ad2e541.png
s3.amazonaws.com/cdn.baseball-new.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/3657a463e594aec7d83697355ad2e541.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Sat, 14 Nov 2020 22:59:02 GMT
Server
AmazonS3
x-amz-request-id
5J4JTKCG55CCN6A6
ETag
"1375b3cdbbeb3aa10a2abef1543beafd"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
11177
x-amz-id-2
vNnxIJXC4+YeBblcFUSpUgJ6NkglQ6RL0oMnfeKPW35Ex4JKlvGA9p5dCj1w8xDdSJ+b8ej4yP8=
d8b8a0a312b685f33e63d453b0d2db83.png
s3.amazonaws.com/cdn.baseball-new.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/d8b8a0a312b685f33e63d453b0d2db83.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Sat, 14 Nov 2020 22:59:09 GMT
Server
AmazonS3
x-amz-request-id
5J4H9JDT5TRKT06X
ETag
"d00fe6039c67811cd9e76529a3d298df"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
10968
x-amz-id-2
22T5dELn3J1/kcaCHyJxB6mXPcJsX2P7ta2Omuz/HRLupxIwfX24zvqiWBhBhJ2IH7+ojgXqn80=
9888ecc384811ab5781b0310ae9401a9.png
s3.amazonaws.com/cdn.baseball-new.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/9888ecc384811ab5781b0310ae9401a9.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Sat, 14 Nov 2020 22:58:50 GMT
Server
AmazonS3
x-amz-request-id
5J4WTXQ3GDAN2V73
ETag
"25b21a978a769c711a8cc5c6fe2b22a9"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
10966
x-amz-id-2
M6Ox2XCw9TwWZ9WyQJ6Iey5T0n+MIOxwzvAaqR7qnXVIpQwbhuRyUCf5FvVbubhQ8SQ17nI6zPU=
c7c5d314bd780195ca2739e007b04e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/c7c5d314bd780195ca2739e007b04e63.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Tue, 15 Dec 2020 13:21:55 GMT
Server
AmazonS3
x-amz-request-id
5J4TN8B23C89FX6Y
ETag
"344653c6dda80cd480444be1aef2a807"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
10027
x-amz-id-2
SoitfuY0D9R2JzsV58OMKWJ1s26w7wlzywqbChoOGttX2rkssnObQmPYBt0qvkIaJbhOc2kvMQY=
8f6f2a20b0b9cd88bcff3b93bdd9c615.png
s3.amazonaws.com/cdn.baseball-new.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/8f6f2a20b0b9cd88bcff3b93bdd9c615.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Tue, 15 Dec 2020 13:22:04 GMT
Server
AmazonS3
x-amz-request-id
5J4YMM1D0G2M4E7J
ETag
"f372c04545a398bbcfd0256f8e49d1ac"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
7971
x-amz-id-2
xEpptRdr6CS2Fi2r+Lfxt4UlpxHtBjRwW4jkVt+ZtjXPijnLu6IfEPnzsxrIzyedW5rpjqteQwQ=
fa5ccb26f0dc095843644942bde4b7cd.png
s3.amazonaws.com/cdn.baseball-new.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/fa5ccb26f0dc095843644942bde4b7cd.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Tue, 15 Dec 2020 13:22:20 GMT
Server
AmazonS3
x-amz-request-id
5J4KEYYFFB4GYBW8
ETag
"687caec8c60c4146282dc57feb116506"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
9897
x-amz-id-2
twbGjcLmTw9fUoVdUGtPWgWTrGYWtSfc5kMGJOvWY4Swdi8xF1EmcXeEfkPC0gxtxiDQ7kAjxuA=
0ac73fe9baac5a44d5760cf8eca6394f.png
s3.amazonaws.com/cdn.baseball-new.com/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/0ac73fe9baac5a44d5760cf8eca6394f.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Sat, 14 Nov 2020 22:57:44 GMT
Server
AmazonS3
x-amz-request-id
5J4RJFZ1JW22D5H0
ETag
"757f209841921bd84efe00e6415c5118"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
10369
x-amz-id-2
NgdZmccKXw/rmEae9sepi8NpaYLqwvq83IITwber1ZE5nAcLwPFyvNj5SsadYAOE/1ucwkjlINo=
4a9533cbf5e05f2abc7515331906d891.png
s3.amazonaws.com/cdn.baseball-new.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/4a9533cbf5e05f2abc7515331906d891.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Tue, 15 Dec 2020 13:22:12 GMT
Server
AmazonS3
x-amz-request-id
5J4RA032V851FTCY
ETag
"aad87560e4512c4693466db607703d76"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
8155
x-amz-id-2
iJ2+2dJUuZtZhyY5Ky8CWQHSRBKqCVpmHaceygL/w6bm/8Kt1ghKynmmQc58TshTAnhJm5256KY=
45017492450cd1f4a0003643f186f5a3.png
s3.amazonaws.com/cdn.baseball-new.com/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/45017492450cd1f4a0003643f186f5a3.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Tue, 15 Dec 2020 13:22:30 GMT
Server
AmazonS3
x-amz-request-id
5J4QDJXJ0GEP30JV
ETag
"d5e4057bad41787bb08c8c943e446a95"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
6654
x-amz-id-2
uFvTndcs2Q6YxwNpLgl62uk8iofzLLs9Tuz7vZJ/I+ejVnSWDoKMCfSUbqnpFqcSZHkiG/1xmMw=
0ac7c75550df48fba0d82e80f05a0e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/0ac7c75550df48fba0d82e80f05a0e63.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Tue, 15 Dec 2020 13:22:47 GMT
Server
AmazonS3
x-amz-request-id
5J4M9JCW4SJ6PKJ0
ETag
"e5144af4c4398b7856b08750c111a29f"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
7432
x-amz-id-2
rLWvKY1scdtPG/6sJkHX4sYhfA5rm/rjSGv1A3uk47YXyd1Yv+R3TMwZKkMMQzA0Kbn7RysQpiQ=
b91a8061b0b3557371fed15068f48586.png
s3.amazonaws.com/cdn.baseball-new.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.baseball-new.com/b91a8061b0b3557371fed15068f48586.png
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.152 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Last-Modified
Fri, 28 Oct 2022 15:31:56 GMT
Server
AmazonS3
x-amz-request-id
5J4PE0H78SNSXRSM
ETag
"780b528b59b0bc2a422527bb6507da39"
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
7952
x-amz-id-2
26fvkSC2GJSbHuXziYSnADvdb6WePtl+6BEwlprBkBTe6MZ0Fs8OTSOnp/QIq74+7YZmhUR0JzY=
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKqIhZ0GEp8BCiQ0N2YzMzA5ZS0wZDQ0LTRiNjAtOWM2MS0xMTAyNTllNmE3MTcQ+OiCoKvU+wIaBgia7ISdBiIkMjAwMTphYzg6MjA6M2MwMDoxMDExOjRiYTA6OWY4YjplOTM3KNatAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNjQ1NGJlZjQtNjYzMS00ZTg1LWJkODItYjk3NjRjZWZhMWVlGK3rASIYCAISFGNkczEzMy5mcjguaHdjZG4ubmV0.ErZkzUVGxtV/5e00o+XbjSAoZXX3otGZR76qFEX2kHM=
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15283"
vary
Accept-Encoding
x-hw
1671509530.dop103.fr8.t,1671509530.cds221.fr8.hn,1671509530.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/bootstrap.min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23654679
x-jsd-version
5.1.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19178-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"e753-WcAbHa+/9xO8ID8ILaCWP92iBPQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNRfO1%2F8AQ%2F3vSLkHSsGnXgbSNvR%2FbMrOoYIepb0N6YBsRVvAo5zaKL5EluF9SW9K99W4ddcfeCnxzGoUcHJTgEbHBac7V9VsIQAHpfz0vNCytr6P27QWi99Pvb7QHxcMGb80R38lhKGP3MGZCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
77c589c84ee49b82-FRA
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1070335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15476
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-c909"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OA3zitNTYjmD6m%2F3dXsxetZS9X0WJvjLDxyoS4UZnTQh%2B8myc129u5jS9N1Z4FRzXjwGOkwM121fiayriyC%2BnXK5fVAZLH1%2Fi45llEt99%2F89z%2F6OQ%2BuR2nRJUCH6Vbn8mYhbMx7EE0YXwYZ2VXI%2FPxm7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77c589c89f6f9b2d-FRA
expires
Sun, 10 Dec 2023 04:12:10 GMT
knockout-min.js
cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/knockout-min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2963575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19879
last-modified
Mon, 04 May 2020 16:11:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ecf-ebc2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yz9Hy3u1rOHgUHcyuZylEglCtoitJfat8bv%2BCB%2FyySFqgTtRREyZ1L%2FikY0mRmQYkdQd9Y2geZ39BhnQq%2FSdhimzWXuk%2FcryUahIeM7zj%2BOSIKF%2FYcK64CZaqCBg6Tsn81rXB%2BMrcMsD%2BdQyv2LaAAT1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77c589c89f729b2d-FRA
expires
Sun, 10 Dec 2023 04:12:10 GMT
knockout-switch-case.min.js
cdn-conectate.kiskoo.com/web/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-conectate.kiskoo.com/web/js/knockout-switch-case.min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YZB0H0PG00D97A71
age
2740
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
jQTNtDcBDL8hAlUUwNCFwHEKb9YMwmIzo9QXv4KFYqbwT0MstcMvkOovvnpVNpi/yjkMLvCkSrc=
last-modified
Sat, 13 Oct 2018 08:10:55 GMT
server
cloudflare
etag
W/"c6682e07d18a5a4b0209d9351134154e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FZf3B18YmTQKDli6gnpBf9Jt7o7s%2BeGdeSF%2F6wZxRbxAsn6b%2Bhvyj2gV9rA8uBILPrViQQ9njgd9NgQfOGVqumoGI5SsRLLc5n8Qw5%2FOqij0Ur3fZThjYUcQM9u976Rih1M0LK8FN3AJeJhjWW%2BJ%2FIfDkCJqlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77c589c8a97d917a-FRA
game-socket.js
cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/ 		1 KB
908 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/game-socket.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
R1K5H237TB0KQR1V
age
5246
x-amz-storage-class
REDUCED_REDUNDANCY
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
4NfxDuVUdgww0P5JxkxTFTKt2In/Sa1iHNh64HhNSHnMwiPKFly627Uk/0pbCXEKZb88cakW20s=
last-modified
Wed, 24 Aug 2022 17:10:05 GMT
server
cloudflare
etag
W/"0b6216bc1faa63361b5940d7cea9db21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKi8bLE%2Bi8xPHQchtOJzQE676iHM8%2B%2BdXmiRhBOvg6nF%2Bph4%2FJCWJif1OD2SfsmgsV2JNXPgyBe1zQtVGUHwc1iKbGVQH52S9oC43UmouzsjaBeAVUotae9zNdWygfVwlC83syRdSSqR2L14kElJ%2BS0ENWqxlHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77c589c8a980917a-FRA
responsiveslides.min.js
pelotainvernal.com/vendor/slider/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/vendor/slider/responsiveslides.min.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-201-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2017 10:38:14 GMT
server
nginx
etag
W/"59dca316-d44"
vary
Accept-Encoding
content-type
application/javascript
smart-app-banner.js
pelotainvernal.com/js/smartapp/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pelotainvernal.com/js/smartapp/smart-app-banner.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.201.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-201-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
last-modified
Thu, 18 Oct 2018 12:50:23 GMT
server
nginx
etag
W/"5bc8818f-444b"
vary
Accept-Encoding
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-19230497-1
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
192d4b891be80f8d52f4415fc7f29385107aa248dc0b0f734668bd23881a10c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43581
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Dec 2022 04:12:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 460E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 17:18:40 GMT
etag
10353107486223812946
expires
Mon, 02 Jan 2023 17:18:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		199 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pelotainvernal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
376195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:42:15 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
926277a34899cd4c8f87e0f9f1c24f14a42d1ccb45c75bca0da764c32573dbfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119959
x-xss-protection
0
server
cafe
etag
126126194237215957
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 04:12:10 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pelotainvernal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
41238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 16:44:52 GMT
pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 19:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132161
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 09:39:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Dec 2023 19:55:08 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		127 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pelotainvernal.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c54527742912dc24ffdbc35d926d8d76f016b8258e9ebb94dfb50a729d6901df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84
x-xss-protection
0
expires
Tue, 20 Dec 2022 04:12:11 GMT
cookie.js
partner.googleadservices.com/gampad/ 		403 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pelotainvernal.com&callback=_gfp_s_&client=ca-pub-3139134883708761&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ed3b545a668f246d2af9c897439f0c9753e38bc971fb4fb9c6222537ac10922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B12E 		86 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
627604ac8fcd633d2708e64148060a306869a327a15a3bdcada6e4dd59ea491a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31828
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:11 GMT
expires
Tue, 20 Dec 2022 04:12:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 123E 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671509531&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530970&bpp=1&bdt=176&idt=102&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5iTa8SbArS&p=https%3A//pelotainvernal.com&dtd=105
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62242e4deee928286863fed2f0b3d81dea405e1f055ffe380548eb4d97fe7b9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9830
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:11 GMT
expires
Tue, 20 Dec 2022 04:12:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
fe8a6570027e23af6d729e24846f6602c7acc23543a11379cb440a6c8f0e7391
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 03:43:31 GMT
content-encoding
br
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified
Tue, 20 Dec 2022 03:43:31 UTC
server
nginx/1.20.0
x-amz-cf-pop
FRA6-C1
age
1720
x-powered-by
PHP/8.0.14
etag
W/"e6472f1a0c3ec93ab64d1a0cb0d6d76a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
4VFk42v9_6b6EfNaR6k7sdAJ6imMQ5xIVocsosvrF-zq4qZSWkSQpA==
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpelotainvernal.com%2F&tn=NAV&id=w0&cls=navbar%20navbar-dark%20fixed-top%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7EEA 		386 KB
83 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1671509531&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509531160&bpp=2&bdt=366&idt=2&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90&nras=1&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ea21b87af7fc15e53939c8f710bf48151d874875d16fdf92f75c36a284a275a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
84551
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:11 GMT
expires
Tue, 20 Dec 2022 04:12:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19230497-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 03:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1287
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 20 Dec 2022 05:50:44 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		443 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3346729867802482&correlator=2253141982607970&eid=31071256%2C44780792%2C21065724&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=40135427%2Cpelotainvernal_Video_Intext&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=1276542802&sfv=1-0-40&sc=1&cookie=ID%3Dfc62e9aa8abdda18-226f526a20d9001a%3AT%3D1671509531%3ART%3D1671509531%3AS%3DALNI_MYe7WQ4x-9sAVI7O4mxFDnk9gbutg&gpic=UID%3D00000b9563ec2019%3AT%3D1671509531%3ART%3D1671509531%3AS%3DALNI_MZ7yczpngZJPcjDSCj7nH3qXCeCGA&abxe=1&dt=1671509531210&lmt=1671509531&dlt=1671509530794&idt=394&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42ba92b551ff86a4d5bf838894cb2b183f71b0e313628b8f0a5e5407bade31ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FF78 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:11 GMT
expires
Wed, 20 Dec 2023 04:12:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 09:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Dec 2022 09:21:53 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-78.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Thu, 19 Jan 2023 04:12:11 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1426 / 969 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 20 Dec 2022 04:12:11 GMT
prebid7.25.0.pelotainvernal.js
flower-ads.com/tag/pelotainvernal/ 		316 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=324455
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 18:22:14 GMT
server
cloudflare
etag
W/"4f367-6373d8d6-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0h%2FsAtlXXTx%2B71iBxVDncmIq%2B4MyQZZ4DO%2FkcGXLVFCma6%2BMJdAMzZcjyoQGjUzQ%2Fb126E5IsMsr8Zfht%2FxlbgYb%2FvCjti5v3A7%2Fd0JbGFUE2xTlknBDDHBkXviDunULNYGHujIr1gw4V8Wp"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=300
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
77c589cc1fcd9171-FRA
expires
Tue, 20 Dec 2022 04:16:59 GMT
2717-2424-01.js
t.seedtag.com/t/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/2717-2424-01.js
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a60b2b58d7356ab2c464b18de5fc1614f0c78c9068db9e897ff100da36725160

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
etag
W/"a2e3-JsVm6jp31uW6gN5DpN0YBoTkhlM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
cf-ray
77c589cc99bc9090-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 04:32:11 GMT
pelotainvernal_21072.js
ads.vidoomy.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/pelotainvernal_21072.js
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
0e63307deac3d8aeab68773529536e2d1d9ad4e09749326cbcdf6d9009b49551

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 04:12:11 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
4791
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1903072021&t=pageview&_s=1&dl=https%3A%2F%2Fpelotainvernal.com%2F&ul=en-us&de=UTF-8&dt=PelotaInvernal.com%20%7C%20Resultados%2C%20Calendarios%20y%20Posiciones&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=599537193&gjid=675136669&cid=1846504517.1671509531&tid=UA-19230497-1&_gid=1327323472.1671509532&_r=1&gtm=2oubu0&z=1778157375
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 123E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671509531&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530970&bpp=1&bdt=176&idt=102&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5iTa8SbArS&p=https%3A//pelotainvernal.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
29390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 20:02:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 123E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671509531&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530970&bpp=1&bdt=176&idt=102&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5iTa8SbArS&p=https%3A//pelotainvernal.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 123E 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671509531&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530970&bpp=1&bdt=176&idt=102&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5iTa8SbArS&p=https%3A//pelotainvernal.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 04:12:11 GMT
css
fonts.googleapis.com/ Frame B12E 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 03:36:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 04:12:11 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B12E 		2 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame B12E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B12E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
29390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 20:02:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B12E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B12E 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 04:12:11 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame B12E 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 16:52:04 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 123E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cmy4jGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMEBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5yxh0mAUvpL0_5KAejJDbIA2nNpsQXo9Bmk3oBSF3H3Pv2SNoQwq8YAGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMTM5MTM0ODgzNzA4NzYxGAA&sigh=0BrDhA_iX3s&uach_m=[UACH]&cid=CAQSGwDq26N9NksT_W8qcHMFCVEqbAF2TOKDfH10QhgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671509531&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530970&bpp=1&bdt=176&idt=102&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5iTa8SbArS&p=https%3A//pelotainvernal.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671509531&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530970&bpp=1&bdt=176&idt=102&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5iTa8SbArS&p=https%3A//pelotainvernal.com&dtd=105
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 20 Dec 2022 04:12:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 20 Dec 2022 04:12:11 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 123E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kJq8Et6BMNgFWp2DYgICAAAATSMuoMq38VMQGjahY2ve-HxCbZZ7UWcwABIAAA&wp=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671509531&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530970&bpp=1&bdt=176&idt=102&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5iTa8SbArS&p=https%3A//pelotainvernal.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
188624
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame BBB7 		206 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671509531&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530970&bpp=1&bdt=176&idt=102&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5iTa8SbArS&p=https%3A//pelotainvernal.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
67a27a56f829f85a991a131a1d8aad8782f8a0c983efb020956f9df2decceb06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:11 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=QXIgxuBZbSWKLPylVzlCY3p4EvffFfaZ--aS7tYoNwa-cYrVni_KevKsOwueLN0IPoHg-pPZgDCljUWBH6OuQHponlhfyZYOzwlWFaGpiPrtDZ5gqJxKYjVkuIBR0TUpY0xaIq9n67WlvkBn29g1eKxOO-FMMlmfdpttCPvO9F-iJHN1ssEJgy6qxsBkXfJ26J6HAlFVhsR2cDXTj1ChZ_VM3mpzeu6AnegjoEfWxUFdV7uHYWfI137Hlew"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
119301074
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame B12E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFe8fGzahY6GbBoqr3wPC-KVg946VgG7RxPTe3xCWgs2FiBYQASCtkPQeYJXikIKgB6AB4IHw-CjIAQmpAgwSLhYHzLE-qAMByAPLBKoEzQFP0KLQV9v1g7fPGOeCiA4-tCSva6pqnQWFZijm-2PGw_D9h6M3idboZD-l_lsbKzCev-mt57j1yS7Z6fsQLmAGNU-wW105Dlt5wwmteKb8v3ek1FDPkxAvFQe18x3gtdWlyBruHVrzIjdJYPKiZTtStkVk1vIKNi0ZLx8DkyiVciqoDYOmCitv7wciWAWfeuVquXMIBsIus3B-ytQ2dzjwuUxx-9X5Qp4iiogRdvbeNy5Lpe_tLq1nq_-vtHux8CQWYbBVbN2X64NdvYT2wATbqta4kgSSBQQIBBgBkgUECAUYBKAGLoAH4LnA2AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD6ogLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzEzOTEzNDg4MzcwODc2MRgA&sigh=XQWnXF5Phx8&uach_m=[UACH]&cid=CAQSGwDq26N9XCD-VKgkdFGbcOXEhdkNtWy8GmWCChgBIBM&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 20 Dec 2022 04:12:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 20 Dec 2022 04:12:11 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/15078331772636040490/ Frame B12E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15078331772636040490/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7dd17a3398f4f96f586460691a97fee1390b60a0dbd0708c6d8ec26fcc5fef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 08:55:39 GMT
x-content-type-options
nosniff
age
328592
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15951
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 09:33:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 16 Dec 2023 08:55:39 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7293&url=%2F&charset=UTF-8&ch=4&ref=pelotainvernal.com&viewerId=null&referer=&_firid=43742636
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
787ad832cf564f4797bf01427438be70b2f0ecc7601582ec12c3b5b689c4af93

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
yok984SmNk5w_Vxe-V84WNzCVjRoXOd2W5uHZ3UHfyLtZKufyJP5wQ==
expires
0
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19230497-1&cid=1846504517.1671509531&jid=599537193&gjid=675136669&_gid=1327323472.1671509532&_u=YAhAAUAAAAAAACAAI~&z=121372697
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 20 Dec 2022 04:12:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
st_3.67380afd2d6a27f4bb33.js
t.seedtag.com/c/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_3.67380afd2d6a27f4bb33.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb9c5344328c276197498d83345b3172183680f060a46aa8356547a469083ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
40545
x-guploader-uploadid
ADPycdu5tSsBMnVZMApsKNjWdOqXuU2cSofDxPzRcrF26L2s0wxrzxoNuuNq8XmA8Ix-wIaUxjfaR8bipKPF_D_ZHd8xpw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 19 Dec 2022 16:56:21 GMT
server
cloudflare
etag
W/"c1937fa788daccccc0bebdf02a47a751"
vary
Accept-Encoding
x-goog-hash
crc32c=imydtw==, md5=wZN/p4jazMzAvr3wKkenUQ==
x-goog-generation
1671468981951908
content-type
application/javascript
cache-control
public, max-age=31495453
x-goog-stored-content-length
19734
cf-ray
77c589cd786b91d1-FRA
expires
Tue, 19 Dec 2023 16:56:24 GMT
st_2.3a6c01d6b1aa61ea9094.js
t.seedtag.com/c/ 		374 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_2.3a6c01d6b1aa61ea9094.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3f2148646b7fd2c8c2c3d1b64dc830f0d0a3716dfcf621b69bb555067fff47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
40545
x-guploader-uploadid
ADPycdsZ4C-DwgoC4WdpOgVXi24tGYNGec1Bpof6bH6MCUkkLpZABOnCRAIS-zcgu0D-D57Hh_EEkTzWavVeFCTSo--9AQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 19 Dec 2022 16:56:21 GMT
server
cloudflare
etag
W/"6eeb5c75156ede0e2e2ffc8b58b7a47a"
vary
Accept-Encoding
x-goog-hash
crc32c=+Mp1NA==, md5=butcdRVu3g4uL/yLWLekeg==
x-goog-generation
1671468981993026
content-type
application/javascript
cache-control
public, max-age=31495453
x-goog-stored-content-length
103552
cf-ray
77c589cd786c91d1-FRA
expires
Tue, 19 Dec 2023 16:56:24 GMT
truncated
/ Frame 123E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be042b5ec89a840399f6d690dc38113fa63c80e6edd8537ed95d5b41c267fccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa0a235a0edb76846d6a656d6b81b3308d36d4f3411cb6c73df7b15da0782ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52347
x-xss-protection
0
server
cafe
etag
10991984308195028232
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 04:12:11 GMT
truncated
/ Frame B12E 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78abc714e4de74fba42b97a9b45115faaa7d24df22975972e306ebd0094fe5ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame BBB7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 04:12:11 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame BBB7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 04:12:11 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BBB7 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 15 Dec 2023 04:12:11 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame BBB7 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 15 Dec 2023 04:12:11 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame BBB7 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zgIUTvJ9tLJ093hRnTZ03316vaa8SMcCHI9ccCGQg5zmbAvVzq7X6lbOVq33Rl-nr4BXcEzHbX5UwH6apQnftiZQD0BssYq11sXZf-m-FqZC1uxvZobet3DjGFZg78NEgqaQ3BmXcordY8dNJarfvT7gsVMS1ZLi8VRQNbm8VUa0jpKfV_gWxp9gOf8uKMCfprDpcmHKkQ4sUo0b50W7Z-HJh7WgnXWVY6rMnUcLkayxjjEQVJ937yTbyrRAfhchkid4gu0V3fqT7niI-GYSSej2CmQbQfvuWApIYa_NoJw5g-9cbYfbyG3zo_NlaIkYz_8dt3M7ogph3o0_SjEARvnaQpiFx-luhdy0oH53hiD9PnZK8jWOZW8NbLSutvxWuYMNb7vVxUH3R9PCTd6_R6DbFhSGRA1VbiN8pymd3Oiw7DPW
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3086517
expires
Mon, 26 Jul 1997 05:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B12E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
41239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B12E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
376196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:42:15 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 20 Dec 2022 04:12:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
257323
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=MewNg3x6K2RJVEVJU0dwMFhMb05JN0pSYkhyZ3hhUzBCcUxUQTl4RDBtRytqYzlHcmtmek12bGNRSzZCOGQzY3RNSzgvazZMaE4vMFlFYW5FeXVXWnVvWUxYQjQwdEZZdkkwVTdGNHdGVnZ2Y3l5TDZWSi93SHUrcStoSE...
367 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=MewNg3x6K2RJVEVJU0dwMFhMb05JN0pSYkhyZ3hhUzBCcUxUQTl4RDBtRytqYzlHcmtmek12bGNRSzZCOGQzY3RNSzgvazZMaE4vMFlFYW5FeXVXWnVvWUxYQjQwdEZZdkkwVTdGNHdGVnZ2Y3l5TDZWSi93SHUrcStoSExDT2FuL0xuWi9lZS9uMURGbWZ5WDJySlA2UFRKTFpBVndZK3B3dmVlZDJuc2t1NnR6MU9aUlNmUWY3NjNHTGlIdW15c283ZEw1TUFiQlk5NnNVekVMOXUyTTBRMlRBUlU2R3dtUXhhZTJqRUtOQWR5eXFXQVR6OUJYMy9NYStvTzFCalVWUHJlfA&cppv=2
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f391a52df51aab990e5ee9482e92d051babb1f604f03ba4ca7fc72ee96f44aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1131872
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=MewNg3x6K2RJVEVJU0dwMFhMb05JN0pSYkhyZ3hhUzBCcUxUQTl4RDBtRytqYzlHcmtmek12bGNRSzZCOGQzY3RNSzgvazZMaE4vMFlFYW5FeXVXWnVvWUxYQjQwdEZZdkkwVTdGNHdGVnZ2Y3l5TDZWSi93SHUrcStoSExDT2FuL0xuWi9lZS9uMURGbWZ5WDJySlA2UFRKTFpBVndZK3B3dmVlZDJuc2t1NnR6MU9aUlNmUWY3NjNHTGlIdW15c283ZEw1TUFiQlk5NnNVekVMOXUyTTBRMlRBUlU2R3dtUXhhZTJqRUtOQWR5eXFXQVR6OUJYMy9NYStvTzFCalVWUHJlfA&cppv=2
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
542411
content-length
0
expires
0
localstore.js
script.4dex.io/ 		483 B
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:11 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2288460
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4V21QSM8L9Nszhpe09BOgUiB7MLaUeXL3ds8e8f8A0vN13ia0Y%2BE13VaPzE5allOJTDPOcWsBPzF%2FpFdJX3YkbwrOtzNI5sYiAI9D2Wak%2B6TCn7V%2Fx%2BRCPoxvXUGR9flc0GfKXgqr7OQX9z"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
77c589ce68c9bbc1-FRA
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 97FA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671509531&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530962&bpp=4&bdt=168&idt=89&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=2059707994738&frm=20&pv=2&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ez8mJ76jEU&p=https%3A//pelotainvernal.com&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 10:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:55:03 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 898B 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 14:10:33 GMT
etag
10353107486223812946
expires
Mon, 02 Jan 2023 14:10:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 8182 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 14:10:33 GMT
etag
10353107486223812946
expires
Mon, 02 Jan 2023 14:10:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame D38D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 14:10:33 GMT
etag
10353107486223812946
expires
Mon, 02 Jan 2023 14:10:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
animejs.js
static.criteo.net/animejs/ Frame BBB7 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 04:12:11 GMT
40c31d6c9be340ddb5c22bb4a65ebd7c_cpn_728x90_1.jpeg
static.criteo.net/design/dt/71093/221209/ Frame BBB7 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/71093/221209/40c31d6c9be340ddb5c22bb4a65ebd7c_cpn_728x90_1.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
33a832e0187c1fb90afe0194aabe994bf01bca1090a92770710b069785fa28cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 09 Dec 2022 23:36:22 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6393c676-605f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
24671
expires
Fri, 15 Dec 2023 04:12:12 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=71093&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F69968%2F200319%2F70a5634dc08c484a92b4a51841bcf0ce_unitednudelogo.png&v=3&w=256&s=wBNc6roEcaqu2bmRcGtIjjnX
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
cab7abc780dd76f3950a283b57a034bebab49320c848b082e9d4cec0a81a912a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28583462
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5326
expires
Thu, 16 Nov 2023 00:03:14 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=71093&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F71093%2F210512%2F953a3aefdede4761b9d7e1b08c96c144_img_horizontal_1.jpg&v=3&w=1200&s=f8ME7R-5dfbmgyyh5gp2Ji52
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ba6e4b4672c5aa32c2ef79639ae5199bd4f40fd0c082e3cb64d5795ced601975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29390684
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13584
expires
Sat, 25 Nov 2023 08:16:57 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fgrip-fold-lo-tokyo-outside.jpg%3Fv%3D1661877314&v=3&w=800&s=K_Vp-9FpAUDYcncum_haNHcY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d284e2625f853bee95ea01ce2ad254f5337030874162c5d1754906dd6fc4c50e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30559699
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5172
expires
Fri, 08 Dec 2023 21:00:31 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fmobius-hi-silver-1-outside_87fca051-6bc8-4117-873d-ab51c8113c7b.jpg%3Fv%3D1645134564&v=3&w=800&s=nludpzwJmMkxQ9gVh-jDFtXM&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
5c667f87a503d25310f982a5b2fba6006b5dea2d7f90be48158b8a89f1050686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29218144
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5818
expires
Thu, 23 Nov 2023 08:21:16 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fpolar-pocket-ushuaia-outside_2.jpg%3Fv%3D1670490840&v=3&w=800&s=wuei5Y6UjCfJrRF5o4YrmUHk&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
bcc1ce2289e1c314c7484935630d6519a714a6e5b11c3403263ffed61f6d4acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30586325
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7128
expires
Sat, 09 Dec 2023 04:24:17 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fmobius-long-boot-hi-mono-outside.jpg%3Fv%3D1670490894&v=3&w=800&s=LFdnuwlqz772L-XyjApED0Nl&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
dae46245ef1fe990e750fcdd709692b086e17b1790ea3782e9bfbf8561be441c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104735
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8774
expires
Fri, 15 Dec 2023 04:24:27 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fdelta-run-dusk-out_85b1e87f-32e7-44d1-8b73-20a6efcdfd2e.jpg%3Fv%3D1638482954&v=3&w=800&s=0TJqthY8CTCZK9oPG_xPQpRV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
05730f7369bae301ec35fd07bb494a2aa0fe53ad02a01474a2e4077f33ea73db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30788520
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6914
expires
Mon, 11 Dec 2023 12:34:12 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fnomad-lo-olive-1-outside.jpg%3Fv%3D1645133900&v=3&w=800&s=oEZj6RUaDbSdGH402YkDVrnm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b394ca600b7f316e3fa68fd926f88179babffc0f84ac3ba6666f4c61e8adcd38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29763634
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13624
expires
Wed, 29 Nov 2023 15:52:46 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Feamz-fab-bootie-black-1-out.jpg%3Fv%3D1666763803&v=3&w=800&s=TnUKUamlGsuPvPvDc_pGgcJt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b598f07c0cccbe32bc18f8ecfb968c014cc2984788f7260f117c25a9579b53eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31277462
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4102
expires
Sun, 17 Dec 2023 04:23:14 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fstone-lace-up-ii-natural-1-outside.jpg%3Fv%3D1645134235&v=3&w=800&s=FXOZ3joCMA4ESLtRMoTgPF5l&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
894b1315778a681aeaeedaf7fec0f4ae4f7cd659d586339e4f46d61c485b4ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30435858
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5316
expires
Thu, 07 Dec 2023 10:36:30 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fspace-kick-max-women-mono-pavement-1-outside.jpg%3Fv%3D1631849033&v=3&w=800&s=5J7gqXYKZWKLt10iqzYaj2AR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
762da8b35ea43269689a85dd6ee90d16ea187d9e65e98f783737a703bc127661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29405065
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6320
expires
Sat, 25 Nov 2023 12:16:37 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fnomad-lo-fiesta-1-outside.jpg%3Fv%3D1645133908&v=3&w=800&s=s2C-Cz7NZOO9CqY86N-tZCS6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
de0cde443b7490d3341b9b134e25ee0fd21a947e2362d45fc35bc06057d61519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29759422
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17056
expires
Wed, 29 Nov 2023 14:42:35 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fnomad-lo-black-1-outside.jpg%3Fv%3D1645133925&v=3&w=800&s=ADF90bLO-CzK5DrlOHYzSWcA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4ec034e58da40169ef924f670a88750b61aa03c6228365144524348d77760cb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29748570
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8048
expires
Wed, 29 Nov 2023 11:41:42 GMT
img
pix.eu.criteo.net/img/ Frame BBB7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Ftech-sandal-mens-white-out_8cf13132-e908-4772-9e6e-828fdc0f7c16.jpg%3Fv%3D1623410433&v=3&w=800&s=woP153wXPaTBXcw8ro1xwNTG&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
2bf340d8507d6f7d8b94de5273872c3b920305afe8d2e81f86475d4bcf0f4754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29147686
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4014
expires
Wed, 22 Nov 2023 12:46:58 GMT
all
csm.eu.criteo.net/ Frame BBB7 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=QXIgxuBZbSWKLPylVzlCY3p4EvffFfaZ--aS7tYoNwa-cYrVni_KevKsOwueLN0IPoHg-pPZgDCljUWBH6OuQHponlhfyZYOzwlWFaGpiPrtDZ5gqJxKYjVkuIBR0TUpY0xaIq9n67WlvkBn29g1eKxOO-FMMlmfdpttCPvO9F-iJHN1ssEJgy6qxsBkXfJ26J6HAlFVhsR2cDXTj1ChZ_VM3mpzeu6AnegjoEfWxUFdV7uHYWfI137Hlew&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 04:12:11 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BBB7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 04:12:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BBB7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6E2GwABkecKd_HDAArZmeLOTO3fDpr-tLzFUQ&u=%7CeIFf7BEvoTBl8rbcgcenQQbjx1BtfLqZC7%2B%2BJ8nO%2FxU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA98ggG56JZ8AF1tpKuTZfCi876G--Bj2jZ_2GjVAXcd9pvUb08Uy88H74iaTJw0uCFHo3AdP4_MUVr4LmyGy-QnEynbkNs9y1lYyu5MoNo635HkamcuoADM1jk_ii15qrG7xv2mMRC1nicBaM48QKEmyIteji1yrPriK4xpeCnNow4JeVv59lRPTOjg7gkIsbSDF4nKc-QqiO08UBRefI590kaRI2ZqbAx0WRBJrbYKLeAJda3_uFtUji_zOPM5Tya_b9afGtmyFjD7eCaRd2tW9zruCixmk_St45Wtxw6Mib1kdijHkzFwoAYEFgh_KkJH748VTr6BwqJx4tNiC2UPlXEY0mZWREYRBvor2AAAX9GcSxDVjQ31LNrkoA9TtYEo_3eztVa-2CINW7kY6FnGESeRD3ez1elLvyaPkDyhU4skncU3igTQZseMszCg1IWWDMOdZD2YCqWjZMb_qgbMIc4-3tH7jb-HA_fk908lo2EVKBi2-ocPVidm5iv74KrsckdjT4qycgt2dixqqV3Hxe8yDYYrXGEv1GxWbl3MR8vagSb99RSkjIUEoIVtBjD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9xFTGzahY-ejBsPj3wOZs6vYC8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzEzOTEzNDg4MzcwODc2McgBCakCDBIuFgfMsT6oAwGqBMQBT9C7pJw6Y7T0wpyCgpKRzGQGHU7AOREoqBNXzPqw63JuzNhuoIUHdoThbzM7vL0TqR9r_L9q2RJDbdjP2WXVR_hRtoAT61oeS4O1jvmq_Ae_dSQvmeYgXhSd_EIeuwPL7c-85XnRlJn1iP9zLubWr6D2UeCw4WSPv9itD460mws60GhUIeLlfXR9MesYti-e9-niAZy2-cZj5ywj0EGGOR1o7C0cbpGTUSbOlc5m93ATHuuDaCkjLsLRk3wIC4g5Tnn-D4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3wrHEhofBJZtX0epd-vA5JnsNHIw%26client%3Dca-pub-3139134883708761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 04:12:12 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=MewNg3x6K2RJVEVJU0dwMFhMb05JN0pSYkhyZ3hhUzBCcUxUQTl4RDBtRytqYzlHcmtmek12bGNRSzZCOGQzY3RNSzgvazZMaE4vMFlFYW5FeXVXWnVvWUxYQjQwdEZZdkkwVTdGNHdGVnZ2Y3l5TDZWSi93SHUrcStoSExDT2FuL0xuWi9lZS9uMURGbWZ5WDJySlA2UFRKTFpBVndZK3B3dmVlZDJuc2t1NnR6MU9aUlNmUWY3NjNHTGlIdW15c283ZEw1TUFiQlk5NnNVekVMOXUyTTBRMlRBUlU2R3dtUXhhZTJqRUtOQWR5eXFXQVR6OUJYMy9NYStvTzFCalVWUHJlfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 20 Dec 2022 04:12:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
382706
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pv
s.seedtag.com/c/ 		987 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/pv?token=2717-2424-01&device=desktop&fullUrl=https%3A%2F%2Fpelotainvernal.com%2F&cache=1671509532131&v=-&ft=true
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.3a6c01d6b1aa61ea9094.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
via
1.1 google
server
nginx
etag
W/"3db-d56IUQUr0/Vgjj1mzqd29BR6edI"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pelotainvernal.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 04:12:12 GMT
AN-X-Request-Uuid
514a9362-ba18-4f1a-a727-f4a2150df159
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.25.0
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bf64e810161eaeea8c038b4e5831e6b302441bc6149fcbcb1eaff645b61c98af

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pelotainvernal.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=910000
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e74cb387fb789e9e1409512f055dce5e65f458fd0993480ce21b24028d4e33

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbiMM29IDhLI3fr36x4GdtOhVPazF3yg9gDIfpnn49c2O%2BPTOJK7EO9y4e8ru%2FdqMaRhascd8T46KAoQifM%2BgopjHySj6q2aeHDHAjjJd%2BvkmxWOTYr7wlHQJ62qz2DYzKb5KSGy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77c589d01b749a3c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		376 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=10&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=2e236f4e-e576-426b-8ba5-5b8439c05f97%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&tk_flint=pbjs_lite_v7.25.0&x_source.tid=68da1460-e657-432d-9b4e-7d05012ddea0&l_pb_bid_id=92af61db9e5d4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&slots=1&rand=0.2605085159967677
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5754871e0d03e11dd72bc7db599cdb3645786b14e5fe57f1e7b2dc8a3f0cd2b3

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
376
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		373 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=2&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=2e236f4e-e576-426b-8ba5-5b8439c05f97%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&tk_flint=pbjs_lite_v7.25.0&x_source.tid=45c485f5-46a7-45c3-87a9-e3f2af99697d&l_pb_bid_id=1026dc622b0530f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&slots=1&rand=0.1720123205045394
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
24c77f61feb1ebd80196339e9368f7dd0c32ca142227502d18eba2991bfe76ea

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
373
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
mp.4dex.io/ 		114 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d4e1134b6d96d1fdb5997de81524112972dab3deddf8f5eb4e0caa19092ac2

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
77c589d04a1a9a18-FRA
expires
0
prebid
prebid.media.net/rtb/ 		338 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU15JWV5
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
43822e61b0e5a1519e4eb4bcbae9d64892cb7083647ca07549addaf661f205e2

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 20 Dec 2022 04:12:12 GMT
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
css2
fonts.googleapis.com/ Frame 898B 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 02:50:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 04:12:12 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 898B 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 22:06:14 GMT
x-content-type-options
nosniff
age
21958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 19 Dec 2023 22:06:14 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 898B 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 03:00:31 GMT
x-content-type-options
nosniff
age
4301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 20 Dec 2023 03:00:31 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 898B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 06:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
79154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8084
x-xss-protection
0
server
cafe
etag
2222875591315018765
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 06:12:58 GMT
css
fonts.googleapis.com/ Frame 8182 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 02:26:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 04:12:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8182 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 8182 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8182 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
29391
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 20:02:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8182 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8182 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 04:12:12 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 8182 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 16:52:04 GMT
1eaa1e49c6d827e7897bafa951c60a71.js
www.gstatic.com/mysidia/ Frame D38D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 07:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4197
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 07:28:38 GMT
890d6e0a5dc19f9d14ccf82aa8feec6a.js
www.gstatic.com/mysidia/ Frame D38D 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 18:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4446
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 18:17:44 GMT
css
fonts.googleapis.com/ Frame D38D 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 02:41:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 04:12:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D38D 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame D38D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D38D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
29391
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 20:02:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D38D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D38D 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 04:12:12 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame D38D 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 16:52:04 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:12 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1582820
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhlPk7FaFWl4s%2F%2BgopIQYePCP3IlPT9nzYZ7gj9ALDvhXXcc0puhG%2Bw8vywbFmfiyZpHzHSZ9jRyONUZxWC%2BdELPBLYblFSX7q2CU63kO54Eq1cV5sfAiT5RkZPOaet%2FOhNJnCr6zwlimMbq"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
77c589d05cb0915f-FRA
formats.js
ad.lkqd.net/vpaid/ Frame 0111 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKyIhZ0GEocBCiQwOWE5MjhjMS1iNjRiLTQ1MmEtYTg4Ny0yY2QyNzdlOTc0YmIQkKbXzNb5+wIaBgic7ISdBiIMMjE3LjY0LjE1MS44KKrCAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMTJhOTE4MjYtYmUyYy00ZmQwLTlmOWEtNWFiNmNiNDcxZGYyGLWXAiIYCAISFGNkczAzMC5sbzQuaHdjZG4ubmV0.7SzLIIsajITUMUo7ID3LqIK35KJmoDrTtlIu0tyfNng=
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1671509532.cds288.lo4.hn,1671509532.cds030.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 78C4 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKyIhZ0GEocBCiRkNjM4ZmEyNS1kMDQyLTQ4MGMtOTE0Ni01ODVmNjQ0OTc5NGMQkKbXzNb5+wIaBgic7ISdBiIMMjE3LjY0LjE1MS44KKrCAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOWQ4ZjNkYmItZWVkZi00MjQzLWE0MGYtYjU3ZTA3NTQ3NzFkGLWXAiIYCAISFGNkczAzMC5sbzQuaHdjZG4ubmV0.OMciEf1cWiA/pKbjCIIn1XCAOfBNTKh5BR6gMK1RMjE=
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1671509532.cds288.lo4.hn,1671509532.cds030.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 04:12:12 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1671509532260032-426
Expires
Tue, 20 Dec 2022 04:12:12 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=223271723.021023271700261610.7723794
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=223271723.021023271700261610.7723794
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dvidoo...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=115fb7c42e304e84a753b3fe0b5a183d&ssp=vidoomy&bsw_param=4b77473c-85ef-44a2-ab4e-37afbe8c5694&gdpr=&consent=&gdpr_pd=&expires=7
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=4b77473c-85ef-44a2-ab4e-37afbe8c5694
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=4b77473c-85ef-44a2-ab4e-37afbe8c5694
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Server
3.69.201.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-201-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=4b77473c-85ef-44a2-ab4e-37afbe8c5694
date
Tue, 20 Dec 2022 04:12:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58610/occ
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-E3o4GA1E2uFu.wJc0Idj8mBOHHak5IubMIY2QNc-~A
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-E3o4GA1E2uFu.wJc0Idj8mBOHHak5IubMIY2QNc-~A
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Server
3.69.201.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-201-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-E3o4GA1E2uFu.wJc0Idj8mBOHHak5IubMIY2QNc-~A
date
Tue, 20 Dec 2022 04:12:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
quant.js
secure.quantserve.com/ Frame BD81 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.3a6c01d6b1aa61ea9094.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
etag
"StHfV9prSwQMxjKWocWEFw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 27 Dec 2022 04:12:12 GMT
css
fonts.googleapis.com/ Frame 5913 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 03:12:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 04:12:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5913 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 5913 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5913 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
29391
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 20:02:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5913 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5913 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 04:12:12 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 5913 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 16:52:04 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D38D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CqJPRGzahY4vZC6CVjuwPmpC8sArJ6fq0ZsuozoDjDqWwlpzDIhABIK2Q9B5gleKQgqAHoAGN7OTZAsgBAakC3Dn6CcOUqD6oAwHIA8MEqgTVAU_Qfl-lnMd3GK3LlAWZMnB4cHGvVBYgEPe13qDhBmb0P5z2YLu3S0qt6FiOr8hjh_PHWcJrlPtTjernmP87vGIHW0hAQ1iJRGnPr3J2-0TIrLc8WI-0j01IQFTA1oCIk_Z6tz58YIDTdazfFs00zhbSJLHyfjhzoLbHHvBPshMyAcnzCb61F5R4Ob4xVnl8stjLFTqRIo9F4NtDY7y94qZspT1vMUYJTHBjoQO40gTReZj91gngQ9DBdSktRXTS3gdcGRIQrvMgeGxSkwqtXma4G1MkusAE5M-kpswDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBlGAB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-t4B0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzEzOTEzNDg4MzcwODc2MRgA&sigh=Bix7JcAv3jk&uach_m=[UACH]&cid=CAQSGwDq26N9M4wXCWCIjdQDgWRU_t5_OEZGibNW9xgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 20 Dec 2022 04:12:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame C736 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
285
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D38D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce27e04e406e528ca5c99ee0c93213a0c7b597c2b44775f4bf93959acfbf41fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
rules-p-PFW5FesqXn206.js
rules.quantcount.com/ Frame BD81 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 03:49:54 GMT
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1339
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:36:52 GMT
server
AmazonS3
etag
W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
fKPUO0C0T7y2SyjUFf4ZUmLQcxi2prvXV00DPJ3BhBbryce5xbInYg==
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
usync.html
ad.lkqd.net/cookie-sync/ Frame FBB4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 20 Dec 2022 04:12:12 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671509532.cds288.lo4.hn,1671509532.cds074.lo4.c
x-sp-metadata
HS256.CKyIhZ0GEocBCiRhNzNjYjk3Zi00OTQ4LTQ0YTItYmU3Ni0yNjA2Yjg5NDkzMmUQkKbXzNb5+wIaBgic7ISdBiIMMjE3LjY0LjE1MS44KKrCAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkZjFlODg5ODctMzY4Ny00YTIyLTg4YjYtMmU2N2FmODMzNWIyGNoOIhgIAhIUY2RzMDc0LmxvNC5od2Nkbi5uZXQ=.udq67aMRXmwqoJ3t0Wxixpm3ExyvvmmKh4dxQau1fJQ=
ad
v.lkqd.net/ Frame 0111 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=63226746&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
5751c72d565d369e5de7f5bf2fb7fc5c6ec840bb5bed2acce43e1fcaf313414d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1363
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 4D60 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 10:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:55:03 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 9CE3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 20 Dec 2022 04:12:12 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671509532.cds288.lo4.hn,1671509532.cds074.lo4.c
x-sp-metadata
HS256.CKyIhZ0GEocBCiQ0ZjFjYjNhMC1mNzgzLTRjN2MtYjYwZS05NDY3ODUxNmU5ZDYQkKbXzNb5+wIaBgic7ISdBiIMMjE3LjY0LjE1MS44KKrCAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkNGNkNjIyZWItYmU4My00OGMzLThjNjMtNzE3Njk1NjZiNGQ1GNoOIhgIAhIUY2RzMDc0LmxvNC5od2Nkbi5uZXQ=.NvZ5H4rMHB0nnntPm7hp8q+ZitLVk1Nn13udSvQcooA=
ad
v.lkqd.net/ Frame 78C4 		180 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171094&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=2999399&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1CFA 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
285
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3346729867802482&correlator=69789707882145&eid=31071256%2C44780792%2C21065724&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=22304838115%2Cpelotainvernal%2Cdesktop_sidebar_01%2Cdesktop_inread_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x600%2C728x90&ifi=8&adks=2344183488%2C1811199381&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dfc62e9aa8abdda18-226f526a20d9001a%3AT%3D1671509531%3AS%3DALNI_MYe7WQ4x-9sAVI7O4mxFDnk9gbutg&gpic=UID%3D00000b9563ec2019%3AT%3D1671509531%3ART%3D1671509531%3AS%3DALNI_MZ7yczpngZJPcjDSCj7nH3qXCeCGA&abxe=1&dt=1671509532557&lmt=1671509532&dlt=1671509530794&idt=394&adxs=1149%2C275&adys=508%2C486&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=300x600%7C975x90&msz=300x600%7C975x90&fws=0%2C0&ohw=0%2C0&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcf3722b7a177d22818d48ac1fd9e5df9759e4dc4311050e097d1695a60bc9ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18576
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3346729867802482&correlator=69789707882145&eid=31071256%2C44780792%2C21065724&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=40135427%2Cpelotainvernal_Video_Intext&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=10&adks=1276542802&sfv=1-0-40&ris=1&rcs=1&eri=1&sc=1&cookie=ID%3Dfc62e9aa8abdda18-226f526a20d9001a%3AT%3D1671509531%3AS%3DALNI_MYe7WQ4x-9sAVI7O4mxFDnk9gbutg&gpic=UID%3D00000b9563ec2019%3AT%3D1671509531%3ART%3D1671509531%3AS%3DALNI_MZ7yczpngZJPcjDSCj7nH3qXCeCGA&abxe=1&dt=1671509532564&lmt=1671509532&dlt=1671509530794&idt=394&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1edb00bc378034f1e9a52eb3f4d11e3d1314a83db8138c489c83d5d66e4c5b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C736
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:12 GMT
expires
Tue, 20 Dec 2022 04:12:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:12 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 0D2F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 10:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:55:03 GMT
pixel;r=561315222;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-1483985273-1671509532403;pbc=2e236f4e-e576...
pixel.quantserve.com/ Frame BD81 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=561315222;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-1483985273-1671509532403;pbc=2e236f4e-e576-426b-8ba5-5b8439c05f97;ns=1;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;d=pelotainvernal.com;dst=0;et=1671509532616;tzo=0;ogl=;ses=d56404d1-0f92-4593-84ec-5aa8cdbd49a6
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame FBB4
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8bed87d3-8845-4908-abc4-6686be6ff4f2
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8bed87d3-8845-4908-abc4-6686be6ff4f2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8bed87d3-8845-4908-abc4-6686be6ff4f2
date
Tue, 20 Dec 2022 04:12:12 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame FBB4 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FBB4 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FBB4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4461085968874832705
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4461085968874832705
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4461085968874832705
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame FBB4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N8uhxGORT851XXgLnku6MdlAlwg
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N8uhxGORT851XXgLnku6MdlAlwg
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=N8uhxGORT851XXgLnku6MdlAlwg
Date
Tue, 20 Dec 2022 04:12:13 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame 9CE3
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1461268b-c745-4b17-83dd-3a264b38969e
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1461268b-c745-4b17-83dd-3a264b38969e
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=1461268b-c745-4b17-83dd-3a264b38969e
date
Tue, 20 Dec 2022 04:12:12 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 9CE3 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9CE3 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9CE3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 9CE3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=XZTvBJn7S8dwBHVolmfqe9lAlwg
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=XZTvBJn7S8dwBHVolmfqe9lAlwg
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=XZTvBJn7S8dwBHVolmfqe9lAlwg
Date
Tue, 20 Dec 2022 04:12:13 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1CFA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:12 GMT
expires
Tue, 20 Dec 2022 04:12:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:12 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame EA5B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 10:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:55:03 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
t
t.lkqd.net/ Frame B76B 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
t
t.lkqd.net/ Frame CCDA 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 886C 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKyIhZ0GEocBCiQ4NmI4MjEzYi1jMTdhLTRlZjUtOGQ4MS0zMDljODNlYThiNzIQkKbXzNb5+wIaBgic7ISdBiIMMjE3LjY0LjE1MS44KKrCAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMzQ1ZjRlYWUtZGY2Yy00YWYyLWIwZjMtYjg3MThlNDZlN2JkGMXkAyIYCAISFGNkczMyMi5sbzQuaHdjZG4ubmV0.7zxIKGJMhote1EzOrkGVJNrsRfVGXpJIGThKcCkKcJ4=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1671509532.cds288.lo4.hn,1671509532.cds322.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
EQE76HEZ6JXKNVQT
age
3204
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77c589d4af0e925f-FRA
x-amz-id-2
j2Lo9VKgAHpQwSAT5fIm1uW/nR6idej/ZE8Ukdqw1cDFcrTXGGuz81VPr7G/Pn5YZKpafV0Orm4=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26248
x-jsd-version
master
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=876xh%2B%2FKH0nO1WZrtXxmWWL1%2FSnTZ0sLRBmUzEJXXYl%2B%2FoujUq526OtPVDJZz%2BYvPVUj0NZ37mOhGuSZ%2F%2FVwNgKbNpiPfugyJPsWPNovcvv6wBaHhmR%2BZn5L9nt803SkyTzzoZo3d8abhQkQQAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77c589d47b77bbc2-FRA
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 21 Dec 2022 04:12:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B12E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjxv5XBw1T4onYKTduzZaqfSeoSm7vbdWEljqWXTqZDzQdZLvgkC7PHq4lq_AvhE_-UltZXeeTkOihfGQAQuUck-bILLcqeuPO4DrhqUcVw7GwyUVUy9OfirgkyITf_EJYf5oFOA&sai=AMfl-YTa5fn__DG9zR7C-Ej_5w9tTa2LTikMa6H-4AXejfyB7ZZcGi6l2Eah71HRuOwr1pmEXq1fY_AGb2hFjEM&sig=Cg0ArKJSzCru_yBpnWSqEAE&cid=CAQSGwDq26N9XCD-VKgkdFGbcOXEhdkNtWy8GmWCChgBIBM&id=lidar2&mcvt=1030&p=0,0,100,1298&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=88850195&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671509531070&rpt=780&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 104C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:11 GMT
expires
Wed, 20 Dec 2023 04:12:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6367 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:11 GMT
expires
Wed, 20 Dec 2023 04:12:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
ad.lkqd.net/cookie-sync/ Frame 3BA5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 20 Dec 2022 04:12:12 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671509532.cds288.lo4.hn,1671509532.cds074.lo4.c
x-sp-metadata
HS256.CKyIhZ0GEocBCiRkMTg2ZTg3MC1lNjA2LTQ2MjgtOTg1ZS1mNzU1NTkwNzM4MmMQkKbXzNb5+wIaBgic7ISdBiIMMjE3LjY0LjE1MS44KKrCAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkNjUwZWQ2MWQtMzU4Yi00NDdiLTkyOTUtZjg2NTE5MTk4YjI0GNoOIhgIAhIUY2RzMDc0LmxvNC5od2Nkbi5uZXQ=.OyJzEcTK5rCIRI0oxEkyud8Pnx+0yDU64Eg2h4YLAc0=
ad
v.lkqd.net/ Frame 886C 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=63226746&m=&rtv=1&thost=pelotainvernal.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
220a826b046191d348dc5bd3741db99508eb8cf5a6138c407c317ea41949c1a1

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3780
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=63226746&m=&rtv=1&thost=pelotainvernal.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
error_handler.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6367 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 09:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
68207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3136
x-xss-protection
0
server
cafe
etag
5752131211420753933
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 09:15:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6367 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
29391
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 20:02:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6367 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
l
www.google.com/ads/measurement/ Frame 6367 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRSO7kUjeAD6a3qbCf4zqyzSXi8whKsXcC_Os1VpbWQNcfwkk2QMuzvKsMi-gRJ-QFXXstQfZRfzBdrWHvFHZfk66zVw
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6367 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
219418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 17 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6367 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 04:12:12 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 104C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 09:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
68207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3136
x-xss-protection
0
server
cafe
etag
5752131211420753933
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 09:15:25 GMT
increment
id5-sync.com/api/esp/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 0C7E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:12 GMT
server
Kestrel
server-processing-duration-in-ticks
775730
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cs
cs.lkqd.net/ Frame 3BA5
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=5c500637-03b8-47ea-972b-63e52dcc8e22
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=5c500637-03b8-47ea-972b-63e52dcc8e22
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=5c500637-03b8-47ea-972b-63e52dcc8e22
date
Tue, 20 Dec 2022 04:12:13 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 3BA5 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3BA5 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3BA5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 3BA5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
Date
Tue, 20 Dec 2022 04:12:13 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
adview
securepubads.g.doubleclick.net/pagead/ Frame 6367 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUX8rHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-AFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGePCsbNG5swV2NRQVIzyFdO2vfB_wRV2pqzrJHR0ZeFU3Z_DCcmx-AEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzg3MjIyODU4NzQ2MDMzMxjHtXk&sigh=ZoMx0pQ7Ha0&uach_m=[UACH]&cid=CAQSPADq26N9eYutP_L3AUNsp9DzSuGwDBTVNvu97L-X3fEXG3_G3OiHydVOf66l2M2n9g9YCNuFT0X4nEgSUBgBIBM
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 6367 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hws7ghcwbv82tg19eny8nrex6s7czs57xrh2czyyjg3zht00yegy143atdr69e5z8xnymha7dvhgxg3yr2vsg7tbxxvxedzz3a2e9wzppvwtvc0kaqawfsnks3y1hd818s8tnahfm5egyvtwj00ts3d854a30jr26s8hmwxsmztve72362zsermkya2end0bhp2p3vb6wsq6bm37j703gkz51gfwx57qqrrx6mzw5srhtffhcwqmytqczvrhgst2c12vkr0jdvkm5bcve7892k11fv350w59hahreyxmt5w08h9gfpp5mx3ydky7an6c8heztnztzw2v32p3x56esssqqbt94q382jnxg97bczqxmysjjqp9tzdzpaa6tj18c2bfdmx3m&b=Y6E2HAAJGRQH_Z7ZAAeUUaXwfveP8hKVKbxmCA
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 04:12:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 9CBC 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1khwe7700e380hf4rewa700qccwhqchvn9cs74h2pdyzy11gj6v8spqbqjwsmy5zygxhh11qfjhjx9dx6tsh4vzt88nesfb64zn04qqenj5c91xkk1kv8cwxs9v1t70krp7r9eqkq53j21c1eb149te84jdyvng6w6tnb9g0s9jq8fwzd7yg5wntxtf9y7e4j0n5fygydwn281r3gtkf4f0qjm82fkf8c57m90v9rhc6s6jw76vj3kn6svbzn8khn8xp3vv7v8enss0pbyv8zzd36ch9647nayh80mpfxc4140scac1yhwd1s8g3mptq0mnm1cwwezmy5r459vvgxwsphn4q6rbyxw4m9bgc8nkc0vy2j2rspdj323qqxe6q6jez1anme7qt1393m0bxny9xqw0vgrf9zrppyv8v5r7cktc22ay0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%26client%3Dca-pub-7872228587460333%26adurl%3D
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abf62a46b2c61dc1dada57646c1f2639d8dc873aa7542165f14dd75a0f3db366
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77c589d59e6ebb32-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:13 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 07A2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61837
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 11:01:36 GMT
etag
48472445140208031
expires
Tue, 20 Dec 2022 11:01:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
error_handler.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 20BD 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 09:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
68208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3136
x-xss-protection
0
server
cafe
etag
5752131211420753933
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 09:15:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 20BD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
29392
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 20:02:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 20BD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
59572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Jan 2023 11:39:21 GMT
l
www.google.com/ads/measurement/ Frame 20BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRFr3MJU32cdGqMHR8PKUW3qG-grNtHVsuVRiIS5HqbCWqMM5QbJxXNmPoHNPTVhJAsVwUKItJOm8CyV4bVByNYXF3Saw
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 20BD 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
219419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 17 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 20BD 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 04:12:13 GMT
truncated
/ Frame 6367 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
564b6be4c4ec1b5310aa5cf05746ded4d5042f2f7ac4a613125782f62b76cc54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame 0C7E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=sUOIQV9jSlBCMnFseGhlWVR3dHhzbk5mWHpvaldJemlyRjA4NnNoOUolMkJ...
  • https://mug.criteo.com/sid?cpp=jcMcenwxTGQ2cUdIZHVFMzc4NGdJMjB5R3dLTXVrZmdOekE0d0VnMkVmYWhUNlhFbUM4ZmRqUm1ienlra2ZqdmdTSU4zcEhHRVQ3a3FYSURuMGZOaFU2SndsYkRwaDdpZE1jTEVlWk9vUnpuTDA4OGliRVRvTzRzU1AvQU...
444 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jcMcenwxTGQ2cUdIZHVFMzc4NGdJMjB5R3dLTXVrZmdOekE0d0VnMkVmYWhUNlhFbUM4ZmRqUm1ienlra2ZqdmdTSU4zcEhHRVQ3a3FYSURuMGZOaFU2SndsYkRwaDdpZE1jTEVlWk9vUnpuTDA4OGliRVRvTzRzU1AvQU1ucnl6a2RyYUcvVGRjQ24xcW9wdk5jZzB6WXZUODM1M2FaZ25lWVM4VXVDYXQxQUk5MkZGcWYzUUdqV3ZwUHZ1K1E1VU1MTEpRWGhYclQ2eXBXeDN6L2FTN3RZc21wdWswOTU2SWJMeGZiQ3lzdHpDWm1HVVQ3Z3BmRWZUbU5vU3RnbFc2b05QTVBoRmtRdkl3OUx0bjdSWmdtaEZvZEtlY1dMS2JCd25wRFBhZFMxSnAvbz18&cppv=2
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a70efde4c6eeeb2c9e0befe3f3f9dc4ee442eb4d5d9349b01028a2925333bb35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2109057
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=jcMcenwxTGQ2cUdIZHVFMzc4NGdJMjB5R3dLTXVrZmdOekE0d0VnMkVmYWhUNlhFbUM4ZmRqUm1ienlra2ZqdmdTSU4zcEhHRVQ3a3FYSURuMGZOaFU2SndsYkRwaDdpZE1jTEVlWk9vUnpuTDA4OGliRVRvTzRzU1AvQU1ucnl6a2RyYUcvVGRjQ24xcW9wdk5jZzB6WXZUODM1M2FaZ25lWVM4VXVDYXQxQUk5MkZGcWYzUUdqV3ZwUHZ1K1E1VU1MTEpRWGhYclQ2eXBXeDN6L2FTN3RZc21wdWswOTU2SWJMeGZiQ3lzdHpDWm1HVVQ3Z3BmRWZUbU5vU3RnbFc2b05QTVBoRmtRdkl3OUx0bjdSWmdtaEZvZEtlY1dMS2JCd25wRFBhZFMxSnAvbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
560239
content-length
0
expires
0
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 9CBC 		89 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1khwe7700e380hf4rewa700qccwhqchvn9cs74h2pdyzy11gj6v8spqbqjwsmy5zygxhh11qfjhjx9dx6tsh4vzt88nesfb64zn04qqenj5c91xkk1kv8cwxs9v1t70krp7r9eqkq53j21c1eb149te84jdyvng6w6tnb9g0s9jq8fwzd7yg5wntxtf9y7e4j0n5fygydwn281r3gtkf4f0qjm82fkf8c57m90v9rhc6s6jw76vj3kn6svbzn8khn8xp3vv7v8enss0pbyv8zzd36ch9647nayh80mpfxc4140scac1yhwd1s8g3mptq0mnm1cwwezmy5r459vvgxwsphn4q6rbyxw4m9bgc8nkc0vy2j2rspdj323qqxe6q6jez1anme7qt1393m0bxny9xqw0vgrf9zrppyv8v5r7cktc22ay0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%26client%3Dca-pub-7872228587460333%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1khwe7700e380hf4rewa700qccwhqchvn9cs74h2pdyzy11gj6v8spqbqjwsmy5zygxhh11qfjhjx9dx6tsh4vzt88nesfb64zn04qqenj5c91xkk1kv8cwxs9v1t70krp7r9eqkq53j21c1eb149te84jdyvng6w6tnb9g0s9jq8fwzd7yg5wntxtf9y7e4j0n5fygydwn281r3gtkf4f0qjm82fkf8c57m90v9rhc6s6jw76vj3kn6svbzn8khn8xp3vv7v8enss0pbyv8zzd36ch9647nayh80mpfxc4140scac1yhwd1s8g3mptq0mnm1cwwezmy5r459vvgxwsphn4q6rbyxw4m9bgc8nkc0vy2j2rspdj323qqxe6q6jez1anme7qt1393m0bxny9xqw0vgrf9zrppyv8v5r7cktc22ay0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%26client%3Dca-pub-7872228587460333%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
573899
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKtONMdIqKirGZaqSWGXdsjC%2FcPgogS57%2Faoxn6tjdYv8LfHu%2BH2xUbtkkdUWVovKekNfsdUalZmKjV6xVQA53adCXmPXoK2QvWzppJ0do9658S0P%2Fma13xCl3ToU1u%2Fhj7G6zkjBYc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77c589d618ed68fe-FRA
expires
Tue, 20 Dec 2022 05:12:13 GMT
r62eglto.js
ad4m.at/ Frame 9CBC 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1khwe7700e380hf4rewa700qccwhqchvn9cs74h2pdyzy11gj6v8spqbqjwsmy5zygxhh11qfjhjx9dx6tsh4vzt88nesfb64zn04qqenj5c91xkk1kv8cwxs9v1t70krp7r9eqkq53j21c1eb149te84jdyvng6w6tnb9g0s9jq8fwzd7yg5wntxtf9y7e4j0n5fygydwn281r3gtkf4f0qjm82fkf8c57m90v9rhc6s6jw76vj3kn6svbzn8khn8xp3vv7v8enss0pbyv8zzd36ch9647nayh80mpfxc4140scac1yhwd1s8g3mptq0mnm1cwwezmy5r459vvgxwsphn4q6rbyxw4m9bgc8nkc0vy2j2rspdj323qqxe6q6jez1anme7qt1393m0bxny9xqw0vgrf9zrppyv8v5r7cktc22ay0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%26client%3Dca-pub-7872228587460333%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
597234
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BYn6JnUSen0b7yHABoj1QRZME5olDcFgdsy5TuyrkofpBpxliShv8f9OZz1zkshO5eVItIFp5D0yz%2FMTWaDcE1rBtPz5xs2JDMJ4aYu8wY0f0KL%2B95g3Y8pQKkikBMLcnAbMI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
77c589d60f1cbb32-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Dec 2022 06:18:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 20BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWiiGHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6frMJtPBHzXZ27BHNHeZCV9B0OhzSclOpkv6nrr5zJhaL7AalVEdB-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzg3MjIyODU4NzQ2MDMzMxjHtXk&sigh=oXQLbUf4vI8&uach_m=[UACH]&cid=CAQSPADq26N9eYutP_L3AUNsp9DzSuGwDBTVNvu97L-X3fEXG3_G3OiHydVOf66l2M2n9g9YCNuFT0X4nEgSUBgBIBM
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 20BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kjyv7pghs2rqdamk7n5k0qhg9fbtenakyr3r03rmp2dh5pckar64jr3q29dwskn9n7r65xwxak5v7rv547tfk8awt7m9zxa4mjk8g8y4b9vhyep0a031pxd42gg7vr74620eaab90wpsnx7rwpm1kvkstbrfrmpn2amsm8nwrvtc22ge9zcm57cwz2wp6t2sjkw4y36ce5mktfyfx5eg63c1mex92n67c16ytkwsgcr8ed7g47gad2m1x47eacqagkm96phw9m2gnj0jtv7wkf8z17e8cm35v0tckzd7efwcs957smsm15rv9yf1c86k70e4vcrbr774w4p7ck12fpea9md2edchpkwdqk4mm8zm8cnygb8h7b9720ejkrm0w2h6b171r&b=Y6E2HAAJGRMH_Z7ZAAeUUWQ5OlhIiC2Zcdk8Tw
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 04:12:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame DB6F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g6h28ap4rc4fcywaa8w3tajqnx1mezzrvv8rkbqshjz98pdmp8ec6krqkrmck4b0jny1k4g8c3csx2w3mnth4jw80s6w60jnsqf6nyr7nnyajs1jk3gxfk46fjgv7ezjdsxs2h4aj2y86en6ryhsdk3tpwnpmxpvbehkjqkrybpv6x9penmeewymkarw88qw7y5dn2e0vw8p8knmhnk0brmkp8veggrpq1k5fntsy4gf1tq1gftbqe3cxm89ehyf86yv1qhx160ykhf1mg0fz3cwm2r17yh724gdw2629d39x77pbsnk8k4amf3azs8ng9dy2kbkx35hjdsz1174rfzn9hv5smd2dt5zfhz5vwk7hvjmjgmzje7hf0h3r6w93b4zvcby14btv2bzhcetdgcqnhzqftbzvjhmenx1b6bmrv7rr4tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%26client%3Dca-pub-7872228587460333%26adurl%3D
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc9789ee3ba46e75c37f7473135f4763533299bdbea5f2cc243c02459f35a08
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77c589d618f768fe-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:13 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AEDB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61837
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 11:01:36 GMT
etag
48472445140208031
expires
Tue, 20 Dec 2022 11:01:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 07A2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1&google_push=AavPq0PdlQyU5H5E3yd29TJ0CVYOIXNEuuyhSW1gLcajrDTKT8l3ddR8PBP_eznft1bEr6csgURalPw0tWOAoX09_TNvD6QIfEc
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM4OTAyODM3NDgzNjkwNDc2OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 07A2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKpYqB5eF_6th6HkMd6fBIc&google_cver=1&google_push=AavPq0NIHAcK_TUrvfpaxRMUjgbUmxdlLfJ3iXVNO1tn_0AUZ9rjRkSjWF4bt9SbF_S3g8owSFqcrfN6vKh_3b14...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0NIHAcK_TUrvfpaxRMUjgbUmxdlLfJ3iXVNO1tn_0AUZ9rjRkSjWF4bt9SbF_S3g8owSFqcrfN6vKh_3b14a9vfYLeBAcvN
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0NIHAcK_TUrvfpaxRMUjgbUmxdlLfJ3iXVNO1tn_0AUZ9rjRkSjWF4bt9SbF_S3g8owSFqcrfN6vKh_3b14a9vfYLeBAcvN
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 20 Dec 2022 04:12:13 GMT
Server
MT3 254 34fcae8 master nrt-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0NIHAcK_TUrvfpaxRMUjgbUmxdlLfJ3iXVNO1tn_0AUZ9rjRkSjWF4bt9SbF_S3g8owSFqcrfN6vKh_3b14a9vfYLeBAcvN
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Dec 2022 04:12:12 GMT
pixel
cm.g.doubleclick.net/ Frame 07A2
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEA52fGAn8yutUOikslAGlWw&google_cver=1&google_push=AavPq0OWtIoebRGJclk32B-3nMjkeXp6-nt14jDW054vEPZwOO5OWrGfsNgq6OZTVrif1PCFv7S_WyKhe03dvzbIiyYt9P26kn2u
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7131E7A3816D4807AD8A674E72AAA387&google_push=AavPq0OWtIoebRGJclk32B-3nMjkeXp6-nt14jDW054vEPZwOO5OWrGfsNgq6OZTVrif1PCFv7S_WyKhe03dvzb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7131E7A3816D4807AD8A674E72AAA387&google_push=AavPq0OWtIoebRGJclk32B-3nMjkeXp6-nt14jDW054vEPZwOO5OWrGfsNgq6OZTVrif1PCFv7S_WyKhe03dvzbIiyYt9P26kn2u
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Dec 2022 04:12:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7131E7A3816D4807AD8A674E72AAA387&google_push=AavPq0OWtIoebRGJclk32B-3nMjkeXp6-nt14jDW054vEPZwOO5OWrGfsNgq6OZTVrif1PCFv7S_WyKhe03dvzbIiyYt9P26kn2u
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 19 Dec 2022 04:12:13 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 07A2 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEODPbR_J-Clk8_S8QQbF6z4&google_cver=1&google_push=AavPq0MmMAz93zLnULKyLRroUevmr5of-_deA55WR6qi8tzEcTjHO8ZRQveGbNKHTKnxa5ld6tnbW7WUchZUy6Vluczxpt-zzzMK
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 07A2
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKANiZS5TWfiyAABVixNlQ8&google_cver=1&google_push=AavPq0NBZrTHg4T5ykjf5NpUQZbvBXEUD2f42LdjGPjP3qx4UtMoyWCiZ1ByPVISwMCsfWsu_j4KGeGBaf-q-W1h...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NBZrTHg4T5ykjf5NpUQZbvBXEUD2f42LdjGPjP3qx4UtMoyWCiZ1ByPVISwMCsfWsu_j4KGeGBaf-q-W1hCXAsSLDe6FZ_
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NBZrTHg4T5ykjf5NpUQZbvBXEUD2f42LdjGPjP3qx4UtMoyWCiZ1ByPVISwMCsfWsu_j4KGeGBaf-q-W1hCXAsSLDe6FZ_
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Dec 2022 04:12:13 GMT
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NBZrTHg4T5ykjf5NpUQZbvBXEUD2f42LdjGPjP3qx4UtMoyWCiZ1ByPVISwMCsfWsu_j4KGeGBaf-q-W1hCXAsSLDe6FZ_
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
6lBB_t5Inzn-7pixFO-bNyyefnv7VvqRXMJmnnXoLxxLSTCFgXqYvg==
pixel
cm.g.doubleclick.net/ Frame 07A2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0PVwuKrtXSpaqH-GyUkVb0kDa4xluEE6-gva2sVMsxYAbz_VlEu9DzleHJ_4W9zRQ5MXWgXTyIKQpgzxGaVq7iqAZmVecHk&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-d425808b-4618-4f4a-b4c4-f3b4993ed65f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0PVwuKrtXSpaqH-GyUkV...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PVwuKrtXSpaqH-GyUkVb0kDa4xluEE6-gva2sVMsxYAbz_VlEu9DzleHJ_4W9zRQ5MXWgXTyIKQpgzxGaVq7iqAZmVecHk&google_hm=A9QlgItGGE9KtMTztJk-1l8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PVwuKrtXSpaqH-GyUkVb0kDa4xluEE6-gva2sVMsxYAbz_VlEu9DzleHJ_4W9zRQ5MXWgXTyIKQpgzxGaVq7iqAZmVecHk&google_hm=A9QlgItGGE9KtMTztJk-1l8
Requested by
Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PVwuKrtXSpaqH-GyUkVb0kDa4xluEE6-gva2sVMsxYAbz_VlEu9DzleHJ_4W9zRQ5MXWgXTyIKQpgzxGaVq7iqAZmVecHk&google_hm=A9QlgItGGE9KtMTztJk-1l8
date
Tue, 20 Dec 2022 04:12:13 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd425808b46184f4ab4c4f3b4993ed65f003
content-type
text/html
/
onetag-sys.com/match/ Frame 07A2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJX-iXzFLnR3SPArc0O5Cc&google_cver=1&google_push=AavPq0P1wgOSUYaB11sNn2asrmbuzjNjmLHVhJ89koDyD4DtzT1-F-iacKiUDryhC-r-CSmAufZ-x2cJZym...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0P1wgOSUYaB11sNn2asrmbuzjNjmLHVhJ89koDyD4DtzT1-F-iacKiUDryhC-r-CSmAufZ-x2cJZym71o1AtaZXZCQQ3AE00A
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 07A2 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IcWRs2bb63niG9slHM933W6F2E8c202czIXud6U2xmrIUaf5z0BnA6HQdvte-nfaru6e6s_A
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
t
t.lkqd.net/ Frame 61ED 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
truncated
/ Frame 20BD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a71014210ffef80ad8bfdff755f1932a431d254936fc8fc85b7ca6453e44ee48

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame DB6F 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g6h28ap4rc4fcywaa8w3tajqnx1mezzrvv8rkbqshjz98pdmp8ec6krqkrmck4b0jny1k4g8c3csx2w3mnth4jw80s6w60jnsqf6nyr7nnyajs1jk3gxfk46fjgv7ezjdsxs2h4aj2y86en6ryhsdk3tpwnpmxpvbehkjqkrybpv6x9penmeewymkarw88qw7y5dn2e0vw8p8knmhnk0brmkp8veggrpq1k5fntsy4gf1tq1gftbqe3cxm89ehyf86yv1qhx160ykhf1mg0fz3cwm2r17yh724gdw2629d39x77pbsnk8k4amf3azs8ng9dy2kbkx35hjdsz1174rfzn9hv5smd2dt5zfhz5vwk7hvjmjgmzje7hf0h3r6w93b4zvcby14btv2bzhcetdgcqnhzqftbzvjhmenx1b6bmrv7rr4tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%26client%3Dca-pub-7872228587460333%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g6h28ap4rc4fcywaa8w3tajqnx1mezzrvv8rkbqshjz98pdmp8ec6krqkrmck4b0jny1k4g8c3csx2w3mnth4jw80s6w60jnsqf6nyr7nnyajs1jk3gxfk46fjgv7ezjdsxs2h4aj2y86en6ryhsdk3tpwnpmxpvbehkjqkrybpv6x9penmeewymkarw88qw7y5dn2e0vw8p8knmhnk0brmkp8veggrpq1k5fntsy4gf1tq1gftbqe3cxm89ehyf86yv1qhx160ykhf1mg0fz3cwm2r17yh724gdw2629d39x77pbsnk8k4amf3azs8ng9dy2kbkx35hjdsz1174rfzn9hv5smd2dt5zfhz5vwk7hvjmjgmzje7hf0h3r6w93b4zvcby14btv2bzhcetdgcqnhzqftbzvjhmenx1b6bmrv7rr4tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%26client%3Dca-pub-7872228587460333%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
573899
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jko1y5ytDAccd%2BGnRrplzcYEImAs3yTPLkmWuz%2FuDcvInfIU02pEVEny2Vi%2F0IbT9WljvxkQwirCRNPc8ov7B1vicoSGz434DPOttVxj2wKVQpiHGytpYOJ8fQOLv4mrGl4jpnMnEfw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77c589d689c068fe-FRA
expires
Tue, 20 Dec 2022 05:12:13 GMT
r62eglto.js
ad4m.at/ Frame DB6F 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g6h28ap4rc4fcywaa8w3tajqnx1mezzrvv8rkbqshjz98pdmp8ec6krqkrmck4b0jny1k4g8c3csx2w3mnth4jw80s6w60jnsqf6nyr7nnyajs1jk3gxfk46fjgv7ezjdsxs2h4aj2y86en6ryhsdk3tpwnpmxpvbehkjqkrybpv6x9penmeewymkarw88qw7y5dn2e0vw8p8knmhnk0brmkp8veggrpq1k5fntsy4gf1tq1gftbqe3cxm89ehyf86yv1qhx160ykhf1mg0fz3cwm2r17yh724gdw2629d39x77pbsnk8k4amf3azs8ng9dy2kbkx35hjdsz1174rfzn9hv5smd2dt5zfhz5vwk7hvjmjgmzje7hf0h3r6w93b4zvcby14btv2bzhcetdgcqnhzqftbzvjhmenx1b6bmrv7rr4tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%26client%3Dca-pub-7872228587460333%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
597244
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wbl3ew5rsjB4ihrDKItZav2n%2BjA9g7HA%2FWe3lO1sZZHRBuLL%2BMRpmjcFHDVu5%2FgeLJ5ODqO0vPSonx%2B3L%2FB7zThW6y%2BH0JwD06UaI9Ncq6Vs9%2FR%2BZ02i%2FwwQamCpXQ1xJ%2B1i88%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
77c589d689c168fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Dec 2022 06:18:09 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9CBC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25444564
x-guploader-uploadid
ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqvz5XG8ykkggOTBtRpf5uk3rXnWp8QXUk9JbtgChGJHy8drey9rKZqtDw1F%2BiworxLIDHkIovMjCV2jMt94Q44bZqs3U3ZXPYYtp%2FfPjmbGfnuCVJHXd4foKzmmU%2BhVciPcRTeB6the9d1DSgu4PEkb"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
77c589d6de1c9100-FRA
expires
Tue, 28 Feb 2023 16:16:09 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AEDB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1&google_push=AavPq0PInlF-UTkrwwhQkPDzN1lk33IzO-ZxYLagfWA6QH8Ww1yXTYxrA1zAm8QOnsNySVnAqtQR8gkAAoxHNr5Lc0337JT6nJM
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM4OTAyODM3NDgzNjkwNDc2OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECMl0m7hu2ZaSkCJAhddAjU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AEDB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKpYqB5eF_6th6HkMd6fBIc&google_cver=1&google_push=AavPq0P02mZiHcNFG-_Q8Gig535Jv--foOluUlCH3MJAv4irO3bMntP6kNjp6Y8JBzuOnjBNEkdPkDs4KmBE3fR8...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0P02mZiHcNFG-_Q8Gig535Jv--foOluUlCH3MJAv4irO3bMntP6kNjp6Y8JBzuOnjBNEkdPkDs4KmBE3fR8yU9PFPBL3aE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0P02mZiHcNFG-_Q8Gig535Jv--foOluUlCH3MJAv4irO3bMntP6kNjp6Y8JBzuOnjBNEkdPkDs4KmBE3fR8yU9PFPBL3aE
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 20 Dec 2022 04:12:13 GMT
Server
MT3 254 34fcae8 master nrt-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0P02mZiHcNFG-_Q8Gig535Jv--foOluUlCH3MJAv4irO3bMntP6kNjp6Y8JBzuOnjBNEkdPkDs4KmBE3fR8yU9PFPBL3aE
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Dec 2022 04:12:12 GMT
pixel
cm.g.doubleclick.net/ Frame AEDB
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEA52fGAn8yutUOikslAGlWw&google_cver=1&google_push=AavPq0MLGy9pWxDcaWyDmCK5-Wuq8X8dreRpShNgZusEWOSlr_DLVvSDpWMVrULcwU6zIUlKIXcUG8yjrrzRKxXsJvchxYcxROM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7131E7A3816D4807AD8A674E72AAA387&google_push=AavPq0MLGy9pWxDcaWyDmCK5-Wuq8X8dreRpShNgZusEWOSlr_DLVvSDpWMVrULcwU6zIUlKIXcUG8yjrrzRKxX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7131E7A3816D4807AD8A674E72AAA387&google_push=AavPq0MLGy9pWxDcaWyDmCK5-Wuq8X8dreRpShNgZusEWOSlr_DLVvSDpWMVrULcwU6zIUlKIXcUG8yjrrzRKxXsJvchxYcxROM
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 20 Dec 2022 04:12:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7131E7A3816D4807AD8A674E72AAA387&google_push=AavPq0MLGy9pWxDcaWyDmCK5-Wuq8X8dreRpShNgZusEWOSlr_DLVvSDpWMVrULcwU6zIUlKIXcUG8yjrrzRKxXsJvchxYcxROM
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 19 Dec 2022 04:12:13 GMT
pixel
cm.g.doubleclick.net/ Frame AEDB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENFexr3AjoYNiYR3n9CHO9Q&google_cver=1&google_push=AavPq0NL1OjJVb_4mC4M2Y7Xn-bEPnChoPkol0tEVnYwkySVkNheodU3nNKrVulPsG236chqZSnlw_7s2Gl6I8...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTA3ODc3OTE5MjgwMTQyNw%3D%3D&google_push=AavPq0NL1OjJVb_4mC4M2Y7Xn-bEPnChoPkol0tEVnYwkySVkNheodU3nNKrVulPsG236chqZSnlw_7s2Gl6I8SPCk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTA3ODc3OTE5MjgwMTQyNw%3D%3D&google_push=AavPq0NL1OjJVb_4mC4M2Y7Xn-bEPnChoPkol0tEVnYwkySVkNheodU3nNKrVulPsG236chqZSnlw_7s2Gl6I8SPCkgWmnrGNrc
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTA3ODc3OTE5MjgwMTQyNw%3D%3D&google_push=AavPq0NL1OjJVb_4mC4M2Y7Xn-bEPnChoPkol0tEVnYwkySVkNheodU3nNKrVulPsG236chqZSnlw_7s2Gl6I8SPCkgWmnrGNrc
Date
Tue, 20 Dec 2022 04:12:13 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame AEDB
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEO53t5DTmb0S88nTyWDJGAM&google_cver=1&google_push=AavPq0PWYecYuZcPlP4KIA2zMsXzj2JkLdSuEoqolFcfwd-FmPSL8hqRkPeTcF5a7WM6vWRXcvYsJUI3vR8wXKcG3GL5s_...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO53t5DTmb0S88nTyWDJGAM&google_cver=1&google_push=AavPq0PWYecYuZcPlP4KIA2zMsXzj2JkLdSuEoqolFcfwd-FmPSL8hqRkPeTcF5a7WM6vWRXcvYsJUI3vR8wXKcG...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=p3SJCez7T_qa6FIeaKDaeA&google_push=AavPq0PWYecYuZcPlP4KIA2zMsXzj2JkLdSuEoqolFcfwd-FmPSL8hqRkPeTcF5a7WM6vWRXcvYsJUI3vR8wXKc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=p3SJCez7T_qa6FIeaKDaeA&google_push=AavPq0PWYecYuZcPlP4KIA2zMsXzj2JkLdSuEoqolFcfwd-FmPSL8hqRkPeTcF5a7WM6vWRXcvYsJUI3vR8wXKcG3GL5s_daq3M
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=p3SJCez7T_qa6FIeaKDaeA&google_push=AavPq0PWYecYuZcPlP4KIA2zMsXzj2JkLdSuEoqolFcfwd-FmPSL8hqRkPeTcF5a7WM6vWRXcvYsJUI3vR8wXKcG3GL5s_daq3M
access-control-allow-origin
*
date
Tue, 20 Dec 2022 04:12:13 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame AEDB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.targeting.unrulymedia.com/csync/RX-d425808b-4618-4f4a-b4c4-f3b4993ed65f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0N0VdJO6-owIS2q8tC7f...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0N0VdJO6-owIS2q8tC7fSmfOUC_QPvLLsymBLQ4V8Y1oOaxmaqJn9yrTVhYKQrJJdJrqI07pSJ3qmOyNQ6XS5MZsRS_L4c&google_hm=A9QlgItGGE9KtMTztJk-1l8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0N0VdJO6-owIS2q8tC7fSmfOUC_QPvLLsymBLQ4V8Y1oOaxmaqJn9yrTVhYKQrJJdJrqI07pSJ3qmOyNQ6XS5MZsRS_L4c&google_hm=A9QlgItGGE9KtMTztJk-1l8
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0N0VdJO6-owIS2q8tC7fSmfOUC_QPvLLsymBLQ4V8Y1oOaxmaqJn9yrTVhYKQrJJdJrqI07pSJ3qmOyNQ6XS5MZsRS_L4c&google_hm=A9QlgItGGE9KtMTztJk-1l8
date
Tue, 20 Dec 2022 04:12:13 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd425808b46184f4ab4c4f3b4993ed65f003
content-type
text/html
/
onetag-sys.com/match/ Frame AEDB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJX-iXzFLnR3SPArc0O5Cc&google_cver=1&google_push=AavPq0O3tN9Pf-TzI6A9OC0j_ZhP86-7pbGI8xTTefPcRfLZ9JI0CbSSusaquNNlKZ4Uu8iFTcHE_spEoZD...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0O3tN9Pf-TzI6A9OC0j_ZhP86-7pbGI8xTTefPcRfLZ9JI0CbSSusaquNNlKZ4Uu8iFTcHE_spEoZDsC_8BE8y0ddhUuayd
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AEDB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lr-P-zGOM7UK8Kv2pxFTCPMYDKR_ZeyONTeq747oi3QWEgmGDAbN_atK5jAYyXAMU09k9r2A
Requested by
Host: a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
URL: https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
frame.html
ad4m.at/ Frame 6E54 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2016419
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
77c589d6da1d68fe-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 04:12:13 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgYnaSWTj7yY8z4VgJ0KZUQqRSgvF3%2FZwWF1wEPDlG7%2F3g20jFYwRvLZgqi9GytPbNknh0y%2F0aqSEsd7qn62owBI0zawRz%2B%2FbrWZsRy%2Fqe5djWP653%2FkC%2BFyC2QUUAMCxw0atb0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DB6F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25444564
x-guploader-uploadid
ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FozNUFPeb5i9Qv0enQXu0iShodW9Jus6qAaxy2wFbasbUYTRYy4rf9gco%2FVfnudoXx77%2BZkhLKNYHt0t9yz%2ByuQUy15JR7h8yozAAgDiOMRo15XPV1QFx3Bg7Lu9tC4%2Bk5LA1RTqA6GjiGQSdRoA6TC"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
77c589d6ee1e9100-FRA
expires
Tue, 28 Feb 2023 16:16:09 GMT
frame.html
ad4m.at/ Frame EEB6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2016419
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
77c589d6da3368fe-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 04:12:13 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJihT8kmmOCBCBDbTUXBi64XlViqxNlt5DVuXqk%2FVjxKuHRamPZEpu%2FblpC5ge8r%2BQVKdHZ%2BXJK5CcEj2qeoyOUyGXEaXWSsLOZVyPMbNN69MQ4ZEdgXhE8JyNssRXvVbgD32R8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 9CBC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
997d7a690381c208fd974f5118eacffd8f661b06b3bbbfdb9cc2f785d06996d9

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pbNOPjH5%2BZy7D2r0BoYgKnRRJkER%2B8jDyehCxw5aBlgMZHcmpp%2FH%2Fwb3uokZ9SmaVd5RvEUvoc%2FTUFaHqgCko9AB1EQMePV86vLVgdrQUvRyYg2WlkW5dp5SfqdOy7rS5H%2BO6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
77c589d83c4092c9-FRA
x-backend-server
aa-reachservice-group-europe-west1-3b3l
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame DB6F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78eea8cb59016e43a6a6878eb6486bf3374506b121f0774380d6cb0169ea575b

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1hejkJhe%2B6b0%2FK3gVIUwWslQLhnVbutBq8EIulSifFgBHqySFBBvm%2FH2ZKVtTPy%2BxfNGyXA12S3ndhMFt0DDejqnYrS3NXDF5JmTIfp1xE3PYT2oiRb5gMQxBm8KdRg2UsVzmk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
77c589d83c2d92c9-FRA
x-backend-server
aa-reachservice-group-europe-west1-tbx2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc3b4ce293b4feff98b94adcd7af530cc3eeb8bbc07cf8e834c5a569a03e901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11251
x-xss-protection
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C40095515101591023731790267446%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
30bce754212e37923632f6006bfa06860b6649078f18b547ce8fe9b4801e688a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 04:12:13 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1671509533302027-376
Expires
Tue, 20 Dec 2022 04:12:13 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c589d80bfd92c9-FRA
content-length
24
content-type
text/plain
date
Tue, 20 Dec 2022 04:12:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FheqOe5RUfBGuyE24ah9OU3r%2Bfiqef9YpWH0wJ3sUapw0SotlACdQ3mDmgUjegLfXp5EDKiPXrg76XgaKO9Rw9M8NcG3zzln6a4V959sSBySDUvLnJ6yQcHFlN7TIjKckfWQTE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-3b3l
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c589d80bfb92c9-FRA
content-length
24
content-type
text/plain
date
Tue, 20 Dec 2022 04:12:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7dJUg%2BHmC7E1a5C6qqDVzEX5hMx%2BcQBXCUJ5GGBMTopcUdrZwJJbNNSGWski4WRbo3MImNkwjBpPF25dBGoWoFSJzfvviYgtx%2Fb8HadQi%2FRT%2BOmUgNEZTsV1lKAtHXb3%2F8y8Mo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-tbx2
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 04:12:13 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
t
t.lkqd.net/ Frame 61ED 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_f51ac984.js
vpaid.springserve.com/production/ Frame 3DDE 		506 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 17:09:30 GMT
content-encoding
br
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 22:05:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1076564
etag
W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
9RMyjc0_IDhoCWa4Kt7JWI5gTQ1YgOotxFk3bq8VRPIWP3QvkAgnXw==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8CF7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 23:16:29 GMT
expires
Tue, 19 Dec 2023 23:16:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E141 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
95e1be98830a9529350cdc1bcba69e525d2d0fa3150f2e5db6d48e7921e8779e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Hg8T1bWwdHhVNP6XSXYTtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pelotainvernal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Hg8T1bWwdHhVNP6XSXYTtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:13 GMT
expires
Tue, 20 Dec 2022 04:12:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame C8D2 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d69b9eefd4f41a76f60dedfd1834c987a8cb5fef42ee7884d9d8b7499c513c68
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1g6h28ap4rc4fcywaa8w3tajqnx1mezzrvv8rkbqshjz98pdmp8ec6krqkrmck4b0jny1k4g8c3csx2w3mnth4jw80s6w60jnsqf6nyr7nnyajs1jk3gxfk46fjgv7ezjdsxs2h4aj2y86en6ryhsdk3tpwnpmxpvbehkjqkrybpv6x9penmeewymkarw88qw7y5dn2e0vw8p8knmhnk0brmkp8veggrpq1k5fntsy4gf1tq1gftbqe3cxm89ehyf86yv1qhx160ykhf1mg0fz3cwm2r17yh724gdw2629d39x77pbsnk8k4amf3azs8ng9dy2kbkx35hjdsz1174rfzn9hv5smd2dt5zfhz5vwk7hvjmjgmzje7hf0h3r6w93b4zvcby14btv2bzhcetdgcqnhzqftbzvjhmenx1b6bmrv7rr4tm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%26client%3Dca-pub-7872228587460333%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77c589d87c7068fe-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:13 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame C02A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211ccd7f9ed32a3332fd2503407b9b9d462eaeb4f5dc7e464e0eee5ae5638ca5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1khwe7700e380hf4rewa700qccwhqchvn9cs74h2pdyzy11gj6v8spqbqjwsmy5zygxhh11qfjhjx9dx6tsh4vzt88nesfb64zn04qqenj5c91xkk1kv8cwxs9v1t70krp7r9eqkq53j21c1eb149te84jdyvng6w6tnb9g0s9jq8fwzd7yg5wntxtf9y7e4j0n5fygydwn281r3gtkf4f0qjm82fkf8c57m90v9rhc6s6jw76vj3kn6svbzn8khn8xp3vv7v8enss0pbyv8zzd36ch9647nayh80mpfxc4140scac1yhwd1s8g3mptq0mnm1cwwezmy5r459vvgxwsphn4q6rbyxw4m9bgc8nkc0vy2j2rspdj323qqxe6q6jez1anme7qt1393m0bxny9xqw0vgrf9zrppyv8v5r7cktc22ay0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%26client%3Dca-pub-7872228587460333%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77c589d87c7b68fe-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:13 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 8CF7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 10:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 10:55:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E141 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3346729867802482&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
t
t.lkqd.net/ Frame 61ED 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame D38D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvD9mtnQYPpbeYCpfpRWQVYHj3DibXe5pZdnOLRBEPYD_R6XDtFhycaZfFBzbqqlSg_nN2Vk0ZSNWCJeuDv-tYXivwZ7uEt20jSph_aHSBO35c4DiMhtE3sM__G3TKfxXPbY6IwuA&sai=AMfl-YSD8RPu3zmLIW_BZpXEvO2z4cRo1zrRwNJI-fZd_vemmrBfPuhIo1RWPEG13dCE8Z6I2DdRsqfSiQdQZa0&sig=Cg0ArKJSzPielRhnfPM6EAE&cid=CAQSGwDq26N9M4wXCWCIjdQDgWRU_t5_OEZGibNW9xgBIBM&id=lidar2&mcvt=1007&p=0,0,124,1005&mtos=314,880,1007,1007,1007&tos=314,566,127,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671509531954&rpt=547&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 3DDE 		983 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
713ecf58215f1ad00f1fe943e4785df4c7cd31a77f0de304085738532cac42c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
605
expires
Tue, 20 Dec 2022 04:12:13 GMT
generate_204
tpc.googlesyndication.com/ Frame 8CF7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?g-cAyA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:13 GMT
server
nginx
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame C8D2 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
573899
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UuzGyKSOzaPO8%2FhIKEymY227Q9XWa7x0e12U3OvGozd%2F9mXuqE4ZVzguB%2F0uv3Tk3hefA8Ed7tOmFg3mOcVSNW0O34rmeGBGHv2MZSoIe92%2FXmEyCGB8OALI1bGh0l9IEIUsQMbfPo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77c589d99e0768fe-FRA
expires
Tue, 20 Dec 2022 05:12:13 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame C8D2 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2189722
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0DOQ6iY3lzE0JwK1C41RpLoy1UWwSeiHOKJFBDab8pcLrxvqQPfVhL0pB0k62o3IkWeoVYLKyzLyrGrGdpGXfMko%2BxwLMwvWKjbAlyTlMFIlK4asYQZzshfktzokLJSyj15dv3pIIbfS8VD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9ac35bb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame C8D2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
218687
cf-polished
qual=85, origFmt=jpeg, origSize=46259
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10888
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:09:44 GMT
server
cloudflare
etag
"b2cf554576629d98986c459034c76d1a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVZFxvMSVvf0khVMXB9KMGkOfMCZGl%2FYX7r6mHBZz5ujim2AhZqezt9yiLYwyNtXVs%2FErYK2ey%2Bjminy9fFigzk6qnaL7j33PSScLG1VHsDQsZtNeqj74PWWtOT%2B1cbIfcCEEJFtvIICtMnj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9bc3bbb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
/
partner.o2online.de/a/ Frame C8D2
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CI_d_J-qh_wCFcN_4AodtGIBiA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122005121379666138469X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_N...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122005121379666138469X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122005121379666138469X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:13 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122005121379666138469X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122005121379666138469X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
date
Tue, 20 Dec 2022 04:12:13 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame C8D2 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2182911
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMw%2Fx19G6GkTCiAZ%2BkHpxpcwQmUWX6BQHCVC5Vqt58S%2Fkw2IHc0q1xx6lyJD9uKQtr2cXEV5%2F7vqjtqkxy3C28lZw2SLp5U4yl%2BPhiv%2FSluwC1P5Ue%2Fv0dIS2KeRBpBqrQ8sFAzG7mDcxun2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9bc3dbb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame C8D2 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
209382
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWzhWPBq5SHFGJRSuOXEgAclH2gtJ%2BBYZQOeSdpybGTMAgJBLoy9IKiyJMrQfWkkGUr680U%2FdbjPgHa23KEot0OfppoWo%2B6%2B%2FDpBqMmTjavJWyTLwP70fI0pKywGF5LDVvbbTt4gsm37yPNw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9bc3fbb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
/
partner.blau.de/a/ Frame C8D2
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CKGY_Z-qh_wCFdIo4AodHcEI5Q;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022122005121379666138467X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022122005121379666138467X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:14 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022122005121379666138467X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date
Tue, 20 Dec 2022 04:12:13 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame C8D2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1741846
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hl48UfSf2lqamZd8wOayWxP9MTfv9mYCmx%2BeUQlTSwjfBVRK4sxYpQefd6JvPrrXDVnazD1L4D3UvyglzZokEc7QmAx0rCOXRrVLWnOAKYbVZD1k42c5NN1d6nfxHd55gHKuWFe%2BpVMGksUb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9bc40bb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame C8D2 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1545477
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48wwz1pkO28eT25EeGYm%2Bg%2F26QHnKL7WQdujwRKJzThtix0bzJEyMZT8SShXlEnuRyuyOhQkqoGTXbl5qD%2FdhzKygI7gCPb9jl0JbI241pQOc%2BiADA25JFMxjg1BSh9L5JRWPjzEpLw1QMnP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9bc43bb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
ztpv.php
www.conrad.de/ Frame C8D2
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1671509533_7b7cced1-801c-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
0
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1671509533_7b7cced1-801c-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=160&d=600&e=&g=11995c304b0c130c0e52843834ed5338%2F2106938996825917004&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpd9x3qm320spzerm1jday10m2fvv7y4j9pbm8xpsdk254afnffzcncykdxjnenavvvryrs6d05ex0yaa2c4pwer7h0hedb4kw6kz31vcyfhes6wdr0gqh87feaf97kdmaa9wcpzfrzp7eh5nj9yh5nksgtpah848647cr956bbvdthb7b2mhns8s9bazy9smtj4p1xfgbqfdyvzawgfgq1m9bnnybtd4tjna6bprvwn7m6adteegaeab8784cn8cp9ngrdan9abc9wmn4g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCyqaHDahY5OyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE_gFP0IGPDnER6QPnHeDfEwiX_ykZ6-PfE0YJjIlVif3_FeEyFPyQy2uA6AoOJjf1OSHETGwSK9UC-PGQqhdvmfcFPGCi12snM_40ux0JQQko4KmsREZbeETO-oHFGBA7VybqHmCdNYJzXzXCWkiwpbbX37_BEbkRtNxqzl_4iWRsOiqc9aYAtsUY-rBwGq1SXCy_PyWGLgOhLDqHUE5EmQS4a8HZbdVJmPsu9tD-LlTTU3nTjOaT2_ztQ0FRTGP5mZCZMYwN-n8NwQjMNFXn4kvXBdoG6fqOJPJTyMxem3jAfOFDQM2z6fx55MNgvpZ6XPNrNAxEA6jPSc5dz_W9M-AEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F256VxXjPULECrT8zwY4u_HHctg%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
via
1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
185285589
cache-control
no-cache
cf-ray
77c589da3f50bb9d-FRA
expires
-1

Redirect headers

Date
Tue, 20 Dec 2022 04:12:13 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1671509533_7b7cced1-801c-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame C02A 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
573899
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnnyMQ2%2Bq6cj%2FCaEpkmBkts3POyc1Mb7yfTC033rCGiy%2FL4G1OER5Ik7ljGAPQfis2c4DYZTjMmsJxb0FfReGYR6j%2F%2BCuyNEj8pWjsJJ4xgdWJZIuOKW2qvRk0pU0HS2sv65Kk001Q8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77c589d9ae1268fe-FRA
expires
Tue, 20 Dec 2022 05:12:13 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame C02A 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2189722
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8brEGy4bDt85IPNeNtc6osQoLHgDguaB7hEeDi3U%2BwCtK8Z14Iv03qZKQvj5N%2FXONewnMWVqotB4lY4focLL6xfW0MGp1D0MK4jFRrmIdIeBE5yMm6PiqFsC3ivcjoOo4ukC%2B21X5zdN3YlU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9ac32bb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame C02A 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1036455
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ5%2FnKUBGNOWI6cR3QSenHw6nbMa0vWEcS7z3ptU8nI%2FwbGxDXPE57I%2FgJyg7BCpGUbZmXwFpayB0bwBfaSr6PyPoSTSGpn7t1jW4YGAwR5oYtkKO9Z6dsPG4MC4kqYAr8u0WMJ2hLkivPQP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9cc4cbb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
/
partner.o2online.de/a/ Frame C02A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIzn_J-qh_wCFWyW_QcdPUkJWg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122005121379666138463X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Ne...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122005121379666138463X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122005121379666138463X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:13 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122005121379666138463X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122005121379666138463X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
date
Tue, 20 Dec 2022 04:12:13 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame C02A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2182911
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAgZdDEuD%2FgZPs0gazxuQvRHXtiL2jEs7WcnLYEqytmyTAQtEho8DbLpYo5T54XwKq4mykz1jIpmTy2KCI1bAHbDWT1dyUpSdtyiEJoqy0cTKQjY34hjB0yReM8RXxZfnBoqVrHWavVKZAqm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9cc4fbb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame C02A 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
209382
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lI1MDq8OMxppq6daZr1vOCgN8dNseSiZOq%2B2AIT4Z2lk6RnWy9gTB8OFzSE7hlkr1gPL%2B9ac%2BRwppNHYfq%2BtWPBPI24TGSIPPDQMzLLfj4te%2ByMhBEPExZAB7FlPoI8GxjRt87J6%2Bp7P25pI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9cc50bb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
/
partner.blau.de/a/ Frame C02A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPmg_Z-qh_wCFfLhuwgddWIJdg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122005121379666138465X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122005121379666138465X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 04:12:14 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122005121379666138465X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Tue, 20 Dec 2022 04:12:13 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame C02A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1741846
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yfh6Xd7%2F6PHGdsAQqOCf7RebJUQetlir1dyXU79JGT8xP5sO8fbGMkt1YyrTC9g1wFKyRhP69JofIAFYUwC8AqgzFOvrOfg2lu%2B3kw73NK6cCqnxI2ULenFwdTLTfOopOl16TbuFpIcPY%2FWE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9cc52bb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame C02A 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1545477
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDaQI2KLLOH4eCxVje33uhK8ognUM93xFYyvqpSxpbaNnYuf2Fgyi9M6cInkE2Mvy1UtX7r1MELT%2BM9dGqMG1tHeu0I9t0yOMrUsagZvyGMdDtJ49SD8ZRHZNiCPbHJzW2QsEKXJZvUON2mT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77c589d9cc53bb32-FRA
expires
Wed, 21 Dec 2022 04:12:13 GMT
ztpv.php
www.conrad.de/ Frame C02A
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1671509533_7b7cced0-801c-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1671509533_7b7cced0-801c-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=6f8dade06dceaa24e373b404d24af77a%2F7732385909404524603&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671509533496&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jx6bkdac7223v1ae2eq0v4jy3a4tgek1h76wxgzdr80ezr4xjckwj7qb2jhccevzb4mqnjmp5hs8qh3wc81sm285qjx3nqhx5h70pemxvn5mnbt465129zabn3kznem01rek42vd2ngx82h9xnfz72mqmg5mb7parkygjeshppj8n4wwmfgr4vjhda63kkzsq5v8sg277y54j6zpxrr9abvhg76g3bkmbydmj886jvxfwa79x185e0g3q3hsf1467enjfbykccadht5zmx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoUWDHDahY5SyJNm99u8P0aie8A-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03ODcyMjI4NTg3NDYwMzMzyAEJqQIMEi4WB8yxPuACAKgDAaoE-wFP0BFqrMydSHW66uMsa4koif8TiSbt8Ue6nUTuTD3K_A95J_Wdd0mS5NZKUZKdCQkpUvLA5SLrgxls4YBPz7F-FW3LxW4T_HCk7f6_GR9a5ZSe3U1l3I-IdqDiwfqzeGFKwQzIZxv_8ssgW5ZD1qJSPTW1j7eUUktgBZg5Ng1_fHLubpi-4C5F-kNOWze0_fLvFz_zYnSSDMGQJnSVQKYtEuEfnJ8rhk2ApV5BZ8KtGccyjuKZcZCW6bf3uJkhvXaZJWaqrc1JjYRiBlT54JWqeGfNCOdfzGK3F6vWCcTpgcW84-PLUg57wkczbthDKQObf26q0LhmD9TdneAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NIH9dtMwcbiKgWkewfHwZ7tPJXw%2526client%253Dca-pub-7872228587460333%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
via
1.1 additional-webserver-blue-115j (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
74055220
cache-control
no-cache
cf-ray
77c589da3f4cbb9d-FRA
expires
-1

Redirect headers

Date
Tue, 20 Dec 2022 04:12:13 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1671509533_7b7cced0-801c-11ed-9d10-2262c713b6c4&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame E8E4 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 06:03:39 GMT
server
Apache
etag
"277a2-5e7fbf52bc8c8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38047
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7273 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147094
content-encoding
gzip
content-length
13968
content-type
text/html
date
Tue, 20 Dec 2022 04:12:13 GMT
expires
Wed, 21 Dec 2022 21:03:47 GMT
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame E8E4 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=147094
accept-ranges
bytes
content-length
13968
expires
Wed, 21 Dec 2022 21:03:47 GMT
ev
s.seedtag.com/e/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.3a6c01d6b1aa61ea9094.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pelotainvernal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 04:12:13 GMT
via
1.1 google
server
nginx
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://pelotainvernal.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
PugMaster
image6.pubmatic.com/AdServer/ Frame 7273 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89032318&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2db4f4c20631eac4f2c8c3571af957dd8294f014aa3ab66066b0f1c774ee0c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 5916
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:295063a1-361d-4e00-8d9f-4c459ae8fd05&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:295063a1-361d-4e00-8d9f-4c459ae8fd05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 20 Dec 2022 04:12:14 GMT
Expires
Tue, 20 Dec 2022 04:12:13 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 254 34fcae8 master nrt-pixel-x16 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:295063a1-361d-4e00-8d9f-4c459ae8fd05&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 2C00
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 04:12:13 GMT
expires
Tue, 20 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1493522
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame D52F
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3236300610912310540
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3236300610912310540
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3236300610912310540
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame A0E3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3E4CB774-585C-4BAA-AADE-66B7516F7715&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3E4CB774-585C-4BAA-AADE-66B7516F7715&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3E4CB774-585C-4BAA-AADE-66B7516F7715&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 20 Dec 2022 04:12:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SRQM0XZBYXZRWNW1ZS0A

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Dec 2022 04:12:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3E4CB774-585C-4BAA-AADE-66B7516F7715&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
81MTSR3B1Q82J1NX7QG4
Pug
simage2.pubmatic.com/AdServer/ Frame 47CC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3288839038734860477&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3288839038734860477&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
ae0d60f5-2b01-4fc0-8066-6486665b761c
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Dec 2022 04:12:14 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3288839038734860477&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7273
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pky3dFhcS6qq3ma3UW93FQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:14 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=55754
accept-ranges
bytes
content-length
5554
expires
Tue, 20 Dec 2022 19:41:28 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 7273 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3E4CB774-585C-4BAA-AADE-66B7516F7715
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77c589dc3fbebb67-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 7273 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.216.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-216-185.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.37
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 7273
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=235290195
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3E4CB774-585C-4BAA-AADE-66B7516F7715
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3E4CB774-585C-4BAA-AADE-66B7516F7715
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
via
1.1 google
last-modified
Tue, 20 Dec 2022 04:12:14 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3E4CB774-585C-4BAA-AADE-66B7516F7715
date
Tue, 20 Dec 2022 04:12:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 7273
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0U0Q0I3NzQtNTg1Qy00QkFBLUFBREUtNjZCNzUxNkY3NzE1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7273
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENFuhmk7q10txmHu55xtVzM&google_cver=1
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENFuhmk7q10txmHu55xtVzM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENFuhmk7q10txmHu55xtVzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7273 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 19 Dec 2022 04:12:14 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7273
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3247431370098024696
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3247431370098024696
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3247431370098024696
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 7273 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
activeview
pagead2.googlesyndication.com/pcs/ Frame 6367 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOJHqPBvBsx6O4FTKmE1ukLcjm423ty1tzbm1zJIihTIA1BDaMh8OUSZbszU3CQq7h0W1u9IIrAQyDccB9KVSumzdV&sig=Cg0ArKJSzMrqaFsSzVqxEAE&cid=CAASF-RogXKxfsuvH6owVUayWZ3pvzUEXwNF&id=lidar2&mcvt=1000&p=485,275,575,1003&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1811199381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671509532912&rpt=175&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 20BD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-Wck5nDepTpBZlHcD442LCmI-KnGWuptex_5NXMPu1kiXDZ5XDsZ-9p4oSedmloZ28uh6gSdfi1MDiabnuj_AMX1K&sig=Cg0ArKJSzJoIeKGbqHqvEAE&cid=CAASF-Roa5Zo6pYYB9O-L2-n83CvMsfMWwFr&id=lidar2&mcvt=1000&p=507,1149,1107,1309&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2344183488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671509533035&rpt=151&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3346729867802482&bg=!29il2JzNAAYgquz3AKo7ACkAdvg8WtuohmS36NH5OTJgnZbHCWF8guD6WHuxKyVP6zNjqZuwOuxjJgIAAACpUgAAAAJoAQeZAt6XA0hPw9d9B6myYFzHFQp-iGQfdACmrckA07ePlr2us-y-sMUXpbneTY8TwM7iuPAgxEk9FfOI_Cs42QI63RPi8Cjd1HKw3RRL26od8YgZq9UJyC9aD_cXRaQo5p4jfWY0Wsi3FXksFPpG2oqlZ95nI6vYNv5SVs5DS1AcikQ4uqM-2TeHx1amOd3Z_rMhOpbJEfShA_9dv7KpDa-rYrGo504kd15C5EGvNBFXtl7tT61eIBQGONYxxAz5s1FkgEApg3FqcBIu-k0ZECftf6yjK9URQ3WmnKzeoythZ6InUXhoX09iAIesu08nG6FOhkfwujXZbNu0e2w4bjM4-62roiKZxzehgfu95UbxCVHk6JWe4RrZgtmO03Oa-RyWBoCIhpP6RjEdmpADVKTqI9Ad-nxO7IjujQECaUUoh4_CSkxks7jbMAi4p3NiflTc7sFmSskcOuxGNNsTmquOWe2CcgITfg-eVgRnhVQfnGF-W4TSDlMbYXr7oU4KUrZArO7xGZC-bkmUzriCbkjOW-kOLhoVkWtuF1idnJ_D8cksWs-S54xiYRROuYdSptR2vA7bAYY2CB3M2wLcZlZiVJN-dXnmIwV4s7IZAHAGMDTerNDGyPEEHtkgLgR_5SvnPOQFy9KjkMaxJ_BLMJyKl2RHGrIfihj-HXY0f4Sewlv-ywnRFYfm13o6NXQoHmkNGq4Wi3BQ_rsdh2StFiR-Fp_UPIixTIebLD5BLdhObQIH6D-dFrVeg9Zid7yuT4UkvxST5dsgHccEpmYbsoOiFIBmTBdkohtKyPwoe_py7WE2UQdlvPsmUZCn0KgYm--3Cy7m4vZOp_7PuV3JbqNGh--7dV-xT0ktn-cJgOXVPS9cGpNafvYsUim9qlK-TPdQR5vk5JNsRcCez_Sdx9mjplR14WtEVxnLM2S25SjnDOjUnb4RUz0Hh_BaiZ7hDpadnn5TYeUmjIWgsWdMXK6lBQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
AdServerServlet
vid.pubmatic.com/AdServer/ Frame E8E4 		27 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,&us_privacy=&cb=1671509533819&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-20%204:12:14&ranreq=0.054968611019707625&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:14 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://pelotainvernal.com
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame E8E4 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671509534&wa=0&vadsId=-1&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
i
vid-io-cle.springserve.com/vd/ Frame 3DDE 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=af74ae3d&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.27.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-27-205.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 3DDE 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671509533&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:14 GMT
content-length
0
content-type
text/html
truncated
/ Frame 886C 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_f51ac984.js
vpaid.springserve.com/production/ Frame 4DEC 		506 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 17:09:30 GMT
content-encoding
br
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 22:05:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1076565
etag
W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
LxICwqmpVQRhEhdsACn4g1k3qFFG6JZ0MqvYNHxIkdzBgev-DVetcA==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 4DEC 		983 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
44efc12115434f5a8d756c44de6f55adec20f11b7d0c41d4255ca6c5fcba1bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:15 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
605
expires
Tue, 20 Dec 2022 04:12:15 GMT
t
t.lkqd.net/ Frame 61ED 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:15 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:14 GMT
server
nginx
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 77F7 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:15 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 06:03:39 GMT
server
Apache
etag
"277a2-5e7fbf52bc8c8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38047
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7EEF 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147092
content-encoding
gzip
content-length
13968
content-type
text/html
date
Tue, 20 Dec 2022 04:12:15 GMT
expires
Wed, 21 Dec 2022 21:03:47 GMT
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 77F7 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:15 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=147092
accept-ranges
bytes
content-length
13968
expires
Wed, 21 Dec 2022 21:03:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7EEF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99419913&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1f92733e94f2928a93d8a4243e07caa07d38d26f9cb3ff2bf3e484f0b75d3230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 20 Dec 2022 04:12:15 GMT
content-length
1947
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 57B6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QIYHB0WDV1VbjF4HENRLUBeHUABbglVSE9TP0yhp
42 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QIYHB0WDV1VbjF4HENRLUBeHUABbglVSE9TP0yhp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 20 Dec 2022 04:12:15 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QIYHB0WDV1VbjF4HENRLUBeHUABbglVSE9TP0yhp
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 39A4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7179078779192801427&gdpr=0&gdpr_consent=
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7179078779192801427&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 20 Dec 2022 04:12:15 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7179078779192801427&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
rtset
bh.contextweb.com/bh/ Frame 4A30
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKeXBrN0hRbXdBQUI5YmRLcGRYdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJypk7HQmwAAB9bdKpdXw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3613290900590066763&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJypk7HQmwAAB9bdKpdXw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3613290900590066763%26gdpr%3D0%26gdpr_consen...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 71A5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Dec 2022 04:12:15 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
p
a.audrte.com/ Frame 7EEF
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3E4CB774-585C-4BAA-AADE-66B7516F7715
  • https://a.audrte.com/p
0
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 7EEF
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3E4CB774-585C-4BAA-AADE-66B7516F7715&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3E4CB774-585C-4BAA-AADE-66B7516F7715&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3E4CB774-585C-4BAA-AADE-66B7516F7715&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:16 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:16 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3E4CB774-585C-4BAA-AADE-66B7516F7715&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 7EEF
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3E4CB774-585C-4BAA-AADE-66B7516F7715&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3E4CB774-585C-4BAA-AADE-66B7516F7715&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Tue, 20 Dec 2022 04:12:15 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3E4CB774-585C-4BAA-AADE-66B7516F7715&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a76e2f70e378fd26/gdpr=0/ Frame 7EEF
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a76e2f70e378fd26/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a76e2f70e378fd26/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
54.154.216.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-216-185.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.92
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a76e2f70e378fd26/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7EEF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685625348156625&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b77473c-85ef-44a2-ab4e-37afbe8c5694&gdpr=&gdpr_consent=&gdpr_pd=
1 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b77473c-85ef-44a2-ab4e-37afbe8c5694&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 04:12:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b77473c-85ef-44a2-ab4e-37afbe8c5694&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 20 Dec 2022 04:12:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
3E4CB774-585C-4BAA-AADE-66B7516F7715
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7EEF 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3E4CB774-585C-4BAA-AADE-66B7516F7715?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1fd9:6969:7081:2e2b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 7EEF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3E4CB774-585C-4BAA-AADE-66B7516F7715&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JqX9QZtE2uUmCI2JdC2xuL8BlKU2EIw-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JqX9QZtE2uUmCI2JdC2xuL8BlKU2EIw-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JqX9QZtE2uUmCI2JdC2xuL8BlKU2EIw-~A&gdpr=0&gdpr_consent=
date
Tue, 20 Dec 2022 04:12:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7EEF 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:15 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7EEF 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:14 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7EEF
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:dc2b5e8e-1d54-4360-9d91-d30acd60c296&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:dc2b5e8e-1d54-4360-9d91-d30acd60c296&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:dc2b5e8e-1d54-4360-9d91-d30acd60c296&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 20 Dec 2022 04:12:15 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=088322040039a0053bc7b74a&expiration=[EXPIRATION]&gdpr=0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=088322040039a0053bc7b74a&expiration=[EXPIRATION]&gdpr=0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 04:12:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=088322040039a0053bc7b74a&expiration=[EXPIRATION]&gdpr=0
date
Tue, 20 Dec 2022 04:12:15 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
cksync.php
cs.media.net/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.192.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-192-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 04:12:15 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
44
X-MNET-HL2
E
Expires
Tue, 20 Dec 2022 04:12:15 GMT
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 77F7 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,&us_privacy=&cb=1671509535170&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-20%204:12:15&ranreq=0.8804777235610364&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509533299,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:15 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://pelotainvernal.com
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 77F7 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671509536&wa=0&vadsId=-1&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
i
vid-io-cle.springserve.com/vd/ Frame 4DEC 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=8b4ab235&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.27.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-27-205.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 4DEC 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671509534&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:15 GMT
content-length
0
content-type
text/html
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:15 GMT
server
nginx
t
t.lkqd.net/ Frame 61ED 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:15 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame 0111 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=38631706&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
58f53e62e92a1c14bba2c3c65e20fd4079307c9b2be67ac294fc19a62cfe4ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:16 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1356
vpaid.js
ad.lkqd.net/vpaid/ Frame 4E68 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:16 GMT
content-encoding
gzip
x-sp-metadata
HS256.CLCIhZ0GEocBCiQxYTAyMWU1OC05ZTRkLTQxZmMtYTY3ZS1kMWM0NDMyODU2MjAQkKbXzNb5+wIaBgig7ISdBiIMMjE3LjY0LjE1MS44KKrCAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOTg5ZWNkMmUtN2U1My00MzczLTk3NGMtMWE5YTExOGE2YmQ0GMXkAyIYCAISFGNkczMyMi5sbzQuaHdjZG4ubmV0.hZVdzoJ0y177hm7NBZcXMwugRGYOzrOQqaTtZqdLs20=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1671509536.cds288.lo4.hn,1671509536.cds322.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame EE1B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 20 Dec 2022 04:12:16 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1671509536.cds288.lo4.hn,1671509536.cds074.lo4.c
x-sp-metadata
HS256.CLCIhZ0GEocBCiQ1NzhkMGYwOS0zMThjLTRkN2YtODU5Zi0wMDNkNjhmYWFkNDkQkKbXzNb5+wIaBgig7ISdBiIMMjE3LjY0LjE1MS44KKrCAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkYTMxMWQ3Y2ItYmZiMS00NTdkLTgxM2ItMWY2NzcxNTBiYWZjGNoOIhgIAhIUY2RzMDc0LmxvNC5od2Nkbi5uZXQ=.nkXoCD2sWcuDyAMpdPPy/UUF6kFbrdNFEUA0t34Dy3I=
ad
v.lkqd.net/ Frame 4E68 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=38631706&m=&rtv=1&thost=pelotainvernal.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d5ce78a1fca9146c0cc3d048ad9cbe42dffc30b631e70b3d5ef7f9d4971fe92e

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Dec 2022 04:12:16 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4122
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=38631706&m=&rtv=1&thost=pelotainvernal.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Tue, 20 Dec 2022 04:12:16 GMT
server
nginx
cs
cs.lkqd.net/ Frame EE1B
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e8cd9ca8-bce4-4b30-8918-9ae74b50fae3
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e8cd9ca8-bce4-4b30-8918-9ae74b50fae3
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e8cd9ca8-bce4-4b30-8918-9ae74b50fae3
date
Tue, 20 Dec 2022 04:12:16 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame EE1B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame EE1B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame EE1B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4389028374836904769
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame EE1B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.200 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
Date
Tue, 20 Dec 2022 04:12:16 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 9096 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:16 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:16 GMT
server
nginx
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C87385353410834044621632265717%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-149.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f8172336a54220c5c8b32a166b25febcba35bd6e18e8bd3e440ec761abe39bd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pelotainvernal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 04:12:16 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://pelotainvernal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1671509536656039-371
Expires
Tue, 20 Dec 2022 04:12:16 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:16 GMT
server
nginx
t
t.lkqd.net/ Frame 9096 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:16 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 4E68 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_f51ac984.js
vpaid.springserve.com/production/ Frame 3773 		506 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 17:09:30 GMT
content-encoding
br
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 22:05:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1076567
etag
W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
KRdwR7GjBFF4Vs48S26Fl7l69f04v4pZ7JzNvribwK2Ed6ADURHECw==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 3773 		983 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0e841d0f10de9fc7b9df42451485a9f911168b4b3b443d5580560d354bd9636f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:16 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
605
expires
Tue, 20 Dec 2022 04:12:16 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 5FD4 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:16 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 06:03:39 GMT
server
Apache
etag
"277a2-5e7fbf52bc8c8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38047
t
t.lkqd.net/ Frame 9096 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:17 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:16 GMT
server
nginx
showad.js
ads.pubmatic.com/AdServer/js/ Frame 86AB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147091
content-encoding
gzip
content-length
13968
content-type
text/html
date
Tue, 20 Dec 2022 04:12:16 GMT
expires
Wed, 21 Dec 2022 21:03:47 GMT
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5FD4 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:16 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=147091
accept-ranges
bytes
content-length
13968
expires
Wed, 21 Dec 2022 21:03:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 86AB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41582888&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8d93497989c3b935b4939d713f2d69e695dac1c3bcc495c46a75deded9f3d5c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 20 Dec 2022 04:12:15 GMT
content-length
1908
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 71A9 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 20 Dec 2022 04:12:17 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 81A2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6E2IQAAAK_PlgAZ&gdpr=0&gdpr_consent=&_test=Y6E2IQAAAK_PlgAZ
1 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6E2IQAAAK_PlgAZ&gdpr=0&gdpr_consent=&_test=Y6E2IQAAAK_PlgAZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 04:12:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 20 Dec 2022 04:12:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6E2IQAAAK_PlgAZ&gdpr=0&gdpr_consent=&_test=Y6E2IQAAAK_PlgAZ
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220047-HHN
x-timer
S1671509537.115351,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 5A78
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 04:12:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 20 Dec 2022 04:12:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 5BE6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77c589efac038fd6-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77c589ee6ac98fd6-FRA
content-type
text/html
date
Tue, 20 Dec 2022 04:12:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1446
generic
match.adsrvr.org/track/cmf/ Frame 90F4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3398606614
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3398606614
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 20 Dec 2022 04:12:17 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 20 Dec 2022 04:12:17 GMT
etag
RXd425808b46184f4ab4c4f3b4993ed65f003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3398606614
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame AF25 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 20 Dec 2022 04:12:17 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-a34bded5648a@version_1.531
X-core-time
0ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame 7A57 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 20 Dec 2022 04:12:17 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
pub
matching.truffle.bid/sync/ Frame 56D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 20 Dec 2022 04:12:17 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
gdpr_consent=
sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/ Frame CD94
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgTUnXMTanYTSMQXU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.216.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-216-185.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Tue, 20 Dec 2022 04:12:17 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.26.27

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgTUnXMTanYTSMQXU
SPug
image4.pubmatic.com/AdServer/ Frame 86AB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=295063a1-361d-4e00-8d9f-4c459ae8fd05
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=295063a1-361d-4e00-8d9f-4c459ae8fd05
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 20 Dec 2022 04:12:17 GMT
Server
MT3 254 34fcae8 master nrt-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=295063a1-361d-4e00-8d9f-4c459ae8fd05
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Dec 2022 04:12:16 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 86AB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4389028374836904769&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4389028374836904769&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 04:12:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4389028374836904769&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 86AB
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3288839038734860477
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3288839038734860477
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 20 Dec 2022 04:12:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 20 Dec 2022 04:12:17 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0893f088-35b9-43b0-b170-d3d3fd1a57df
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3288839038734860477
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 5FD4 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,&us_privacy=&cb=1671509536929&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fpelotainvernal.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fpelotainvernal.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-20%204:12:17&ranreq=0.7066948025292894&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:17 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://pelotainvernal.com
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 5FD4 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671509537&wa=0&vadsId=-1&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 20 Dec 2022 04:12:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
i
vid-io-cle.springserve.com/vd/ Frame 3773 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=8c2ea270&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.27.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-27-205.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:17 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 3773 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1671509536&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:17 GMT
content-length
0
content-type
text/html
vpaid_f51ac984.js
vpaid.springserve.com/production/ Frame B669 		506 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 17:09:30 GMT
content-encoding
br
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 22:05:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1076568
etag
W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
yDzwI-5qrm1-7RYD1no2cIkXwm1j_sPdlB05yy0YUkFlahlUrcBf1w==
t
t.lkqd.net/ Frame 9096 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://pelotainvernal.com
date
Tue, 20 Dec 2022 04:12:17 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pelotainvernal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://pelotainvernal.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Dec 2022 04:12:17 GMT
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame B669 		983 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bfabd56a03932f4eb80aca19918678d346cf99b71d71f02a8676f63f8e55ca3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 04:12:17 GMT
content-encoding
gzip
server
Apache
etag
"23df-5decc5efc263b-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://pelotainvernal.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
605
expires
Tue, 20 Dec 2022 04:12:17 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 7FFE 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:17 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 06:03:39 GMT
server
Apache
etag
"277a2-5e7fbf52bc8c8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38047
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4223 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147090
content-encoding
gzip
content-length
13968
content-type
text/html
date
Tue, 20 Dec 2022 04:12:17 GMT
expires
Wed, 21 Dec 2022 21:03:47 GMT
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7FFE 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fpelotainvernal.com%2F&schain=1.0,1!vidoomy.com,63065,1,1671509536687,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:12:17 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=147090
accept-ranges
bytes
content-length
13968
expires
Wed, 21 Dec 2022 21:03:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4223 		551 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25246609&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ca1d30a17989f17c2ef0d2beed8e07699074734dc785a7c53187118d5476fe0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 20 Dec 2022 04:12:17 GMT
content-length
551
content-type
text/html; charset=UTF-8
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame DF96 		0
0
cm
ipac.ctnsnet.com/int/ Frame CD0E 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 20 Dec 2022 04:12:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame F4FC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7131E7A3816D4807AD8A674E72AAA387&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7131E7A3816D4807AD8A674E72AAA387&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 04:12:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 20 Dec 2022 04:12:17 GMT
expires
Mon, 19 Dec 2022 04:12:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7131E7A3816D4807AD8A674E72AAA387&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJypk7HQmwAAB9bdKpdXw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3613290900590066763%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0
Domain
a.audrte.com
URL
https://a.audrte.com/p
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| oncontentvisibilityautostatechange object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| googletag object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| $ function| jQuery number| uidEvent object| bootstrap function| moment object| ko function| GameSocket function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| SmartBanner function| gtag object| dataLayer function| ViewModel object| apd_options object| google_tag_manager object| google_ama_state number| google_rum_task_id_counter object| google_image_requests string| GoogleAnalyticsObject function| ga undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector boolean| fifabAlready function| fi_fab object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery function| a0_0x597fa9 function| a0_0x143e number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| pbjs function| a0_0x4b0d object| gaplugins object| gaData object| _seedtagq object| webpackJsonp1671468856573 object| google_llp object| fiUtils object| pbjsChunk object| ADAGIO object| mnet function| requestAnimationFrame1 function| cancelAnimationFrame1 function| getVPAIDAd boolean| _seedtagLoaded object| _seedtag function| callPlayers function| __tcfapi_8928924878912 object| vpaidLoader object| sas object| apntag object| _ADAGIO object| ONFOCUS object| lkqd object| mobile_blocked_mfs function| lkqd_http_response function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo object| Criteo_identitytag_132 object| GoogleGcLKhOms

107 Cookies

Domain/Path Name / Value
.pelotainvernal.com/ Name: __gpi
Value: UID=00000b9563ec2019:T=1671509531:RT=1671509531:S=ALNI_MZ7yczpngZJPcjDSCj7nH3qXCeCGA
s.pelotainvernal.com/ Name: AWSALB
Value: lpFhkPAvbCjx132GyW4pbvdClVAbKJBbP7A33tCZs3mBf1ASy9ZXeihvltWcPCzgFpK3ZBJIT5Pt7WAuWzbmxj9o1qY4lWAdA12zse2waGrU2Xu0++/HYhzUzSuC
s.pelotainvernal.com/ Name: AWSALBCORS
Value: lpFhkPAvbCjx132GyW4pbvdClVAbKJBbP7A33tCZs3mBf1ASy9ZXeihvltWcPCzgFpK3ZBJIT5Pt7WAuWzbmxj9o1qY4lWAdA12zse2waGrU2Xu0++/HYhzUzSuC
.pelotainvernal.com/ Name: _ga
Value: GA1.2.1846504517.1671509531
.pelotainvernal.com/ Name: _gid
Value: GA1.2.1327323472.1671509532
.pelotainvernal.com/ Name: _gat_gtag_UA_19230497_1
Value: 1
.pelotainvernal.com/ Name: __gads
Value: ID=fc62e9aa8abdda18-226f526a20d9001a:T=1671509531:S=ALNI_MYe7WQ4x-9sAVI7O4mxFDnk9gbutg
.doubleclick.net/ Name: IDE
Value: AHWqTUlfyg_v3-YqleT91-wNPTH5hdWbzCueKH_coDtiaXS7jXDLGB_lxEopKzOg-lc
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
pelotainvernal.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.pelotainvernal.com/ Name: _pubcid
Value: 2e236f4e-e576-426b-8ba5-5b8439c05f97
.pelotainvernal.com/ Name: cto_bidid
Value: 5I3p-19aMXNiVk1SJTJCRFZUSndPTU82SkhwTVMzRWpnciUyRjJhdVlFJTJGZDNQdzVkcWRiV0poVDdhJTJCSkV4SzA2NU13bjN4JTJGM05JOElmdmRCM0tzTzJlN2tEQ3NuVUElM0QlM0Q
.yahoo.com/ Name: A3
Value: d=AQABBBw2oWMCEJeKDoZZDubnIf-NwB0Q-dsFEgEBAQGHomOrYwAAAAAA_eMAAA&S=AQAAAlZrmAQkkcp7PUw5bahNoMw
.bidswitch.net/ Name: tuuid
Value: 4b77473c-85ef-44a2-ab4e-37afbe8c5694
.bidswitch.net/ Name: c
Value: 1671509532
.bidswitch.net/ Name: tuuid_lu
Value: 1671509532
.rubiconproject.com/ Name: khaos
Value: LBVPM9GV-N-B8JD
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrkEWwzVoUgOzpcd3HBZZ775PzI6EyVJjldQcjwJyI73yz0LaUIvgLvSkyj9x8eeR3thoi474+Tg2jYHTlS9mMvGIFatoJ0DXuyqVI1k5poNA==
.ads.stickyadstv.com/ Name: UID
Value: 4f3fd71a2a5fefbeda649d4303598df
.admixer.net/ Name: am-uid
Value: 115fb7c42e304e84a753b3fe0b5a183d
a.vidoomy.com/ Name: SSCookie
Value: 1
.quantserve.com/ Name: mc
Value: 63a1361c-981fa-fa266-73dea
.doubleclick.net/ Name: DSID
Value: NO_DATA
.turn.com/ Name: uid
Value: 4389028374836904769
.pelotainvernal.com/ Name: __qca
Value: P0-1483985273-1671509532403
.criteo.com/ Name: uid
Value: a5bb90fe-ac18-4b44-8f2d-11bf0ca95f07
.simpli.fi/ Name: suid
Value: 7131E7A3816D4807AD8A674E72AAA387
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dd8c59ee-b618-435c-7d2d-566a38e5b54d.jw7o6d8qcMwSQ5WauQEIfZ9wWAayoXIPZFO5MtVsbfg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3YxZ7rYYQ1x9LVZqOOW1TdlAlwg.769eW5hif3MmgpvENOGDE%2FFSWpAUXHpLtIP8FiehSnI
.pelotainvernal.com/ Name: cto_bundle
Value: u_LAIV9jSlBCMnFseGhlWVR3dHhzbk5mWHpvMEVySDBvcnFCS2pDTzFqM1FKTFFwNnBBc3haQVFaYTRRbjFPMHJJQ3l0QTFHZHJKNEFaaXB0MldRZzVHS2VES3VCUnFFUlh1NlFEaktyMzhYcUljRVQlMkZ4QTdoJTJGbWpvUGtOTSUyRkNycXV4d055R1FKQXVxUXNocEk0dFVTM3FkUUR4YUhETG01am1wUnM5MjRGS1dFVEElM0Q
.adfarm1.adition.com/ Name: UserID1
Value: 7179078779192801427
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d425808b-4618-4f4a-b4c4-f3b4993ed65f-003%22%7D
.360yield.com/ Name: tuuid
Value: a7748909-ecfb-4ffa-9ae8-521e68a0da78
.360yield.com/ Name: tuuid_lu
Value: 1671509533
.awin1.com/ Name: AWSESS
Value: 377129:2470185
.awin1.com/ Name: awpv11354
Value: 412871|1671509533|7b7cced1-801c-11ed-9d10-2262c713b6c4
www.conrad.de/ Name: HTLP_timestamp
Value: 1671509533
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: RpXXvzoHCloDGY28VvsOCyq_5XbdCyF_pybKSvE.kq0-1671509533-0-AU9+a5PCs+bWnNDdTdZLPkFNIysJG+hQsDi+FLKUwJ8/dW8hjZrDkk2DyR3QhwKvWiY3r2SsOY19ASmsdknvqzc=
.mathtag.com/ Name: mt_mop
Value: 4:1671509533
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3MTUwOTUzM3ZsZWExZGUyMDIyMTIyMDA1MTIxMzc5NjY2MTM4NDY5WDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWQ3MnhjcWZnekhqWG1ydXJIWEhndEF0VlZlZkdUMVRNSkNNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzcwMw
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022122005121379666138469X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3MTUwOTUzM3ZsZWExZGUyMDIyMTIyMDA1MTIxMzc5NjY2MTM4NDY5WDExNzcwM1YxMjI2MTMyNzAyT
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3MTUwOTUzNHZsZWExZGUyMDIyMTIyMDA1MTIxMzc5NjY2MTM4NDY3WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022122005121379666138467X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.mathtag.com/ Name: uuid
Value: 295063a1-361d-4e00-8d9f-4c459ae8fd05
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3E4CB774-585C-4BAA-AADE-66B7516F7715
.adnxs.com/ Name: uuid2
Value: 3288839038734860477
.weborama.fr/ Name: AFFICHE_W
Value: -OwPMefoja7873
.zeotap.com/ Name: zc
Value: d4e11a7d-4a60-4eb2-583d-df3fedff0db5
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENFuhmk7q10txmHu55xtVzM&KRTB&16514-CAESENFuhmk7q10txmHu55xtVzM&KRTB&23025-CAESENFuhmk7q10txmHu55xtVzM&KRTB&23386-CAESENFuhmk7q10txmHu55xtVzM
.de17a.com/ Name: guid
Value: 1.3236300610912310540
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3288839038734860477&KRTB&23339-3288839038734860477
.adform.net/ Name: uid
Value: 3247431370098024696
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3247431370098024696&KRTB&23263-3247431370098024696
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3236300610912310540
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:295063a1-361d-4e00-8d9f-4c459ae8fd05&KRTB&16736-uid:295063a1-361d-4e00-8d9f-4c459ae8fd05&KRTB&23019-uid:295063a1-361d-4e00-8d9f-4c459ae8fd05&KRTB&23208-uid:295063a1-361d-4e00-8d9f-4c459ae8fd05
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.amazon-adsystem.com/ Name: ad-id
Value: A-PqqHYImUvVr_dKFLnNIoA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.quantserve.com/ Name: d
Value: EIoBCwHtJ_ijAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "1982~28y4:18z8~28y4"
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-QIYHB0WDV1VbjF4HENRLUBeHUABbglVSE9TP0yhp&KRTB&19420-QIYHB0WDV1VbjF4HENRLUBeHUABbglVSE9TP0yhp&KRTB&22979-QIYHB0WDV1VbjF4HENRLUBeHUABbglVSE9TP0yhp&KRTB&23403-QIYHB0WDV1VbjF4HENRLUBeHUABbglVSE9TP0yhp
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7179078779192801427&KRTB&23278-7179078779192801427&KRTB&23369-7179078779192801427
.fiftyt.com/ Name: fifid
Value: ac8d31b7-bb1c-4623-79e9-020a1ee3f48e
.fiftyt.com/ Name: cs
Value: MTY3MTUwOTUzNXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fDGNH11Aho3KrDTqyVCiy_dr4nene_hdxH6IwxZL_Vml
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5oamBpamxqbGAKALyhXM8QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjU2sTA0NQMyhPgMdS2SgjJdA-OdS3VzDQGjJ2TNJQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjU2sTA0NQMyhPgMdS2SgjJdA-OdS3VzDQGjJ2TNJQAAAA
.fiftyt.com/ Name: fppm
Value: 20221220041215
.adsby.bidtheatre.com/ Name: __kuid
Value: dc2b5e8e-1d54-4360-9d91-d30acd60c296.440723535
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-4b77473c-85ef-44a2-ab4e-37afbe8c5694
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-3YxZ7rYYQ1x9LVZqOOW1TdlAlwg&KRTB&23334-3YxZ7rYYQ1x9LVZqOOW1TdlAlwg&KRTB&23417-3YxZ7rYYQ1x9LVZqOOW1TdlAlwg&KRTB&23426-3YxZ7rYYQ1x9LVZqOOW1TdlAlwg
.bidr.io/ Name: bito
Value: AAJypk7HQmwAAB9bdKpdXw
.bidr.io/ Name: bitoIsSecure
Value: ok
.semasio.net/ Name: SEUNCY
Value: 1F20539C87A45AEC
.casalemedia.com/ Name: CMID
Value: Y6E2H7UIZf9sVHQFfAh5VQAA
.casalemedia.com/ Name: CMPS
Value: 1173
.casalemedia.com/ Name: CMPRO
Value: 1173
.onaudience.com/ Name: cookie
Value: a76e2f70e378fd26
.onaudience.com/ Name: done_redirects104
Value: 1
.smartadserver.com/ Name: pid
Value: 3613290900590066763
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAJypk7HQmwAAB9bdKpdXw
.adotmob.com/ Name: uid
Value: 088322040039a0053bc7b74a
.adotmob.com/ Name: uuid
Value: 088322040039a0053bc7b74a
.adotmob.com/ Name: partners
Value: IX%3A1671509535601
.casalemedia.com/ Name: CMTS
Value: 5291
.audrte.com/ Name: arcki2
Value: 391NBJQ4P-MScaW2xHRJ1Qimg!20220908!1671509535607!ip#217.64.151.8
.audrte.com/ Name: arcki2_pubmatic
Value: 3E4CB774-585C-4BAA-AADE-66B7516F7715!20220908!1671509535610
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: DPSync3
Value: 1672704000%3A227_245_241_235_221_226_219_201_197%7C1671580800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1672099200%3A2_223_15%7C1674086400%3A203%7C1672358400%3A63%7C1672704000%3A54_88_161_22_234_99_243_81_3_71_220_251_233_238_7_8_166_21_176_165_55_56_13_204%7C1672790400%3A35
.csync.loopme.me/ Name: viewer_token
Value: 386c0069-af3a-49da-809d-dae4df1560b3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d425808b-4618-4f4a-b4c4-f3b4993ed65f-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
ads.playground.xyz/ Name: connect.sid
Value: s%3A1Z6Mg63tkB-h_tDUAZ7uLdwbNHgdAi20.A%2BVMHATW6MNbTWujNUynLqbbXfR6fuiZbxZO8FIeV3I
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4389028374836904769&KRTB&23150-4389028374836904769
.pubmatic.com/ Name: PugT
Value: 1671509537
.onaudience.com/ Name: done_redirects200
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6E2IQAAAK_PlgAZ
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y6E2IQAAAK_PlgAZ&KRTB&22978-Y6E2IQAAAK_PlgAZ&KRTB&23194-Y6E2IQAAAK_PlgAZ&KRTB&23209-Y6E2IQAAAK_PlgAZ
.pubmatic.com/ Name: SPugT
Value: 1671509537
.tribalfusion.com/ Name: ANON_ID
Value: avnseFtMPmEUTgUpMDV6SBA1FVpKkStO5JWVPparcbGHQ7TcbyldGEtZbDI9l2FoTRdMCrb33Od5HfZcyVH9bZb

6 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671509531&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671509530970&bpp=1&bdt=176&idt=102&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=2059707994738&frm=20&pv=1&ga_vid=1846504517.1671509531&ga_sid=1671509531&ga_hid=1903072021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=386&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C44780792%2C21065724&oid=2&pvsid=3346729867802482&tmod=1956978257&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5iTa8SbArS&p=https%3A//pelotainvernal.com&dtd=105
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3E4CB774-585C-4BAA-AADE-66B7516F7715&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a76e2f70e378fd26/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-3139134883708761&fa=3&ifi=6&uci=a!6&btvi=1&xpc=G0HMjeqDHS&p=https%3A//pelotainvernal.com
Message:
The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-3139134883708761&fa=1&ifi=7&uci=a!7&btvi=2&xpc=HpXfNXJ3TD&p=https%3A//pelotainvernal.com
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgTUnXMTanYTSMQXU
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a.vidoomy.com
a30f6f1089e44591b8a78fbc7f9ef8fe.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
aud.pubmatic.com
bh.contextweb.com
c1.adform.net
cat.nl.eu.criteo.com
cdn-conectate.kiskoo.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
core.iprom.net
cr.frontend.weborama.fr
cs.lkqd.net
cs.media.net
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ecdn.firstimpression.io
fastlane.rubiconproject.com
flower-ads.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pelotainvernal.com
pix.eu.criteo.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid.media.net
prod-rtb.ad4mat.net
pubmatic-match.dotomi.com
r.turn.com
rtb.fr.eu.criteo.com
rules.quantcount.com
s.ad.smaato.net
s.seedtag.com
s.tribalfusion.com
s3.amazonaws.com
script.4dex.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
st.pubmatic.com
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.lkqd.net
t.seedtag.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
widgets.outbrain.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
a.audrte.com
bh.contextweb.com
cm-supply-web.gammaplatform.com
t.lkqd.net
103.229.205.243
104.18.131.145
104.18.33.19
141.94.171.215
141.94.240.143
142.250.185.134
146.0.227.110
146.20.128.200
146.20.132.192
15.235.15.221
151.101.66.49
151.139.128.10
162.19.138.116
162.55.120.196
178.250.0.157
178.250.2.148
178.250.2.151
178.62.202.251
18.195.83.19
184.24.12.207
185.183.112.155
185.64.189.111
185.64.189.229
185.64.190.78
185.64.190.80
185.64.190.81
185.64.190.89
185.80.39.216
185.89.210.244
185.89.210.82
193.0.160.129
195.5.165.20
2.18.233.180
2.23.192.21
2001:4de0:ac18::1:a:1b
2001:678:cb4:bbbb::11
213.155.156.165
213.19.147.45
216.58.212.130
2600:1901:0:76b9::
2600:9000:206f:9200:15:6f6c:b180:93a1
2600:9000:211e:6c00:1b:5138:8a40:93a1
2600:9000:223c:aa00:6:44e3:f8c0:93a1
2602:803:c003:200::31
2606:4700:10::6816:1857
2606:4700:10::ac43:266a
2606:4700:20::681a:179
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:4bf1
2606:4700:3031::ac43:b7f8
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:19ad
2606:4700::6812:272
2606:4700::6812:7e05
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9a
2a02:2638:1::17
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:1fd9:6969:7081:2e2b
3.126.56.137
3.132.27.205
3.19.54.139
3.69.201.248
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.149.50.64
34.255.17.182
35.186.193.173
35.201.96.126
35.204.158.49
35.214.223.115
37.157.3.29
46.4.41.145
51.89.9.253
52.22.201.165
52.223.40.198
52.94.222.140
54.154.216.185
54.231.136.152
54.85.151.23
63.251.232.165
69.20.43.192
72.251.249.14
77.243.60.138
78.46.85.162
84.200.5.215
85.114.159.118
88.221.169.78
95.101.27.149
98.98.134.241
99.86.4.102
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5
05730f7369bae301ec35fd07bb494a2aa0fe53ad02a01474a2e4077f33ea73db
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e63307deac3d8aeab68773529536e2d1d9ad4e09749326cbcdf6d9009b49551
0e841d0f10de9fc7b9df42451485a9f911168b4b3b443d5580560d354bd9636f
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
192d4b891be80f8d52f4415fc7f29385107aa248dc0b0f734668bd23881a10c4
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6
1edb00bc378034f1e9a52eb3f4d11e3d1314a83db8138c489c83d5d66e4c5b9a
1f92733e94f2928a93d8a4243e07caa07d38d26f9cb3ff2bf3e484f0b75d3230
1fc3b4ce293b4feff98b94adcd7af530cc3eeb8bbc07cf8e834c5a569a03e901
211ccd7f9ed32a3332fd2503407b9b9d462eaeb4f5dc7e464e0eee5ae5638ca5
220a826b046191d348dc5bd3741db99508eb8cf5a6138c407c317ea41949c1a1
24c77f61feb1ebd80196339e9368f7dd0c32ca142227502d18eba2991bfe76ea
2bf340d8507d6f7d8b94de5273872c3b920305afe8d2e81f86475d4bcf0f4754
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30bce754212e37923632f6006bfa06860b6649078f18b547ce8fe9b4801e688a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5
33a832e0187c1fb90afe0194aabe994bf01bca1090a92770710b069785fa28cf
3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83
3620d28357207cd4b8092fe728bed5a606c78c07d4043ed225b7c3e8e58fa731
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3
3cb9c5344328c276197498d83345b3172183680f060a46aa8356547a469083ee
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42ba92b551ff86a4d5bf838894cb2b183f71b0e313628b8f0a5e5407bade31ba
43822e61b0e5a1519e4eb4bcbae9d64892cb7083647ca07549addaf661f205e2
43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1
44efc12115434f5a8d756c44de6f55adec20f11b7d0c41d4255ca6c5fcba1bbf
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b4c71365efa44df7c705f5ca9229a5f0028a5a6eef612eebedb9c66cfba6f0
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea21b87af7fc15e53939c8f710bf48151d874875d16fdf92f75c36a284a275a
4ec034e58da40169ef924f670a88750b61aa03c6228365144524348d77760cb5
4ed3b545a668f246d2af9c897439f0c9753e38bc971fb4fb9c6222537ac10922
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6
52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564b6be4c4ec1b5310aa5cf05746ded4d5042f2f7ac4a613125782f62b76cc54
5751c72d565d369e5de7f5bf2fb7fc5c6ec840bb5bed2acce43e1fcaf313414d
5754871e0d03e11dd72bc7db599cdb3645786b14e5fe57f1e7b2dc8a3f0cd2b3
58f53e62e92a1c14bba2c3c65e20fd4079307c9b2be67ac294fc19a62cfe4ef2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c667f87a503d25310f982a5b2fba6006b5dea2d7f90be48158b8a89f1050686
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62242e4deee928286863fed2f0b3d81dea405e1f055ffe380548eb4d97fe7b9c
627604ac8fcd633d2708e64148060a306869a327a15a3bdcada6e4dd59ea491a
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67a27a56f829f85a991a131a1d8aad8782f8a0c983efb020956f9df2decceb06
69690d82a2e41e82f4dbe6fd851eb7e66b20e41eab4eed6e7f367cc125b66121
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
713ecf58215f1ad00f1fe943e4785df4c7cd31a77f0de304085738532cac42c2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74d4e1134b6d96d1fdb5997de81524112972dab3deddf8f5eb4e0caa19092ac2
74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1
762da8b35ea43269689a85dd6ee90d16ea187d9e65e98f783737a703bc127661
77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def
787ad832cf564f4797bf01427438be70b2f0ecc7601582ec12c3b5b689c4af93
78abc714e4de74fba42b97a9b45115faaa7d24df22975972e306ebd0094fe5ff
78eea8cb59016e43a6a6878eb6486bf3374506b121f0774380d6cb0169ea575b
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01
7f3f2148646b7fd2c8c2c3d1b64dc830f0d0a3716dfcf621b69bb555067fff47
7f7dd17a3398f4f96f586460691a97fee1390b60a0dbd0708c6d8ec26fcc5fef
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4
894b1315778a681aeaeedaf7fec0f4ae4f7cd659d586339e4f46d61c485b4ecc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d93497989c3b935b4939d713f2d69e695dac1c3bcc495c46a75deded9f3d5c9
8dc9789ee3ba46e75c37f7473135f4763533299bdbea5f2cc243c02459f35a08
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
926277a34899cd4c8f87e0f9f1c24f14a42d1ccb45c75bca0da764c32573dbfa
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
95e1be98830a9529350cdc1bcba69e525d2d0fa3150f2e5db6d48e7921e8779e
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
997d7a690381c208fd974f5118eacffd8f661b06b3bbbfdb9cc2f785d06996d9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a60b2b58d7356ab2c464b18de5fc1614f0c78c9068db9e897ff100da36725160
a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192
a70efde4c6eeeb2c9e0befe3f3f9dc4ee442eb4d5d9349b01028a2925333bb35
a71014210ffef80ad8bfdff755f1932a431d254936fc8fc85b7ca6453e44ee48
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
aa0a235a0edb76846d6a656d6b81b3308d36d4f3411cb6c73df7b15da0782ce2
abf62a46b2c61dc1dada57646c1f2639d8dc873aa7542165f14dd75a0f3db366
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b394ca600b7f316e3fa68fd926f88179babffc0f84ac3ba6666f4c61e8adcd38
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873
b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48
b598f07c0cccbe32bc18f8ecfb968c014cc2984788f7260f117c25a9579b53eb
ba6e4b4672c5aa32c2ef79639ae5199bd4f40fd0c082e3cb64d5795ced601975
bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745
bcc1ce2289e1c314c7484935630d6519a714a6e5b11c3403263ffed61f6d4acf
bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1
bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd
be042b5ec89a840399f6d690dc38113fa63c80e6edd8537ed95d5b41c267fccc
bf64e810161eaeea8c038b4e5831e6b302441bc6149fcbcb1eaff645b61c98af
bfabd56a03932f4eb80aca19918678d346cf99b71d71f02a8676f63f8e55ca3c
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2db4f4c20631eac4f2c8c3571af957dd8294f014aa3ab66066b0f1c774ee0c7
c54527742912dc24ffdbc35d926d8d76f016b8258e9ebb94dfb50a729d6901df
ca1d30a17989f17c2ef0d2beed8e07699074734dc785a7c53187118d5476fe0d
cab7abc780dd76f3950a283b57a034bebab49320c848b082e9d4cec0a81a912a
cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb
ce27e04e406e528ca5c99ee0c93213a0c7b597c2b44775f4bf93959acfbf41fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d284e2625f853bee95ea01ce2ad254f5337030874162c5d1754906dd6fc4c50e
d5ce78a1fca9146c0cc3d048ad9cbe42dffc30b631e70b3d5ef7f9d4971fe92e
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d69b9eefd4f41a76f60dedfd1834c987a8cb5fef42ee7884d9d8b7499c513c68
d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dae46245ef1fe990e750fcdd709692b086e17b1790ea3782e9bfbf8561be441c
de0cde443b7490d3341b9b134e25ee0fd21a947e2362d45fc35bc06057d61519
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e74cb387fb789e9e1409512f055dce5e65f458fd0993480ce21b24028d4e33
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f391a52df51aab990e5ee9482e92d051babb1f604f03ba4ca7fc72ee96f44aa5
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f8172336a54220c5c8b32a166b25febcba35bd6e18e8bd3e440ec761abe39bd2
fcf3722b7a177d22818d48ac1fd9e5df9759e4dc4311050e097d1695a60bc9ec
fe8a6570027e23af6d729e24846f6602c7acc23543a11379cb440a6c8f0e7391