www.labrujula24.com Open in urlscan Pro
2606:4700:20::681a:e92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://labrujula24.com/
Effective URL:
https://www.labrujula24.com/
Submission: On December 04 via manual (December 4th 2022, 4:25:29 pm UTC) from AR — Scanned from DE

Summary HTTP 488 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 62 IPs in 13 countries across 61 domains to perform 488 HTTP transactions. The main IP is 2606:4700:20::681a:e92, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.labrujula24.com. The Cisco Umbrella rank of the primary domain is 912048.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2022. Valid for: a year.

This is the only time www.labrujula24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:4ade	13335 (CLOUDFLAR...) (CLOUDFLARENET)
98	2606:4700:20:... 2606:4700:20::681a:e92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
19	2600:9000:206... 2600:9000:206f:1000:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:593::2e03	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:20:... 2606:4700:20::ac43:48db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
21	2606:4700::68... 2606:4700::6812:19f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	88.221.169.143 88.221.169.143	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
65	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3.123.150.125 3.123.150.125	16509 (AMAZON-02) (AMAZON-02)
2	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 1	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
19	54.85.147.115 54.85.147.115	14618 (AMAZON-AES) (AMAZON-AES)
11	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 21	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 7	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
36	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
9	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1	5.226.179.19 5.226.179.19	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 4	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	13.41.118.175 13.41.118.175	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2 2	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
2	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	52.57.83.94 52.57.83.94	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
2	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	54.74.128.162 54.74.128.162	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
7 8	35.158.203.161 35.158.203.161	16509 (AMAZON-02) (AMAZON-02)
2	65.9.95.48 65.9.95.48	16509 (AMAZON-02) (AMAZON-02)
2	13.225.239.15 13.225.239.15	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.11.196.201 3.11.196.201	16509 (AMAZON-02) (AMAZON-02)
2	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	99.81.44.108 99.81.44.108	16509 (AMAZON-02) (AMAZON-02)
1 1	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1 1	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	23.3.108.25 23.3.108.25	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.124.32.217 3.124.32.217	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
488	62

1 2606:4700:20::ac43:4ade (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

labrujula24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

98 2606:4700:20::681a:e92 (United States)

ASN13335 (CLOUDFLARENET, US)

www.labrujula24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicios.labrujula24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:206f:1000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:593::2e03 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.wunderground.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:48db (United States)

ASN13335 (CLOUDFLARENET, US)

intothebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6812:19f6 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-143.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.123.150.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-150-125.eu-central-1.compute.amazonaws.com

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.76 (Porto, Portugal) 1 redirects

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com

sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 54.85.147.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-147-115.compute-1.amazonaws.com

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:138 (United States)

ASN13335 (CLOUDFLARENET, US)

3pl.bidsolo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.123 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 136.243.149.243 (Baden-Baden, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.104.53 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.226.179.19 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

members.bet365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.135.164 (Bingen am Rhein, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France) 4 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.41.118.175 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-118-175.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.23.99.218 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.83.94 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-83-94.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.128.162 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-128-162.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.158.203.161 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-203-161.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-48.prg50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.239.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-239-15.bru50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.11.196.201 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-196-201.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.44.108 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-44-108.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.142 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.241 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.3.108.25 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-108-25.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.32.217 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-32-217.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
99	labrujula24.com 1 redirects labrujula24.com — Cisco Umbrella Rank: 856288 www.labrujula24.com — Cisco Umbrella Rank: 912048 servicios.labrujula24.com	2 MB
83	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 144	2 MB
64	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 83628	278 KB
38	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 1708 gw.geoedge.be — Cisco Umbrella Rank: 1971	1 MB
36	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 288	827 KB
21	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 31863 ui.cleverwebserver.com — Cisco Umbrella Rank: 32471 lp.cleverwebserver.com — Cisco Umbrella Rank: 66311 call.cleverwebserver.com — Cisco Umbrella Rank: 33881	119 KB
17	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 36764 hal900022.redintelligence.net — Cisco Umbrella Rank: 434466 hal900015.redintelligence.net — Cisco Umbrella Rank: 386867	274 KB
16	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	760 KB
14	google.com adservice.google.com — Cisco Umbrella Rank: 87 www.google.com — Cisco Umbrella Rank: 2	1 KB
12	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 539 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467 dsum.casalemedia.com — Cisco Umbrella Rank: 1571	9 KB
11	gstatic.com fonts.gstatic.com	217 KB
8	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 322	2 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	7 KB
7	media.net prebid.media.net — Cisco Umbrella Rank: 1238 cs.media.net — Cisco Umbrella Rank: 1474 contextual.media.net — Cisco Umbrella Rank: 600	4 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 17749 api.webgains.io — Cisco Umbrella Rank: 52643	62 KB
6	medialead.de 6 redirects pv.medialead.de — Cisco Umbrella Rank: 56785 medialead.de — Cisco Umbrella Rank: 56234	2 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 378	126 KB
6	vidoomy.com d.vidoomy.com — Cisco Umbrella Rank: 8849 a-prebid.vidoomy.com — Cisco Umbrella Rank: 11922 a.vidoomy.com — Cisco Umbrella Rank: 8385	2 KB
5	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 429 mug.criteo.com — Cisco Umbrella Rank: 2441 dis.criteo.com — Cisco Umbrella Rank: 752	2 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3572 onesignal.com — Cisco Umbrella Rank: 1232	82 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1855 m.addthis.com — Cisco Umbrella Rank: 1805	219 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	6 KB
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 2005 mp.4dex.io — Cisco Umbrella Rank: 2214	25 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 317	1 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 718 cm.adform.net — Cisco Umbrella Rank: 1674	1 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 886	2 KB
3	awin1.com www.awin1.com — Cisco Umbrella Rank: 14781	2 KB
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 847	770 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	154 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1126	1 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 34638	1 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 51323	4 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2641	783 B
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 655	382 B
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1001	89 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5758	645 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 975 s.tribalfusion.com — Cisco Umbrella Rank: 2229	1 KB
2	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 115950	624 B
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 41502	4 KB
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 176762	2 KB
2	media01.eu pb.media01.eu — Cisco Umbrella Rank: 55004	826 B
2	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 498	1 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 635	911 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 476	1 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1149	12 KB
2	intothebid.com intothebid.com — Cisco Umbrella Rank: 171409	167 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 509	762 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1554	583 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 48427	609 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 638	536 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1435	63 KB
1	bet365.de members.bet365.de — Cisco Umbrella Rank: 305031	1 KB
1	bidsolo.io 3pl.bidsolo.io — Cisco Umbrella Rank: 221693	2 KB
1	clevernt.com 1 redirects sender.clevernt.com — Cisco Umbrella Rank: 59862	274 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1209	406 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 2171	787 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 448	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7808	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	699 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2448	350 B
1	wunderground.com www.wunderground.com — Cisco Umbrella Rank: 22453	2 KB
488	61

	Domain	Requested by
91	www.labrujula24.com	www.labrujula24.com static.cloudflareinsights.com
57	tpc.googlesyndication.com	rumcdn.geoedge.be www.labrujula24.com
36	s0.2mdn.net	rumcdn.geoedge.be s0.2mdn.net dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
33	securepubads.g.doubleclick.net	www.labrujula24.com rumcdn.geoedge.be securepubads.g.doubleclick.net dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
21	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
19	gw.geoedge.be	rumcdn.geoedge.be
19	rumcdn.geoedge.be	www.labrujula24.com rumcdn.geoedge.be
18	lp.cleverwebserver.com	www.labrujula24.com lp.cleverwebserver.com
18	pagead2.googlesyndication.com	www.labrujula24.com pagead2.googlesyndication.com rumcdn.geoedge.be tpc.googlesyndication.com dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
16	www.googletagservices.com	rumcdn.geoedge.be
11	www.google.com	rumcdn.geoedge.be www.labrujula24.com
11	fonts.gstatic.com	fonts.googleapis.com
9	hal9000.redintelligence.net	rumcdn.geoedge.be hal900022.redintelligence.net hal900015.redintelligence.net
8	x.bidswitch.net	7 redirects
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
7	servicios.labrujula24.com	www.labrujula24.com servicios.labrujula24.com static.cloudflareinsights.com
6	cdn.ampproject.org	rumcdn.geoedge.be
6	googleads.g.doubleclick.net	rumcdn.geoedge.be
5	fonts.googleapis.com	www.labrujula24.com lp.cleverwebserver.com hal900022.redintelligence.net hal900015.redintelligence.net
4	api.webgains.io	rumcdn.geoedge.be
4	5994599.fls.doubleclick.net	2 redirects rumcdn.geoedge.be
4	pv.medialead.de	4 redirects
4	hal900015.redintelligence.net	1 redirects dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com rumcdn.geoedge.be hal900015.redintelligence.net
4	hal900022.redintelligence.net	1 redirects dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com rumcdn.geoedge.be hal900022.redintelligence.net
4	s7.addthis.com	www.labrujula24.com s7.addthis.com rumcdn.geoedge.be
3	contextual.media.net
3	a-prebid.vidoomy.com
3	ups.analytics.yahoo.com	3 redirects
3	pm.w55c.net	3 redirects
3	www.awin1.com	dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com rumcdn.geoedge.be
3	onesignal.com	cdn.onesignal.com rumcdn.geoedge.be
3	onetag-sys.com	intothebid.com
3	adservice.google.com	rumcdn.geoedge.be 5994599.fls.doubleclick.net
3	www.googletagmanager.com	www.labrujula24.com adv.office-partner.de
2	rtb.mfadsrvr.com	2 redirects
2	r.scoota.co	2 redirects
2	cs.media.net
2	cdn.track.production.webgains.team	dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
2	analytics.webgains.io	rumcdn.geoedge.be
2	match.360yield.com	2 redirects
2	pixel-sync.sitescout.com	dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
2	ssbsync.smartadserver.com	dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	ad-server.eu	dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
2	medialead.de	2 redirects
2	track.webgains.com	rumcdn.geoedge.be
2	adv.office-partner.de	rumcdn.geoedge.be
2	pb.media01.eu	rumcdn.geoedge.be
2	prebid.media.net	intothebid.com
2	htlb.casalemedia.com	intothebid.com
2	fastlane.rubiconproject.com	intothebid.com
2	ap.lijit.com	intothebid.com
2	d.vidoomy.com	intothebid.com
2	mp.4dex.io	intothebid.com
2	script.4dex.io	intothebid.com script.4dex.io
2	id5-sync.com	intothebid.com
2	mug.criteo.com	www.labrujula24.com
2	gum.criteo.com	1 redirects
2	static.cloudflareinsights.com	www.labrujula24.com servicios.labrujula24.com
2	cdn.onesignal.com	www.labrujula24.com rumcdn.geoedge.be
2	intothebid.com	www.labrujula24.com rumcdn.geoedge.be
1	dis.criteo.com	1 redirects
1	a.vidoomy.com
1	sync.mathtag.com	1 redirects
1	cm.adform.net	1 redirects
1	dsum.casalemedia.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	code.createjs.com	s0.2mdn.net
1	members.bet365.de	lp.cleverwebserver.com
1	3pl.bidsolo.io	intothebid.com
1	call.cleverwebserver.com	www.labrujula24.com
1	sender.clevernt.com	1 redirects
1	lb.eu-1-id5-sync.com	intothebid.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	ui.cleverwebserver.com	rumcdn.geoedge.be
1	z.moatads.com	s7.addthis.com
1	adservice.google.de	rumcdn.geoedge.be
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	scripts.cleverwebserver.com	www.labrujula24.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.wunderground.com	www.labrujula24.com
1	labrujula24.com	1 redirects
488	91

This site contains links to these domains. Also see Links.

Domain
www.openfm.ar
wa.me
facebook.com
twitter.com
instagram.com
www.youtube.com
www.twitch.tv
ar.radiocut.fm
www.bahia.gob.ar
www.facebook.com
www.instagram.com
publicidad.labrujula24.com
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-14` - `2023-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
gw.geoedge.be Amazon	`2022-09-12` - `2023-10-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
weather.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-27` - `2023-03-27`	a year	crt.sh
*.intothebid.com E1	`2022-10-24` - `2023-01-22`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2022-09-06` - `2023-09-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
protect.geoedge.be Sectigo ECC Domain Validation Secure Server CA	`2022-01-02` - `2023-02-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.bidsolo.io E1	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
redintelligence.net R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
bet365.de Cloudflare Inc ECC CA-3	`2022-01-13` - `2023-01-12`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2022-11-02` - `2023-01-31`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 47 frames:

Primary Page: https://www.labrujula24.com/
Frame ID: 53A8E4A9D8279DB39A72302C3EBEEE23
Requests: 169 HTTP requests in this frame

Frame: https://servicios.labrujula24.com/cotizaciones/index.html
Frame ID: 81F0EA48FB291DB6816C18897C67B857
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 5FA918E38BD1854FD0B0719530F095A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922699194716681&output=html&adk=1812271804&adf=3025194257&lmt=1670171120&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.labrujula24.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670171120206&bpp=3&bdt=451&idt=491&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3932011046584&frm=20&pv=2&ga_vid=579929824.1670171120&ga_sid=1670171121&ga_hid=1929333272&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070993&oid=2&pvsid=2516472175970245&tmod=611838522&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=507
Frame ID: C0479100838A8BE922B41C1D816A171D
Requests: 1 HTTP requests in this frame

Frame: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1524FC2FAE1AEF57B1360F7CC4C5D4FB
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 153CDC45149348D9B90C9EB85AE8D361
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B771E277ECBDEC9CA4AD8EFFFDA69998
Requests: 1 HTTP requests in this frame

Frame: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D67E215A35BCE0F89CD735CBE23D0E3C
Requests: 9 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Frame ID: A8B682C388E6C4031D225BC009809255
Requests: 11 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Frame ID: E299C2C586F84E6B897DFC3F836E2CD3
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Frame ID: CE3AABDF6E07918758682C33E8127FFE
Requests: 10 HTTP requests in this frame

Frame: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 21A98907701981599B12A05E2D13FA13
Requests: 9 HTTP requests in this frame

Frame: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AEBED772D220187BF413F29F7CCA8101
Requests: 19 HTTP requests in this frame

Frame: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7CC690794D19804F1782AE695912D150
Requests: 9 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Frame ID: 2E2B337CFABE723A901AAF6C9990A757
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Frame ID: 8C711DA140E32215FD7409FC9B0DCF8D
Requests: 10 HTTP requests in this frame

Frame: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7B6D3BAFCC7DF027666E7CA4989CD4D7
Requests: 18 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Frame ID: 0F4DE4FB2505C19BB59481BC018C6952
Requests: 20 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Frame ID: D468AAC161BA5A788A0CC78CE3655B9A
Requests: 11 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Frame ID: CB3D3EC1EBADDF2F7270F66700680FBA
Requests: 10 HTTP requests in this frame

Frame: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 090EF17EE0D9E2FD3EA0247025EE9A61
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Frame ID: E154FFD460D9F7E324FD5006EC640EC8
Requests: 10 HTTP requests in this frame

Frame: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D6507368A106BD412B981AD6F9B6C88F
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Frame ID: 77116B7A782A56F0868E39EB83D9B6CD
Requests: 11 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Frame ID: DB7B97A3CCADEB7D9B9D8EE7ADD4FE41
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXNdUN7At3WZqIGe5msiZIWsyEkqYW5kUi2UQbl8P1Kdu3U_80rHEr3e2cF3xueyEzjanTVmePlbgZ02Sdef7OChZNe08cm252hIEmMsHYMpADt80W4Kg9bB92l7BBGEOmtOuUKZi0qk0eveywGR1m84nTZg4YlUT8KJ3gxR82X6bvCCc4
Frame ID: CE4D0E4FE1B1FF80850A64C2472B1169
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVnzU1RvQ57WgKHSOyocFi2jL_DY8CNUjmOj93fi0ukmN0IVltRbRjQgfVPWtHFrVp44Q69xtHZiOqeqY3VaGIkkBak_JDS3DaFEwymHwR0h0k916habkAdT0C9Xqcmtkc0M82zt0iZ0-SfmdhoiVd646DtcZlg8lnSW1IBoXKrt-s3pY4
Frame ID: BD57AF4CF156673C7D4E5373FE16E7A2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D4122444D6C1EDCDBF036066688B6562
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/index.html
Frame ID: 47FE76AC97336BEFB73AA279BB0434D7
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/index.html
Frame ID: 0B71D87114986A1A77B72E5271665A0C
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 35A8B8CB89EF73660628FC9CFAD0EDCA
Requests: 3 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01163674
Frame ID: A677FB67BF01E17A42CAD8F00AA5F876
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/index.html
Frame ID: A2B8E369841268C875760A1FAB14F965
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
Frame ID: BF8AA48195E1EF8BF01A70F6DEA27864
Requests: 14 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=51270700093060604444554012163022&actionid=981741&produktid=&dt_url=
Frame ID: B9506FF5F6F3514AABC97D7F64DFE1F3
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: C54231286F7EBB101DB56941839740C0
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLn44KSw4PsCFcx-wQodJVUOHQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075
Frame ID: 74FA022E225C441EEEC0D93AF308C572
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=51270700093060604444554012163022&a=f9b77028
Frame ID: 16899E48E93C2C1F3253741C36D90E98
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E934167DA4A909E4C6A241813374D502
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75104700093626104444990012163015&actionid=981741&produktid=&dt_url=
Frame ID: 8940FF4C3F07FAB7A8678AE671058A2D
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 1E2B8947ADBB1279E9A1D65181053B7D
Requests: 2 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2329635&v=16160&q=356171&r=296283&pref1=75104700093626104444990012163015&pv=1
Frame ID: 9F9D51E0578C9C2C7F1BE0BF25C62BF6
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COPB46Sw4PsCFU-CywEdB70NYA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732
Frame ID: 25CACDAE415B53B558CA7F2744DAD206
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=75104700093626104444990012163015&a=fb64a097
Frame ID: 61C24BB85D343F59F3AF8CE60BC6A05F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6A27AB7293E966833897AF83E4C0CC54
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A28F85E6EADC15620C401E20A6F82FD5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1FA9413B37E9B50F54D96368462BB3A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

La Brújula 24 - Noticias de Bahía Blanca y la región

Page URL History Show full URLs

http://labrujula24.com/ HTTP 301
https://www.labrujula24.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

488
Requests

93 %
HTTPS

39 %
IPv6

61
Domains

91
Subdomains

62
IPs

13
Countries

8521 kB
Transfer

19170 kB
Size

69
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.openfm.ar/
Title: Open 99.5

Search URL Search Domain Scan URL

URL: https://wa.me/542914750190

Search URL Search Domain Scan URL

URL: https://facebook.com/labrujula24

Search URL Search Domain Scan URL

URL: https://twitter.com/labrujula24

Search URL Search Domain Scan URL

URL: https://instagram.com/labrujula24ok

Search URL Search Domain Scan URL

URL: https://www.youtube.com/labrujula24videos

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/labrujula24

Search URL Search Domain Scan URL

URL: https://ar.radiocut.fm/radiostation/la-brujula-24-fm/

Search URL Search Domain Scan URL

URL: https://ar.radiocut.fm/radioshow/bahia-hoy-con-german-sasso/

Search URL Search Domain Scan URL

URL: https://ar.radiocut.fm/radioshow/tal-cual-es-con-fernando-qui/

Search URL Search Domain Scan URL

URL: https://ar.radiocut.fm/radioshow/nunca-es-tarde-con-leandro-f/

Search URL Search Domain Scan URL

URL: http://www.bahia.gob.ar/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/municipiobahia

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bahiablancaturismo/

Search URL Search Domain Scan URL

URL: https://twitter.com/MunicipioBahia

Search URL Search Domain Scan URL

URL: http://www.bahia.gob.ar/tramites/
Title: TRÁMITES

Search URL Search Domain Scan URL

URL: http://www.bahia.gob.ar/servicios/
Title: SERVICIOS

Search URL Search Domain Scan URL

URL: http://www.bahia.gob.ar/consultas/
Title: CONSULTAS

Search URL Search Domain Scan URL

URL: https://publicidad.labrujula24.com/
Title: Publicidad-Mediakit

Search URL Search Domain Scan URL

URL: https://t.me/labrujula24ok
Title: Seguinos en Telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://labrujula24.com/ HTTP 301
https://www.labrujula24.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.labrujula24.com%2F&domain=www.labrujula24.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=KQp963xGVWpWNHNlb3h1c3NWeEZTZVJPbFl4OTREaDdNOHpuRll3eTllT0sybFhRUks1cnk4UFhIMFVjaXlOMFJZd244ODJldzlYZVFua3ZNc1ZZNk9XWWwwYzRDTlBKZVFkVWZoOFpoY2VXcmRvVVFLbVd0S25BekdONFI4a2dHZU5rWTVyM1FZbmxNRFk5eEc3aWN5TUd5dUVINjFhVFN6OXZPL0xmalBFNEZNMTdsbElJR2RIck1KNFltd2NaTFlhVXM4bmdWRk5LdHVVc2NmRlZhcnkyVWdXaUVsTXgzN2lhazhINFVIYk1NUUdFaDkrNFYzdkxjMmpFS3NrWUFFSHJ4fA&cppv=2

Request Chain 166

https://sender.clevernt.com/transporter/56138.php?ppuc=1&ppu=0&id=598423&ref=aHR0cHM6Ly93d3cubGFicnVqdWxhMjQuY29tLw%3D%3D&ruri=&r=630618110&tok=33419711310201791433&t=1670171120&cmpId=&fb=0&iv=-1&ctr=DE&sz=1200&landing=1&hei=360&mode=topscroll HTTP 302
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674

Request Chain 337

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1

Request Chain 338

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4zJ8-BRLT7Djnrl7SL.ugAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1&google_hm=2

Request Chain 339

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB540g-XsLO8AWz4sHzUtSw&google_cver=1

Request Chain 340

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxMTU5NDYyMTUzMDc4MTc2OA%3D%3D

Request Chain 345

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1

Request Chain 346

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4zJ8-BRLT7Djnrl7SL.ugAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1&google_hm=2

Request Chain 347

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB540g-XsLO8AWz4sHzUtSw&google_cver=1

Request Chain 348

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxMTU5NDYyMTUzMDc4MTc2OA%3D%3D

Request Chain 365

https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=37e7156b99&subid=&uid=3983f0972fd9b589&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5We48cmMY_XgGuzG7_UP7qKYyASm5b2gaa2VnKfJD_AuEAEgp5L9fGCVgoCAmAfIAQmpAkS_tBqXrLE-qAMBqgSaAk_Qus1KkCnCJ44vsJYjK26yLp3q0eV9Qgq8ZSH11-k-H8ewQwAvYqWt26JShbYA1irtmJJNsBOvfNTOY7JNa-8iUbL1lJZDHZBH3VQWcu4gMFOL4bDeaFH-qbhRsNBPOhVE3g79DiRZMP98HIPOmguiYhKRuWfQRZiwbLujggpP72pzxXvZEIw71QYZNSxDs7Vo1NaUSNeJTDLVZvsfmxsUpYDdHVGFaETccKhzO47WftVuLo9dKnkdFTTAnJAFFfNpUz6_PIkpn7xFTuoXR8Kp_tOCfaKhpkz32Ni2VrD9TkoaZFsfgbRWLTGSqzZlqLWylgbHuV-2CfZObnkN9890Xa_Xk_TghKGQDuWKZ9AuFbvsxNojVvAa4cAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM%26sig%3DAOD64_1pMa-q29PYRFWnVkJl-nA8YabCMQ%26client%3Dca-pub-4544951168098232%26dbm_c%3DAKAmf-AuoXjUw0fWuOqyiITtouNlNfbzOgaay7uNutNIz5QzDsm6bQi71GJ4gYXQcUrBNsHcoG7-xPRGBo9_OGc4Nf1BPh24t4ZW3HghL4NvBgQLfJ6JPI4cpmgaja6JrryJsWiAQop2NBgTsWf8-ePMBVDnOreoBflsDOm7l57cOZ97HwMYFuU%26cry%3D1%26dbm_d%3DAKAmf-AyRaPtlVKX6E5LML9w2AzCFxK1HazeZSVt9XJICj_IgCH2b65hSeZLPQ6hGhYqrijQiSjRvhayZU4fKUMcr4saCsxt7jPo_EwyAnbitTC-XwmQ3_a4qDcfqOKTbGPlr3SOV1OiM4eQ8SC__b1Jll4kACCxuqLEzB8jPCHYYB3o3CPF-LCpn7Z7ixGsDhGpr5SooyqiiggMexj9NvFfCypdq4inPDcclBmYb9Y0FjdGlW2sLk1y-WqtK9n2X8wjs_OaYc5od0wCb5lLRXLlpNbF96fa6ETJ61UcyCGc4JMrVIaSvyXhVc6RgtfHJpJGS_5Z9eVgKylNJl9EAauCtHo7UKfqthsV--cbSv838-Oo4EXPSbwqEdkG1I4R342rWTMWGgWx6Lh3-5peK-3qv5PJFs--Karv9Rl0L2-C74rUFidOcWYW1l85Oe9691sM7EwssldMZawYIoxInKFlHlEkKdcEQpnZPusVniTiAAjp3zf1ZTAx49vxnn3TH2HxG0F1BEi1uOUsjUlqK6_xWJTQNBK312y_VliW6ZllKcsxrKHWpio%26adurl%3D&documentReferer=https%3A%2F%2Fwww.labrujula24.com%2F&ancestorOrigins=https%3A%2F%2Fwww.labrujula24.com&random=5810629794267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=37e7156b99&subid=&uid=3983f0972fd9b589&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5We48cmMY_XgGuzG7_UP7qKYyASm5b2gaa2VnKfJD_AuEAEgp5L9fGCVgoCAmAfIAQmpAkS_tBqXrLE-qAMBqgSaAk_Qus1KkCnCJ44vsJYjK26yLp3q0eV9Qgq8ZSH11-k-H8ewQwAvYqWt26JShbYA1irtmJJNsBOvfNTOY7JNa-8iUbL1lJZDHZBH3VQWcu4gMFOL4bDeaFH-qbhRsNBPOhVE3g79DiRZMP98HIPOmguiYhKRuWfQRZiwbLujggpP72pzxXvZEIw71QYZNSxDs7Vo1NaUSNeJTDLVZvsfmxsUpYDdHVGFaETccKhzO47WftVuLo9dKnkdFTTAnJAFFfNpUz6_PIkpn7xFTuoXR8Kp_tOCfaKhpkz32Ni2VrD9TkoaZFsfgbRWLTGSqzZlqLWylgbHuV-2CfZObnkN9890Xa_Xk_TghKGQDuWKZ9AuFbvsxNojVvAa4cAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM%26sig%3DAOD64_1pMa-q29PYRFWnVkJl-nA8YabCMQ%26client%3Dca-pub-4544951168098232%26dbm_c%3DAKAmf-AuoXjUw0fWuOqyiITtouNlNfbzOgaay7uNutNIz5QzDsm6bQi71GJ4gYXQcUrBNsHcoG7-xPRGBo9_OGc4Nf1BPh24t4ZW3HghL4NvBgQLfJ6JPI4cpmgaja6JrryJsWiAQop2NBgTsWf8-ePMBVDnOreoBflsDOm7l57cOZ97HwMYFuU%26cry%3D1%26dbm_d%3DAKAmf-AyRaPtlVKX6E5LML9w2AzCFxK1HazeZSVt9XJICj_IgCH2b65hSeZLPQ6hGhYqrijQiSjRvhayZU4fKUMcr4saCsxt7jPo_EwyAnbitTC-XwmQ3_a4qDcfqOKTbGPlr3SOV1OiM4eQ8SC__b1Jll4kACCxuqLEzB8jPCHYYB3o3CPF-LCpn7Z7ixGsDhGpr5SooyqiiggMexj9NvFfCypdq4inPDcclBmYb9Y0FjdGlW2sLk1y-WqtK9n2X8wjs_OaYc5od0wCb5lLRXLlpNbF96fa6ETJ61UcyCGc4JMrVIaSvyXhVc6RgtfHJpJGS_5Z9eVgKylNJl9EAauCtHo7UKfqthsV--cbSv838-Oo4EXPSbwqEdkG1I4R342rWTMWGgWx6Lh3-5peK-3qv5PJFs--Karv9Rl0L2-C74rUFidOcWYW1l85Oe9691sM7EwssldMZawYIoxInKFlHlEkKdcEQpnZPusVniTiAAjp3zf1ZTAx49vxnn3TH2HxG0F1BEi1uOUsjUlqK6_xWJTQNBK312y_VliW6ZllKcsxrKHWpio%26adurl%3D&documentReferer=https%3A%2F%2Fwww.labrujula24.com%2F&ancestorOrigins=https%3A%2F%2Fwww.labrujula24.com&random=5810629794267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 371

https://hal900015.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=4453e684ca&subid=&uid=ac0e815d21938000&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjvpx8cmMY6_lGuzG7_UP7qKYyASm5b2gaZWTnKfJD_AuEAEgp5L9fGCVgoCAmAfIAQmpAkS_tBqXrLE-qAMBqgSXAk_QVn9IktF9FT6_QtDtT_mKmVbBpCXI9A31ZZFPDQ9c-G_OHuFJizCqIyXAzKf8MN99YWXQQ8jdTAiisHc-B-SJTtINSQ3_p0vPOnAHeS6APUP1ZNk7YKVOGtcJJdDbQ9oNV44HxAj40J1X499lNS7elr4SpLLiJS01y2r1e-FODsolkG2k_vuNCC6G1RXnUTaH05gcK9h-tl3SIDUzQR6lBNr9sL29uisvG3SeQbl61tKYFMmeXK8Ms30eiiNIvYkcgmHw25gfsB7CB0aMGJ1yA-QeVXgeUaJR0rEa9NEebaPsT-M_DVpHmaUm7LrRqPXchvew3vtxJLR_WDnF8WGF0Aay491HZENOv4eGGMf4kovxZkJhh8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM%26sig%3DAOD64_0b6W5WkdPmLeSRfeRkiZEAVRKxoQ%26client%3Dca-pub-4544951168098232%26dbm_c%3DAKAmf-B_St5cPwIFIN5fIQrQG1xDXlDWMlTjEorW6jnnKP57XrwvjlsfTthHZWdlqcNNIX6wjrajSz0ReqVkrxt_DI8UH-Y9rcdpK6-CaQvoj0Q6pixdKGWjVWQ_jHuGn78ecU5zjlVGM5aeRQFQOeqofqqKPlUQgnhU3skrKdzst59XSR9VvrQ%26cry%3D1%26dbm_d%3DAKAmf-CgCmf96hzvnvtFPZE4uSiaRShxhluLg9ZiCaQ4SCR3Su64eXLYneG5deYX0YudC27Llxbh7xviJz9yE7F17OCWKobgOR2iwaJumf0QJXe_0_OpsyYZqeZeZO_ofkNKyngXlIAL9yLsncDSbhxrUOwpOoSVPvGgc-3DowkqgtrbKhAa_9ocu6JsbRF-Qn2bUjmHs26N-4LxotKWwOGuSZowTJXzwK6sdkqjGewYeuEV0pSh9JttC8Ts5y_HORsCyHG_ZfKdjWvGU0GeZH_n99YgK2j9JTJrRSoAAvNsuWMGZ4iZQgBA17MCQkmMs0wVzZBt4m7vpP8Lqk6HdtG0R1d4vXQBQ9kE8TTXLenjSFcC2wE5IkaRZfzdEjMNWmcn8viTMpeLyro4BITp-Ye6dKq9KQuTpXsrLNE6w3XNtm6wfSgMSTu1yhW5yWUNo604IpCLdnFWy2d0jpiwXGv6QV7cyeFi0FzwdWv3guU2tjqnSuTRrHws8C_cVFFhLFZQHXVtR0VqiiAafRJkltNWKYfCJ5K1MGXxLc9f_hVn8lb0DTtfuwU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.labrujula24.com%2F&ancestorOrigins=https%3A%2F%2Fwww.labrujula24.com&random=6255889720509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900015.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=4453e684ca&subid=&uid=ac0e815d21938000&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjvpx8cmMY6_lGuzG7_UP7qKYyASm5b2gaZWTnKfJD_AuEAEgp5L9fGCVgoCAmAfIAQmpAkS_tBqXrLE-qAMBqgSXAk_QVn9IktF9FT6_QtDtT_mKmVbBpCXI9A31ZZFPDQ9c-G_OHuFJizCqIyXAzKf8MN99YWXQQ8jdTAiisHc-B-SJTtINSQ3_p0vPOnAHeS6APUP1ZNk7YKVOGtcJJdDbQ9oNV44HxAj40J1X499lNS7elr4SpLLiJS01y2r1e-FODsolkG2k_vuNCC6G1RXnUTaH05gcK9h-tl3SIDUzQR6lBNr9sL29uisvG3SeQbl61tKYFMmeXK8Ms30eiiNIvYkcgmHw25gfsB7CB0aMGJ1yA-QeVXgeUaJR0rEa9NEebaPsT-M_DVpHmaUm7LrRqPXchvew3vtxJLR_WDnF8WGF0Aay491HZENOv4eGGMf4kovxZkJhh8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM%26sig%3DAOD64_0b6W5WkdPmLeSRfeRkiZEAVRKxoQ%26client%3Dca-pub-4544951168098232%26dbm_c%3DAKAmf-B_St5cPwIFIN5fIQrQG1xDXlDWMlTjEorW6jnnKP57XrwvjlsfTthHZWdlqcNNIX6wjrajSz0ReqVkrxt_DI8UH-Y9rcdpK6-CaQvoj0Q6pixdKGWjVWQ_jHuGn78ecU5zjlVGM5aeRQFQOeqofqqKPlUQgnhU3skrKdzst59XSR9VvrQ%26cry%3D1%26dbm_d%3DAKAmf-CgCmf96hzvnvtFPZE4uSiaRShxhluLg9ZiCaQ4SCR3Su64eXLYneG5deYX0YudC27Llxbh7xviJz9yE7F17OCWKobgOR2iwaJumf0QJXe_0_OpsyYZqeZeZO_ofkNKyngXlIAL9yLsncDSbhxrUOwpOoSVPvGgc-3DowkqgtrbKhAa_9ocu6JsbRF-Qn2bUjmHs26N-4LxotKWwOGuSZowTJXzwK6sdkqjGewYeuEV0pSh9JttC8Ts5y_HORsCyHG_ZfKdjWvGU0GeZH_n99YgK2j9JTJrRSoAAvNsuWMGZ4iZQgBA17MCQkmMs0wVzZBt4m7vpP8Lqk6HdtG0R1d4vXQBQ9kE8TTXLenjSFcC2wE5IkaRZfzdEjMNWmcn8viTMpeLyro4BITp-Ye6dKq9KQuTpXsrLNE6w3XNtm6wfSgMSTu1yhW5yWUNo604IpCLdnFWy2d0jpiwXGv6QV7cyeFi0FzwdWv3guU2tjqnSuTRrHws8C_cVFFhLFZQHXVtR0VqiiAafRJkltNWKYfCJ5K1MGXxLc9f_hVn8lb0DTtfuwU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.labrujula24.com%2F&ancestorOrigins=https%3A%2F%2Fwww.labrujula24.com&random=6255889720509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 405

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=51270700093060604444554012163022&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=51270700093060604444554012163022&actionid=981741&produktid=&dt_url=

Request Chain 408

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLn44KSw4PsCFcx-wQodJVUOHQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075

Request Chain 410

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=51270700093060604444554012163022 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=51270700093060604444554012163022 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 424

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGZlZRaDwKBYDzQZz12ao7w&google_cver=1&google_push=ASkJ3FYZYhpWS1e8A6MXhXrrGGLtQ2u-xF4EKQmO05p1zYSFQ-_9UdwarTqaTU21Lfh7JkO16EClQ8p8tJyTRuZCW_tkFah8iw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGZlZRaDwKBYDzQZz12ao7w&google_cver=1&google_push=ASkJ3FYZYhpWS1e8A6MXhXrrGGLtQ2u-xF4EKQmO05p1zYSFQ-_9UdwarTqaTU21Lfh7JkO16EClQ8p8tJyTRuZCW_tkFah8iw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SlNIOHJCdWkxUDFSTlc1&google_gid=CAESEGZlZRaDwKBYDzQZz12ao7w&google_cver=1&google_push=ASkJ3FYZYhpWS1e8A6MXhXrrGGLtQ2u-xF4EKQmO05p1zYSFQ-_9UdwarTqaTU21Lfh7JkO16EClQ8p8tJyTRuZCW_tkFah8iw

Request Chain 425

https://a.tribalfusion.com/i.match?p=b6&u=CAESEA8F8bydos-VkYB8awpw5ms&google_cver=1&google_push=ASkJ3Fb_cIZimWiq7G7q-FHB6XvlQ27bzeLoF6eIgVLOh1n_HCsCPZCWl1p8ZwvAWAS_jOVBHe4HVRFeoLug9jlxIeL8QXMDVpE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb_cIZimWiq7G7q-FHB6XvlQ27bzeLoF6eIgVLOh1n_HCsCPZCWl1p8ZwvAWAS_jOVBHe4HVRFeoLug9jlxIeL8QXMDVpE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA8F8bydos-VkYB8awpw5ms&google_cver=1&google_push=ASkJ3Fb_cIZimWiq7G7q-FHB6XvlQ27bzeLoF6eIgVLOh1n_HCsCPZCWl1p8ZwvAWAS_jOVBHe4HVRFeoLug9jlxIeL8QXMDVpE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb_cIZimWiq7G7q-FHB6XvlQ27bzeLoF6eIgVLOh1n_HCsCPZCWl1p8ZwvAWAS_jOVBHe4HVRFeoLug9jlxIeL8QXMDVpE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 426

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECNMHdyMs1CxiJqUtcvotNk&google_cver=1&google_push=ASkJ3FYXxmoH_yJ2pspHkkDXKr4AZpiwUCiLFScQHEomUSEowJyZvW9l2yzpr46lz8Kzi2kIC6jqzudLjjq1HCIRctgr4_vHohY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECNMHdyMs1CxiJqUtcvotNk&google_push=ASkJ3FYXxmoH_yJ2pspHkkDXKr4AZpiwUCiLFScQHEomUSEowJyZvW9l2yzpr46lz8Kzi2kIC6jqzudLjjq1HCIRctgr4_vHohY

Request Chain 427

https://d5p.de17a.com/cookies/google?google_gid=CAESEAqhCRRw1U58IAbuGMyRjEA&google_cver=1&google_push=ASkJ3FY2uSzTQ8pHDBgj-aZ6ml8-kC2l_sE5UCpJrxoLtCXClc73Kv2dHHmR1UBb1RgYHp2yw9NXbuUFuUwhqGeZlGLzXdoYuPg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAqhCRRw1U58IAbuGMyRjEA&google_cver=1&google_push=ASkJ3FY2uSzTQ8pHDBgj-aZ6ml8-kC2l_sE5UCpJrxoLtCXClc73Kv2dHHmR1UBb1RgYHp2yw9NXbuUFuUwhqGeZlGLzXdoYuPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FY2uSzTQ8pHDBgj-aZ6ml8-kC2l_sE5UCpJrxoLtCXClc73Kv2dHHmR1UBb1RgYHp2yw9NXbuUFuUwhqGeZlGLzXdoYuPg

Request Chain 428

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDCsBzC3pB3xlv3RmlLFicA&google_cver=1&google_push=ASkJ3FaV--Si-xP6PRLb1YOBAFgEPJxhiofzYCAefQkn134DrcSn_esV8MrzuNZFaYY2XdcAvhrFQDO8dWA-KfEI-aG9MrLZAzw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDCsBzC3pB3xlv3RmlLFicA&google_cver=1&google_push=ASkJ3FaV--Si-xP6PRLb1YOBAFgEPJxhiofzYCAefQkn134DrcSn_esV8MrzuNZFaYY2XdcAvhrFQDO8dWA-KfEI-aG9MrLZAzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI3NDk5NTgzMjIyNDA3MTI5NQ&google_push=ASkJ3FaV--Si-xP6PRLb1YOBAFgEPJxhiofzYCAefQkn134DrcSn_esV8MrzuNZFaYY2XdcAvhrFQDO8dWA-KfEI-aG9MrLZAzw

Request Chain 429

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFbGz3GaKx2EkLOqrh_zMDM&google_cver=1&google_push=ASkJ3FYRcIgHq3qs6AfDNlVbJX0LSzveQVUXL3glXXdiKr-jukRSvqylrDdhiD8I9gQg6Ks24VVxcRaKsidTk2UCjaLHvAcXJns HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFbGz3GaKx2EkLOqrh_zMDM&google_hm=Y4zJ8_BRLT7Djnrl7SL-ugAAFCYAAAIB&google_nid=index&google_push=ASkJ3FYRcIgHq3qs6AfDNlVbJX0LSzveQVUXL3glXXdiKr-jukRSvqylrDdhiD8I9gQg6Ks24VVxcRaKsidTk2UCjaLHvAcXJns

Request Chain 437

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=75104700093626104444990012163015&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75104700093626104444990012163015&actionid=981741&produktid=&dt_url=

Request Chain 441

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=COPB46Sw4PsCFU-CywEdB70NYA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732

Request Chain 443

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75104700093626104444990012163015 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75104700093626104444990012163015 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 453

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPYDQ8vrdBw6IbnyhMjYNrM&google_cver=1&google_push=ASkJ3FbTldo37E_5HxngSehwOq6iRk0roGYfCN6peKOXxwU7Ws1YimJxFjiUJrQ-B76lodOnHvsy0olzGVTqEPHz7dWiAfu-KFfU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbTldo37E_5HxngSehwOq6iRk0roGYfCN6peKOXxwU7Ws1YimJxFjiUJrQ-B76lodOnHvsy0olzGVTqEPHz7dWiAfu-KFfU&google_hm=7zgh4FAJSo6jnVjFNvRUdSc

Request Chain 454

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBW5O5DG2_BYUyIx-WNMuAg&google_cver=1&google_push=ASkJ3FbKKtM0nDlrgxUp0czJzgtVqmgvpF0EV7NupYwgY4nuK4K7sQOrfeZW0Jhhwm6zu-I5TPnQUEvtO9ylnVFHUxl1etx0iQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MzMzMDM1NjMyODcyNDYyOQ%3D%3D&google_push=ASkJ3FbKKtM0nDlrgxUp0czJzgtVqmgvpF0EV7NupYwgY4nuK4K7sQOrfeZW0Jhhwm6zu-I5TPnQUEvtO9ylnVFHUxl1etx0iQA

Request Chain 455

https://match.360yield.com/match/ebda?google_gid=CAESEGEG2Xil3zeM_6JHD91FFms&google_cver=1&google_push=ASkJ3FamaFbAFm8VBiuOkH8l00MHjoI6C5xj8HRhNzioWoFtdZcPUe6GP5uP-i9Msl2EoQrIYg11rJOEv7K6WcL6yz4_3WsCo0sf HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGEG2Xil3zeM_6JHD91FFms&google_cver=1&google_push=ASkJ3FamaFbAFm8VBiuOkH8l00MHjoI6C5xj8HRhNzioWoFtdZcPUe6GP5uP-i9Msl2EoQrIYg11rJOEv7K6WcL6yz4_3WsCo0sf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=zgKyjrIuQeKhzpkIpvld-A&google_push=ASkJ3FamaFbAFm8VBiuOkH8l00MHjoI6C5xj8HRhNzioWoFtdZcPUe6GP5uP-i9Msl2EoQrIYg11rJOEv7K6WcL6yz4_3WsCo0sf

Request Chain 457

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBVl7hrov5aVQZaEcR-kvjA&google_cver=1&google_push=ASkJ3FacdpFL9BLgBaMxTod3e3CVS0YMvIBuIrwu9nU78R9lIbMWHBDbVh4ol0F9IHP_761s7YeL8tczNBfr-kHT5JAfThRcStB3HA HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBVl7hrov5aVQZaEcR-kvjA&google_cver=1&google_push=ASkJ3FacdpFL9BLgBaMxTod3e3CVS0YMvIBuIrwu9nU78R9lIbMWHBDbVh4ol0F9IHP_761s7YeL8tczNBfr-kHT5JAfThRcStB3HA&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14djFhVkJWRTJ1RzROSEFvNHI0Z0o4WjQ3R3BLZEtsRn5B&google_push=ASkJ3FacdpFL9BLgBaMxTod3e3CVS0YMvIBuIrwu9nU78R9lIbMWHBDbVh4ol0F9IHP_761s7YeL8tczNBfr-kHT5JAfThRcStB3HA

Request Chain 458

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAS1sVKZQ48sBNYV-6lGRY4&google_cver=1&google_push=ASkJ3FaxJ06NgYXtufgHvbX6Fd9AyCMUb79m5lWwmG3N7zGEHyE0oU33WniiXV2jUej8N1RIGzli4eOxV-ufHMKCz4AClbnAc72J5w HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAS1sVKZQ48sBNYV-6lGRY4&google_cver=1&google_push=ASkJ3FaxJ06NgYXtufgHvbX6Fd9AyCMUb79m5lWwmG3N7zGEHyE0oU33WniiXV2jUej8N1RIGzli4eOxV-ufHMKCz4AClbnAc72J5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c4f2266c-a01e-4d90-89e9-5985102f6621&%%GOOGLE_PUSH_PAIR%%

Request Chain 489

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=JSH8rBui1P1RNW5

Request Chain 491

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=909998&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?ssp=index&gdpr=0 HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=dcc08ae0-1c0b-4416-9d58-cba9ade4feec&ssp=index

Request Chain 492

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=6274995832224071295

Request Chain 494

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dc4f2266c-a01e-4d90-89e9-5985102f6621&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=889c638c-c9f6-4300-8c38-56af160877b9&expires=30&ssp=medianet&bsw_param=c4f2266c-a01e-4d90-89e9-5985102f6621&gdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT%7D HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c4f2266c-a01e-4d90-89e9-5985102f6621&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=

Request Chain 495

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=%3Cvsid%3E HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=%3Cvsid%3E HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=2f63d66a-6013-4718-8f59-c62d100b7672&cs=1

Request Chain 497

https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=c4f2266c-a01e-4d90-89e9-5985102f6621&google_hm=YzRmMjI2NmMtYTAxZS00ZDkwLTg5ZTktNTk4NTEwMmY2NjIx HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDOgekBhPD2fp9SV4bsrC5w&google_cver=1&ssp=vidoomy&bsw_param=c4f2266c-a01e-4d90-89e9-5985102f6621 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c4f2266c-a01e-4d90-89e9-5985102f6621

Request Chain 498

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4401010c-8d0d-482e-9da0-ed0feab333ca

Request Chain 499

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8311594621530781768

Request Chain 500

https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent= HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-bvYo7Z5E2uEo4DVC.hvCa5zNBA0JQBDPxHyrtYY-~A&gdpr=0&gdpr_consent=

488 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.labrujula24.com/
Redirect Chain

http://labrujula24.com/
https://www.labrujula24.com/

438 KB
79 KB

491ms
281ms

Document
text/html

2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96c4b1cc7fef14f9d4a4bbb998dda460414f62e64e6f518ec41cfb9aeff005f3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7745e5b8bc30bb41-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 16:25:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJCO1v5v37yG2DgN1GUwEkQZJ7bKTREX4iD9gO4jJZcntE9NggcJbTPGZ8qgd%2FoGQDUkFEWNc8vyijxHLn9g9K7zvZ1lkfSkzVfLeZa7wt3VZY9Qzl%2BIquAEwCBnls547D%2B7tnKX8kgmC6O43hMu%2B8c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7745e5b4fcb59c12-FRA
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 16:25:19 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHtwg4kg3srBoWumvTJJOHsSegwYXvIrZIXvtOz0la6V2uZ%2B8sOYDiZhbK77Oy9Ar9IUJZc5iixPI4Wd3VansD%2BhUJDj8Hc7ST%2FVwYtrWBQGFTxQWufGoTTwA%2B5j7b447JhyIkTQF8PjYbNc4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Server-Timing: cf-q-config;dur=9.0000103227794e-06
Transfer-Encoding: chunked
cf-edge-cache: cache,platform=wordpress
location: https://www.labrujula24.com/
vary: Accept-Encoding, Cookie
x-redirect-by: WordPress
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
www.labrujula24.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 29ms
27ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 03:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3317
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Jyg9qBgjBnwytP8jBhJ7nHXnR%2FH6NvkaYtpUSwuTQKrJhEhN%2Bkwgz5AzXCej7dLnWsnlK3qkuwO7TgjqRrlqwHCtV200EiqutBprMkB8oC19VmkgLKHeBueGs8ztDBdyGG20ND2yCTc10M1eDIgiBI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5ba882bbb41-FRA
expires: Sun, 11 Dec 2022 14:48:43 GMT

GET
H2 200 blocks.style.build.css
www.labrujula24.com/wp-content/plugins/block-gallery/dist/ 33 KB
5 KB 25ms
23ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/block-gallery/dist/blocks.style.build.css?ver=1.1.6
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ff93d8ab6c2f66a1bcbae1cd8358e4cb0e494a737f17bb18f2e2089c579327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3317
cf-polished: origSize=34253
cf-bgj: minify
last-modified: Wed, 24 Jul 2019 01:22:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2m%2FtRf%2BJprFND5fF0Z2Y5XSLTVi15FMZalRTW64XnkJ2LHp98lRuMYGit0tS9fpZTyqEEsfHdIRt70%2FIXG3%2FIOwlvACrzugbJYsa5CqxIO6BFDY2gnZZhwc3%2FFk6GC6sIkr53Hklj4yUIqOUmIEsflI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5ba8830bb41-FRA
expires: Sun, 11 Dec 2022 14:47:50 GMT

GET
H2 200 styles.css
www.labrujula24.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 32ms
30ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3317
cf-polished: origSize=2731
cf-bgj: minify
last-modified: Fri, 21 Oct 2022 14:58:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kvbi7C8qISNbEOvgpl54BIa%2BclEZZz%2BN9%2FMZG0Rk199YeAwuBeKOLL8OQqP3ZxSidBZ2KHsGVVw1oR%2BUClF3AGk3WauIonn%2FNjO9daINNYf1%2FCRQkGBp%2FpfyLkF%2FK1g7%2FNVdFtcTHoCz4owQw4lZAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5ba8834bb41-FRA
expires: Sun, 11 Dec 2022 14:48:51 GMT

GET
H2 200 style.css
www.labrujula24.com/wp-content/themes/lb24/ 106 KB
18 KB 30ms
28ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/themes/lb24/style.css?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18b90d2fe51478ecb084ffb0bfe27fdd05f08beeb7352db113a0a0373a45c510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3317
cf-polished: origSize=131511
cf-bgj: minify
last-modified: Mon, 05 Apr 2021 18:04:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bZG%2BqoYant68PEFNe3LgEbq%2BaPKRaPOCdQyZDNrVufT0nXFBog0xai27jqBkZTXZcnKVHEBuE5e4jiKwtDGqmKNP6e8sgUtkX0pZoOQZWIPkMmV1%2FPqmZJKhCQHJIpUHldC53FKFie4wphttEhs7Qg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5ba8837bb41-FRA
expires: Sun, 11 Dec 2022 14:58:30 GMT

GET
H2 200 reset.css
www.labrujula24.com/wp-content/themes/lb24/css/ 765 B
761 B 27ms
25ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/themes/lb24/css/reset.css?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb9bc1bc78d90f71123333c57089c68c1d8133c8762ddf3cca8684f9a04c9d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3317
cf-polished: origSize=1082
cf-bgj: minify
last-modified: Sat, 29 Jun 2019 03:00:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqHFBi5hLZGR6Leb6IOFujsUZfBJcy8qhzo9HHsGL0JTU9kguTj%2Biq9vN9OIIjMY0SEv4Xnd0HstzM00uz29m6KqJ2wDP9U5%2FaH6UcIBjS7N4vzix3eYsDAYLT%2BeGh7xLC99BmYkRUiON%2FlOwZun%2Bks%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5ba8839bb41-FRA
expires: Sun, 11 Dec 2022 14:52:27 GMT

GET
H2 200 font-awesome.css
www.labrujula24.com/wp-content/themes/lb24/font-awesome/css/ 28 KB
7 KB 50ms
48ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/themes/lb24/font-awesome/css/font-awesome.css?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdb431b26a33e5c082aac8fa0bf7538e6a49407e7a7cb51f84c3b5a8f7758d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3317
cf-polished: origSize=35134
cf-bgj: minify
last-modified: Sat, 29 Jun 2019 03:00:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6Q%2BVkg2EGJbvxcN9K9XxiWSaHj8lO%2FpV%2Fn4iM9789wRcFdv0XZQT1Ntp6g95KDVb3m765uR2xy0%2ByJOOLsLf%2BRl23buhJSjQ9HDXrdP5r7V1TZVwbkukoabnNkS%2B9%2FyXWA2a8Iz5CHleWqPmJn2fWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5ba883bbb41-FRA
expires: Sun, 11 Dec 2022 15:16:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 48ms
20ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent+Pro%3A700%7COpen+Sans%3A700%7CAnton%3A400Roboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CNoto+Serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ac28f7a5c85b823a2cf91d617208afe02770fe21fe18d5e83373d43740bc805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 16:25:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Dec 2022 16:25:19 GMT

GET
H2 200 media-queries.css
www.labrujula24.com/wp-content/themes/lb24/css/ 87 KB
10 KB 33ms
31ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/themes/lb24/css/media-queries.css?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea05cc8ab1b71e68ecfc0c9cd64cf800181f4d8c4589650b2f285ec153341e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3317
cf-polished: origSize=118296
cf-bgj: minify
last-modified: Sat, 29 Jun 2019 03:00:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vN3%2BMUXdUMwMCFKou3naF7npdC%2B8TqxKLhsS64opdhfgDrOTZIkkUF%2Bcam9YaaEL3hzY41W50WPgcE2oT%2Bp3Bkjju%2BfBIu%2FtsbBVQNSpS%2FmRqLVSZMgQObi5GK7mk79bgfVwHeiC4O62moYN5Ep9m9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5ba883cbb41-FRA
expires: Sun, 11 Dec 2022 14:47:30 GMT

GET
H2 200 addthis_wordpress_public.min.css
www.labrujula24.com/wp-content/plugins/addthis/frontend/build/ 587 B
609 B 27ms
26ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:18:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3317
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efJQBGt6nuy1Bmca3Edioh6UL4Y%2Bw4lXJB%2F9CGAxSxkQLmK6GGOxWrFPqm7L4hyIe80LT4RTMCeFDKSiU%2BhZpKs77K7tKHnfxoD4aqU%2BnrsJCfR1g5oHenCLhsEjfM51AlXE3eFND5lrzRFhAfCxpvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5ba883fbb41-FRA
expires: Sun, 11 Dec 2022 14:48:51 GMT

GET
H2 200 jquery.min.js Show response
www.labrujula24.com/wp-includes/js/jquery/ 87 KB
32 KB 57ms
56ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 03:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3317
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aT9MNVIngIsbHhQK8spuNyLGsalfo23q%2BKi9oLB2RpEQfndmEvWpUkJWxSMkZ14LDSZJQDdt9JhGwSNGzHva%2BkKBROK64VsvXwILg%2BZWkky%2BV2YZ3u4bGZcwXX%2FlFjGo6Cy7BJafrv%2B1mlGEUGZA2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5ba8840bb41-FRA
expires: Sun, 11 Dec 2022 14:49:00 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.labrujula24.com/wp-includes/js/jquery/ 11 KB
5 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 03:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3317
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZjVH4N1vygsDBK4BL9NsCEC2nJ5SP%2BWU9yIEHRT0fmz6957U4wqrHlWer1bkg5MW9ZA2Ox15NmQLX%2FrZangtevap11CYRjZxd5QpJLSlPREUAVvWjP0lxRKFiyPJzDRojR6N8m1gHEkN7KdQV32XAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5ba8843bb41-FRA
expires: Sun, 11 Dec 2022 14:47:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 200ms
25ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-34XRXKZ5DK

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68d28ec4ac528eca008741b318c4a66df24c956e53dbde9773d77a92be7da47c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76393
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 04 Dec 2022 16:25:20 GMT

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ 12 KB
5 KB 183ms
12ms Script
application/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:19:00 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: 56wY8lEZdubOIQ5FSr4XbkzKdjTZfIwG
last-modified: Wed, 30 Nov 2022 13:47:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 379
etag: W/"8ad2beee52c2abad4a49b927b72d3048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-id: ibQ-EN79dqMParuR8T1hAGAC7Re9J_YmQWPNAo1-TrGXB0NTQRSOWg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 220ms
63ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0073d9c3676100d4472436b2ab3e9f3f8cbbe744eb2a4be227fbd54d0b119f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49073
x-xss-protection: 0
server: cafe
etag: 13850998347187464169
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Dec 2022 16:25:20 GMT

GET
H2 200 adcase_lb24-20221129.js Show response
www.labrujula24.com/js/ 32 KB
11 KB 28ms
27ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/js/adcase_lb24-20221129.js?v20221129-1859
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f836c3616ac2faced9cf9e6c3b18fc661228323e4d709b9853dceece3b5b7ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1447
cf-polished: origSize=40399
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 21:58:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAuAJYDWSC85%2FMchPfHVeVqagB1lgM6K6D%2FJ7eSz2eR0j%2BxxFPr3OQGLAuxzbPiuNqn%2BxwbELo0yezfFCDCmTajKY3uMxRVfojgBOy%2FGVYYd21zVchCAWAul%2BqNCCHKDWSXtKzjRhs4BG6N2ZcAXIv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5baf92dbb41-FRA
expires: Sun, 11 Dec 2022 15:08:32 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.labrujula24.com/wp-includes/js/ 18 KB
5 KB 30ms
29ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 03:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3317
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Yi6YW0TLbas9dr8bvoABm4tRfqaIXkthddbQuyTuRk19gFeQLtv1IJC6whO6im%2FDq2zSrDtrLYi6TsMPvoxW2BGiwzJVJ0DU72%2Fo9f8i3mko%2BLp1kqFkbss2OMj5vlDNpR5v3Uhkw5zd8HW4LQnU1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5baf930bb41-FRA
expires: Sun, 11 Dec 2022 14:52:24 GMT

GET
H2 200 logo_lb24_com_navigation_v3.png
www.labrujula24.com/img/w19/ 2 KB
3 KB 20ms
19ms Image
image/png 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/img/w19/logo_lb24_com_navigation_v3.png
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62addc8d8c87a0faf096bbb36e726463633c22110b04ce9ad6b492adde70e0f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 380
cf-polished: status=not_needed
content-length: 2344
cf-bgj: imgq:100,h2pri
last-modified: Wed, 05 Jun 2019 14:54:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5vYeilhI3wJ4OhEbYoHGzoXteY%2F%2Bi1KS1iifCwdt%2BPII%2BjsSBagTOlKIdkdJ8%2FjKJYAeyMmv%2FtUbn%2FRE9AWF5UmsvDGcgD07LdVqf6KwvamJ8cyNVNxim2bip9v9lrMYLUM%2BNvwxWNzU%2F9eh93Tv8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bb8a4bbb41-FRA
expires: Sun, 11 Dec 2022 15:49:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 82ms
18ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent+Pro%3A700%7COpen+Sans%3A700%7CAnton%3A400Roboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CNoto+Serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 157475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 20:40:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 72ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 275139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:59:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 74ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 247384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 19:42:15 GMT

GET
H2 200 fontawesome-webfont.woff2
www.labrujula24.com/wp-content/themes/lb24/font-awesome/fonts/ 70 KB
71 KB 32ms
32ms Font
font/woff2 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/themes/lb24/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/wp-content/themes/lb24/font-awesome/css/font-awesome.css?ver=6.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://www.labrujula24.com/wp-content/themes/lb24/font-awesome/css/font-awesome.css?ver=6.0.3
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jun 2019 03:00:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3317
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfutfUyKPLDJYFBYNpeoJAVxreoouLA96wTrmF4Cr5bqJpzkzxO89DAkyBRMCRHGHQP3jFoH12DFNOcLJNCKMbBRfkue7Sml2gHWdkhaPo0Iwzjo6M4YZoHascPMKjmVg4XnZUKa0EBXOHUi5at7n%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bb9a55bb41-FRA
content-length: 71896
expires: Sun, 11 Dec 2022 14:56:01 GMT

GET
H2 200 logo_lb24_v5_com.png
www.labrujula24.com/img/w19/ 4 KB
5 KB 25ms
25ms Image
image/png 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/img/w19/logo_lb24_v5_com.png
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b05703c21009c4b75a5d64c1000c265047fb4ae93fcfbdc9ea8b98225b8beb9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 380
cf-polished: status=not_needed
content-length: 4402
cf-bgj: imgq:100,h2pri
last-modified: Wed, 05 Jun 2019 14:45:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUkD4mcLtfoTGXEaekIj4AP%2FDnhnuGC1TnIPRwgZDGJD141GV6AEopweMV8GhRGjmyXsProVzQTZmwz7FF1ptNflpCgW%2Bdr9hQsTwL9JzUNLbGKnHFTVLkxMPCGdAHnM3%2B8u21mSdRCt0dJkzVbIWlI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bb9a6dbb41-FRA
expires: Sun, 11 Dec 2022 15:59:50 GMT

GET
H2 200 34.svg
www.wunderground.com/static/i/c/v4/ 1 KB
2 KB 115ms
62ms Image
image/svg+xml 2a02:26f0:3500:593::2e03
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wunderground.com/static/i/c/v4/34.svg
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:593::2e03 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c3c3dbc4db72844d4774ec2a77f4cf42fa6dc8a279df1739fe4807c01ec8201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62: 8096267
x-amz-version-id: null
date: Sun, 04 Dec 2022 16:25:20 GMT
twc-privacy: gdpr
twc-geoip-latlong: 49.45,11.07
x-amz-request-id: FV2NVFDVZXT459Q6
x-origin-hint: WU-Next-Default
x-theme-asset: 1
twc-geoip-dma
twc-connection-speed: 4G
content-length: 1186
x-amz-id-2: 6DaKo3doG7x0BEDMacZrVFn+WLDRbhW1dWnuRCsS0dagxE8ojpW6KeCb1bgywlrGM/zyUjuasbY=
twc-geoip-city: NURNBERG
twc-geoip-region: BY
twc-device-class: desktop
last-modified: Tue, 07 May 2019 21:40:03 GMT
server: AmazonS3
etag: "fbf542e176a3696379ecef821d9fc5b3"
content-type: image/svg+xml
twc-geoip-country: DE
twc-locale-group: US
cache-control: max-age=492
property-id: TWC-WU-Prod
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:33:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 62ms
16ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 517227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 69ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 03:39:12 GMT
x-content-type-options: nosniff
age: 305167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 03:39:12 GMT

GET
H2 200 ypf-1000x600.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 53 KB
53 KB 31ms
30ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ypf-1000x600.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8985712bdea4412148deb6c288ca5a72004b18dca652fb19eb35d98031547fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1447
content-length: 54198
last-modified: Sun, 04 Dec 2022 14:38:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Py8I%2F1BypdsMhZ%2BN9PG8IroV9jDp%2BRgDwLCBJ7gUds0HDyzuXkf7VoXLk7wgAzVboaZB9IH4hXsyb8FLuSHqzy9sBHi5NE9fzwXWUPyqQYbKlpykMwVTk%2BpfklS91jyDiWfU9Ba3ZNfE9D0u%2FepGz%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbcac1bb41-FRA
expires: Sun, 11 Dec 2022 15:38:52 GMT

GET
H2 200 alarma-1000x600.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 13 KB
13 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/alarma-1000x600.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb449f2971d7ae65e54808e5ae4d842b7c33f796e739a5018afdc9d52969b1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1447
content-length: 13256
last-modified: Sun, 04 Dec 2022 11:04:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzGT%2Bc3bxf18MzhZkdM%2FUN3CucXlA5kxZxjVrocCO8IZ5cPAOLuaN%2FmtnjYwbAC91gyfAKtctlnbffQIGF9M5EBQ3zyXxqytB9hjDfqWOKYMn7rnIuZdtxwrmNFgCd2gAsTPF9ult1EAnd0xBuoraOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbcac5bb41-FRA
expires: Sun, 11 Dec 2022 15:05:08 GMT

GET
H2 200 fixture-1000x600.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 34 KB
34 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/fixture-1000x600.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46ff6c057fa688cb77b7f021aa8c7f42a005c88f0a4650ef15633434b76e34b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1446
content-length: 34330
last-modified: Sun, 04 Dec 2022 12:30:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhoxduTWwr6UckfquM6aGMP1IExUmyjl1vidId3CMC0j1qBIU7hv7tAOtA4TOx9J4%2FCyYH79Z6x2z853tEQwBd5njlfit168668hyJxaBaKXEhEtXwyI2on%2BL2KwSU%2B6HKenI82dkVueCES%2BNYUP%2FNo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbcac9bb41-FRA
expires: Sun, 11 Dec 2022 15:30:47 GMT

GET
H2 200 autoincendiado-1000x600.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 37 KB
37 KB 25ms
25ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/autoincendiado-1000x600.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56e7927e9cb1281bf706c2fbe7e325133c7835492c3c26cfc1a621c72e028932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1446
content-length: 37690
last-modified: Sun, 04 Dec 2022 11:52:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fr%2FdgfljoAbqbimnpGcP4OiWWUHMKW7Wy6tVdOicibmFZiRwAonIQWOhqwAHmiYxsUiUh9sHUVsAKYkZ2d430n05RRId2vlBiuSJAHnbSrkLIrsBghsSn7G51x3%2BN5wyNG3IGACyQno4xPKYOn0IUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbcacabb41-FRA
expires: Sun, 11 Dec 2022 15:52:32 GMT

GET
H2 200 camaras_20220921-01.gif
www.labrujula24.com/wp-content/uploads/2022/09/ 228 KB
229 KB 42ms
35ms Image
image/gif 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/uploads/2022/09/camaras_20220921-01.gif
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6dd4173940471619b68c86d64e18b2d937a9e764cfde471d9e281dbfb94c14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381
cf-polished: origSize=236947
content-length: 233460
cf-bgj: imgq:100,h2pri
last-modified: Wed, 21 Sep 2022 14:34:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTqX8ukAL0XblUJdatgc6GS%2FiUzwfPKRoGr0nAF2iaZ5JlFwCUsm8JVhSo6rnukPDspiCWCGCMrHnbKQO2DV7Czo7C1iIS3SuZpYSTMI5s04oqfObXfevlLg131C0unmYSJ9p1N%2B92rrl98DA2%2FF7dI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bbfb1cbb41-FRA
expires: Sun, 11 Dec 2022 15:53:14 GMT

GET
H2 200 lautaro-1-590x354.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 20 KB
20 KB 68ms
61ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/lautaro-1-590x354.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 342339879789344900892bcb1e9d4fbebcd9051b0185ca1963295b64ff91204e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1444
content-length: 20314
last-modified: Sun, 04 Dec 2022 13:24:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuIlvt9a10Xu2RdfmkhL%2BjaQ7FudUWZYAnK4etbAMDv6ZeH6IFmNQECrcK4SW7sF6AzfRaPpUUNGHnp7iKCL4W0jEnjja2XROkN5w1hS59Gf62fZIYHZUssAYUWk5wly%2BsA5fUVeHxlSi4AmWnjcswM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb1ebb41-FRA
expires: Sun, 11 Dec 2022 15:24:32 GMT

GET
H2 200 crimen-590x354.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 20 KB
20 KB 62ms
55ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/crimen-590x354.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33001e490c916b28ffb3dcc743f171ef5eaa3075f15825880a65817d10bd3db9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1444
content-length: 20450
last-modified: Sat, 03 Dec 2022 19:00:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97H8EYnkL8ZOdiRh%2FHY0CQt8hyvNGa3R%2B3HC9TTYm0Sys%2BCtvW5Jye5FSyUvo3DBYbXJ3YYcsHGF0RoR4ysdChM6f59L6fue5kk3u6tNtuXHqk8SCZr9xX27kYPPnMo1saSO2HakktmwM9r45QTGQvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb21bb41-FRA
expires: Sun, 11 Dec 2022 15:32:01 GMT

GET
H2 200 WhatsApp-Image-2022-10-13-at-13.57.27-400x240.jpeg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/10/ 16 KB
16 KB 62ms
55ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/10/WhatsApp-Image-2022-10-13-at-13.57.27-400x240.jpeg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da7b47872772af36993f4267860fc09dac311d3298296eafa6a5f90beaaca518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 00:48:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ymjr1Jl%2FdAr%2F2pFxp8kh4dvK3IOv7jeEdhWTEvpKVJgwIki2v6SNe25g9fO1RQU6gUACQeJCaxSNTKmPd8KHwKuU8GuiSQatMU%2F6gM1bN%2BonOpLXfh%2BwoT54qNJVRLPN3lkZG6LKCPamFRIgcWTcVKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bbfb24bb41-FRA
content-length: 16282
expires: Sun, 11 Dec 2022 15:48:48 GMT

GET
H2 200 WhatsApp-Image-2022-10-13-at-13.57.27-1-400x240.jpeg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/10/ 22 KB
23 KB 79ms
73ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/10/WhatsApp-Image-2022-10-13-at-13.57.27-1-400x240.jpeg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b974efc12bade95169a0adae14e5052e0a0689034ef0b17e73b1935876ae32ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 00:48:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJH4mvvUA%2Fl1W%2F%2B4QhCxFWJ3vwbUjHXL%2BvluJgDMVl%2BdkY2IRxeApEYo9Lfw%2BhCnOKjaskjjBjk%2F65yoXsU%2BEbRPmm81epGLdZxBnBLEVePCQS7QUSqz3LOdUw5IC6uk1FXrbTf8G5Jw2oqOnf6R8no%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bbfb29bb41-FRA
content-length: 22878
expires: Sun, 11 Dec 2022 15:48:48 GMT

GET
H2 200 WhatsApp-Image-2022-10-13-at-13.57.27-2-400x240.jpeg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/10/ 9 KB
10 KB 62ms
56ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/10/WhatsApp-Image-2022-10-13-at-13.57.27-2-400x240.jpeg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7442a3d4a0fbcf0c77cd7cd60457b1c30fda153378e9e021da6c056b2df7aabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 00:47:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1eCB64hI68%2BawP391hK8mJybCiMBL3bQqkq33OyhB4sl5b%2FlcgiRcJekzaaTOqEvPS3xVlhibruGh6psEiaNNYKkLh71e6gTM8m6qBVoKdLohvQaL%2BrXMBNOFh6ywKIi2R4vFXUz9tYFxJc93YOq7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bbfb2abb41-FRA
content-length: 9540
expires: Sun, 11 Dec 2022 15:21:24 GMT

GET
H2 200 WhatsApp-Image-2022-10-13-at-13.57.27-3-400x240.jpeg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/10/ 12 KB
12 KB 62ms
56ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/10/WhatsApp-Image-2022-10-13-at-13.57.27-3-400x240.jpeg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a00d62a52a31925b70639011f9ead9a67f832c75abe105b816514de212945637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 00:47:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzVMehW5%2Bf0FuQJnUixzpIVGYBQYftu5FJFp3mRbA0RmXZwyLRDOCjPQU7RihaA4KMPHZ%2BdJNOv8FfX%2BMd1%2BXhvwqktUv7MigABrIzoPeUfAn5Q6XHldjEtpTYXfNPI6aX4vLXqFnTePtndp48I2M1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bbfb2cbb41-FRA
content-length: 11812
expires: Sun, 11 Dec 2022 15:21:24 GMT

GET
H2 200 speedway-1-400x240.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 19 KB
20 KB 63ms
56ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/speedway-1-400x240.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff19bba8316157b5e4eb3ff89962d93a9aea12c5663c9d58d2093a787b961823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1444
content-length: 19550
last-modified: Sun, 04 Dec 2022 14:40:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXOPfNW9V%2FAixcq%2BM%2BeJ8E8p2EXKtv8rP1STP5bF1OI7RGnyPcui2r9IHtS92qa1Pr7rn7GD6bFADi2wM9jOaqctdk5CG%2FHBCbRQEpRQRDRWi1yCh0hF6SaTuHMNUPHLDjqpfCJWfvPCAeMe6GLcypQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb2fbb41-FRA
expires: Sun, 11 Dec 2022 15:40:02 GMT

GET
H2 200 camion-400x240.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 27 KB
27 KB 63ms
57ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/camion-400x240.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46cfc723402afdc45112aa9e5d0af662b19680e2e5d8475f5f97cb981d95a493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1444
content-length: 27516
last-modified: Sun, 04 Dec 2022 13:02:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIHBDUXZUZd9XHPWUxCYwxG48I%2FpSFThwVTfi0EMUcQ7mRcp9puLX5scosSzfvGIATV%2FMz3XHsnw41A95rgnr4O9uVzzS4w0NUhw16vUUr2s2dkGu0PFLtmug55NbdL2lbJKipScO4uPEenOu8y%2Bu%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb30bb41-FRA
expires: Sun, 11 Dec 2022 15:03:05 GMT

GET
H2 200 laarmonia-libertad-400x240.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 16 KB
16 KB 63ms
57ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/laarmonia-libertad-400x240.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b0a02f6a41ac18881d46b3c65e97a161d160f4fa7e6bed3d6640babe5181ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1444
content-length: 16202
last-modified: Sun, 04 Dec 2022 11:29:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NIf4e5XOYks3Ok19aL%2FEOWQLoYvUi8OTy2KmhXTccKqgtzH139r3ZgqnBImj%2Bsu0evSG2b%2FTCchqmWD2vjgv6ZTQtgujrRjy9kKm%2FpTRBVl76kkEmp27SpQ1Hm5u23CDDPHGe8c0bGaTwp6FBBHp0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb32bb41-FRA
expires: Sun, 11 Dec 2022 15:30:37 GMT

GET
H2 200 massa-400x240.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 13 KB
14 KB 63ms
58ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/massa-400x240.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ffd63484940044d03d955729df16dd425449d11d07cee7826412edea33435c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1444
content-length: 13576
last-modified: Sun, 04 Dec 2022 11:08:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O83p%2BUm6gtSu6TMdJmwBFBTP2M9FntkEVIDhjKxf7BZj9bh%2BilwJLFlNc%2FTiEz4zrwfGm8yaZxBcCvwzx9u8TebGs%2BLVQm3AxmJ7jz32wbqDOGHNiHpTbSuTA1U5hbBZFjT78YZyq%2BeSndXKcfA7%2B%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb33bb41-FRA
expires: Sun, 11 Dec 2022 15:32:11 GMT

GET
H2 200 scaloni-1-590x354.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 15 KB
15 KB 64ms
58ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/scaloni-1-590x354.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8157b33abb37aff74b7cd5104136439d526b1dc79538ff2205b2a2ae2c9e373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1444
content-length: 15432
last-modified: Sat, 03 Dec 2022 23:14:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I5bjgm%2FFCe3oa8%2FryvFQQZ1Jg705vNOGTF%2BdDcTpTPkyj9hrgQ2jb%2BrlPLkSTUqMVhAyEqy2WWlatnK%2FE0LDzI1qlZFpDaCfUthNVXa4G426i0BHJZe04gB7R8yJIhz26U2p1ZbV8QlJa8BQggWBWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb34bb41-FRA
expires: Sun, 11 Dec 2022 15:43:56 GMT

GET
H2 200 dinoto-590x354.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 25 KB
26 KB 65ms
60ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/dinoto-590x354.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d52d392a6a06f04f082d30c5c1ef88b25c028a9a68c5bd0c8814937db2c27177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1443
content-length: 26084
last-modified: Sat, 03 Dec 2022 23:02:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BAAH5wNIZExA92K6HhjyK63ms80wUdLGB5%2FPmcu9SluR%2BX01VID7LwTJCZTGfZZ4Ui8%2FU0SSf3%2B0vcOcZ5HFoloj93XEpZ8XbsBCs%2FynuM%2FaqRiA4s6szKuIQkDcaHCjDG5a4v3R3KrOXXEcTdQyUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb37bb41-FRA
expires: Sun, 11 Dec 2022 15:43:06 GMT

GET
H2 200 festejos-400x240.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 38 KB
38 KB 79ms
74ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/festejos-400x240.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d8ce4658cbf0831a244a21546d292db1e7fce29dcd2df8051b8125a07c5cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1443
content-length: 38918
last-modified: Sat, 03 Dec 2022 22:12:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5wcR48c8hYPrS39BuSVFHXSqSDU5u2Mya6Sb4xl0YlIz4orouQLI2f8wiS1SCdnHmJIf1P9XzrmyHi%2BeaJZ6LLZMLbChiL5C54sOiEJ3gZwrxClXYxBp%2FCPFYYWoy4dgOeD2O5cQaL0M%2F4e9PfJuZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb3abb41-FRA
expires: Sun, 11 Dec 2022 15:32:53 GMT

GET
H2 200 messi4-400x240.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 10 KB
11 KB 90ms
85ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/messi4-400x240.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1b648afd8964c553d1f8bcc7ba1faf50a0622cdbbdf69b7fe4659ceb40d7e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1443
content-length: 10618
last-modified: Sat, 03 Dec 2022 21:58:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brEnh9lgRebxubzXI4Vv0CNZCaZ3Mf096KDxUxEkdK%2FeJsVZq49V8giRECx5IpFNoOZANgfLoh60epzMb9%2BohZdo0tstUd%2FM%2FNtokOesvI%2FGGifWhLyc4LE%2Fe4RlfHnRItbK%2Bd%2BuZJcW7HrvoJHUSzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb69bb41-FRA
expires: Sun, 11 Dec 2022 15:02:02 GMT

GET
H2 200 sifilis-400x240.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/ 10 KB
10 KB 80ms
75ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/12/sifilis-400x240.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88377b24a65b90c63b5242d1f6845cd81a087ad254977af7403a696d93cee7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1443
content-length: 10326
last-modified: Sat, 03 Dec 2022 21:00:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qb4TeXm5L2Jy0HSGI77qNqygVY868LgxQmy%2BdK2UW0TqN1sgSbs4Zfy9kPYIrsbFirfv9MfHolit9DCB%2BCshye%2BFIZL%2BTMFBP7sYcWPv%2BpiJrT5udgxnygrBUDPgT81Orw5iHBUjN3FuVc7lgJihXK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
x-webp-convert-log: Converting (there were no file at destination), Serving converted file
accept-ranges: bytes
cf-ray: 7745e5bbfb6bbb41-FRA
expires: Sun, 11 Dec 2022 15:21:24 GMT

GET
H2 200 pele-400x240.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/01/ 9 KB
9 KB 97ms
92ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/01/pele-400x240.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2e40a494171d0336443cf07e6bd045fbdea5466a7097ea1c8f56d241c3e14e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 12:23:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1443
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FisqvzREYXidAdN4Mf80WkUMKMmImtqrd4EOatFacLGnc84j4WjqV16T5rUYwon92p3c9BhusXWiaxNOnl30VzIwNCfyoonSTKxjXsofZDIqwbzB1fUuXksmC%2BZoMbBIolmtbqb9Nvv9C31qDXoKkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bbfb72bb41-FRA
content-length: 8956
expires: Sun, 11 Dec 2022 15:02:02 GMT

GET
H2 200 mbb_fb2-okgkkl3tfxt6dvk3vkksb3dqo4r8rbo5465zzeumwm.png
www.labrujula24.com/wp-content/uploads/elementor/thumbs/ 730 B
1 KB 95ms
94ms Image
image/png 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/uploads/elementor/thumbs/mbb_fb2-okgkkl3tfxt6dvk3vkksb3dqo4r8rbo5465zzeumwm.png
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da7fefc086a2cd026189fa4d0000eb6a8a6327df8a5784f5d68672f7e467abc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381
cf-polished: status=not_needed
content-length: 730
cf-bgj: imgq:100,h2pri
last-modified: Fri, 31 Jan 2020 03:29:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hO3pOuCcWFcdbqTgQ06re6PMcB1MuyBLXoVmdSiNKqn2Cd2sZGReQNG0Dvm%2F%2FAphK3sS0laW%2Bt8syD4IucUmKjM%2BVfw2gsbg9gdiVuJunun2N%2BZzCl%2BJAm%2BgCN4x40SUFgFPRqeEDzBoLCTMQgz0VMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bc1b79bb41-FRA
expires: Sun, 11 Dec 2022 16:08:15 GMT

GET
H2 200 mbb_insta-okgkl4uffgk75orfob3y9gef581y8yui6vv7281d9y.png
www.labrujula24.com/wp-content/uploads/elementor/thumbs/ 1 KB
2 KB 84ms
83ms Image
image/png 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/uploads/elementor/thumbs/mbb_insta-okgkl4uffgk75orfob3y9gef581y8yui6vv7281d9y.png
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7583ea122dcd3ad0fa81078acd63f91052d378c1d6468a81449631c8b795c1eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381
cf-polished: origSize=1312
content-length: 1148
cf-bgj: imgq:100,h2pri
last-modified: Fri, 31 Jan 2020 03:30:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bB5qzMx7NovmI53ACxJDazLHu5WN13CMvhsxy00ZyL0vC1%2BUyU5pI2Fc98Ygr3Br4SrFv6urbVYa6UF6P%2Brn7bJOJ%2Bc4T0Jm9rCRnCL8gNmUGsbY5L7hIlZAJbfXovZTKniI92ip4gaC68gOZBP6eto%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bc1b83bb41-FRA
expires: Sun, 11 Dec 2022 15:22:37 GMT

GET
H2 200 mbb_tw-okgko16ii2j0yejvr27jg82l2zrozdcpl8a3bxqo3a.png
www.labrujula24.com/wp-content/uploads/elementor/thumbs/ 870 B
1 KB 95ms
94ms Image
image/png 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/uploads/elementor/thumbs/mbb_tw-okgko16ii2j0yejvr27jg82l2zrozdcpl8a3bxqo3a.png
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa876c31b72b7fd4c6261ece66f62c774bec258bee8e42e8828007140005eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381
cf-polished: status=not_needed
content-length: 870
cf-bgj: imgq:100,h2pri
last-modified: Fri, 31 Jan 2020 06:10:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fn5HRVUOHAZy0G1JGIALmkKUT2tbrsbC1waXVc%2BUiuv58xSWLQM2S7JEKB4RmJ1nHwtcXhmlArefxDsEfYSBRLvhhOgvwFBx4RmZoQEmEz8e2fl0tUeGq4ucrRgMf9sv2LH%2FtwTXrhqDhVuSl9hYd5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bc1b88bb41-FRA
expires: Sun, 11 Dec 2022 16:08:15 GMT

GET
H2 200 bahia_gob_ar-okgj4hvsehtaarzgw26vxx02hbqylvgqnh01xvegw0.png
www.labrujula24.com/wp-content/uploads/elementor/thumbs/ 6 KB
6 KB 87ms
86ms Image
image/png 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/uploads/elementor/thumbs/bahia_gob_ar-okgj4hvsehtaarzgw26vxx02hbqylvgqnh01xvegw0.png
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33ad731b148b34df9613ac3a9258c25f47c72416a0d9b45fa136375ea9de5472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381
cf-polished: origSize=7126
content-length: 5743
cf-bgj: imgq:100,h2pri
last-modified: Fri, 31 Jan 2020 06:02:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNlrAAQVyzpIqxmTbU%2Bvkzr%2BT1HJH%2FZb%2BwZkMfEGlrM4Zj8dSno3NLBZ%2Bkufa%2BUzItrUB8NXMUHyUwNAagfj81orOKFOoV4ePWCHMQYnGvbOIqgJDCx6b2kTjcawLlsyNNl5YnK5qs8E0aHukhESGXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bc1b8abb41-FRA
expires: Sun, 11 Dec 2022 16:10:26 GMT

GET
H2 200 logo_volver_escuchar_v2.png
www.labrujula24.com/wp-content/uploads/2022/03/ 1 KB
2 KB 67ms
66ms Image
image/png 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/uploads/2022/03/logo_volver_escuchar_v2.png
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 358ce3fdefc7321ac9b191a09dc5402c4fbf65c6c83b1e021f18efd5b75166e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381
cf-polished: origSize=2740
content-length: 1534
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Mar 2022 18:51:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQ5jfXoW6uWidnKceqDfqZUkWp6a%2FJsEZW8cuXlglUBAhXefw4bShBf84Stjw1Mbnv77lyXd%2FvyPIhTWFNtDBn2XuJOCbTGIYmLBcM1O9xcQIZLi7dsWQKydJle%2BG42duKrR6koU8gefD4cqQhyhgr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bc2b9fbb41-FRA
expires: Sun, 11 Dec 2022 16:07:41 GMT

GET
H2 200 ESC_bahia-hoy_v3.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/03/ 51 KB
51 KB 61ms
61ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/03/ESC_bahia-hoy_v3.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c5819d879f32724816c9fb61413a4df117c49fabbf9ed152db1ec6cf20ccacf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Apr 2022 12:32:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHtUyhUq7QIk%2FKh4okP7LsG3Xh3X%2FYi3MgoKQVYZdrIyeIw57cdyodV71wAXSy7jC5LcUeqY2KSBPSKrzv87JPEmhI9wF3nVqIgkSxzdC5txr0ZXx1reJpBroZMOid2I3%2BtvDGylogSJP9LWNCd2FqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bc2ba4bb41-FRA
content-length: 51852
expires: Sun, 11 Dec 2022 15:57:39 GMT

GET
H2 200 index.html Show response
servicios.labrujula24.com/cotizaciones/ Frame 81F0 874 B
834 B 465ms
432ms Document
text/html 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicios.labrujula24.com/cotizaciones/index.html
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd3047f46336f201e734af4d631a97bda3365800f6c0c79469b69075992b348d

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7745e5bcccffbb41-FRA
content-encoding: br
content-type: text/html
date: Sun, 04 Dec 2022 16:25:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MD2PJjDYWtIdzpMJi2wSKhois9OYdFq77nTDznfxMAgjzTLJwmq4VS%2FXE7UBMa0RezqGeEENGkr1dBcSjwAuM6WUB%2BW4liEfouOBSyG5jvybfyZ18%2BkiHqddRCNiyN2SH6ywHD9axyrGw1ifuh65g2DyAHnir5Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 iframeResizer.min.js Show response
servicios.labrujula24.com/cotizaciones/js/dist/ 13 KB
6 KB 129ms
95ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicios.labrujula24.com/cotizaciones/js/dist/iframeResizer.min.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70473c8ac1784e732b6f939aacf1b7c7247968e94408fb7d0dbba9fab15a11cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Oct 2019 13:19:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1449
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQ203PcwucuuYBeQkX0OetyNuTgPZyXIDC4xyW%2FtGZqsmHA73kmsM4%2FbKKCZDootkvWHtGClAi3rbMw9YioZ%2F%2FIQ3IlqGzarxzNDTuzxyDpfwUFAecBi%2FDlSQW3qga1GzZKCtEw9fxEwhDtJqmcCgyY00tN6LLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bccd04bb41-FRA
expires: Wed, 07 Dec 2022 15:38:35 GMT

GET
H2 200 logo_lb24_com_navigation.png
www.labrujula24.com/img/w19/ 5 KB
5 KB 117ms
98ms Image
image/png 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/img/w19/logo_lb24_com_navigation.png
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d68a0493de4a9c208ce231a1d85f3e707e53082e5e35d105df5f6e2e455ca1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381
cf-polished: origSize=6480
content-length: 5136
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 Apr 2019 13:58:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkNwokgakn2833WaYQ3xyG4BoAOt1mTweWS0Rj9ubOW9H41CaGPveTFR7OklGUcbVFbIcEC6lTon5i%2FKhoIP30olAKv9QIk%2FrxC25hf8i7LT5M%2FDeZhWnokhBKBIXjEOSf5kzd1%2BUOxHKQCsmdwks%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bcccf7bb41-FRA
expires: Sun, 11 Dec 2022 15:25:44 GMT

GET
H2 200 hb_brujula24.js Show response
intothebid.com/wrapper/brujula24/ 233 KB
70 KB 241ms
52ms Script
application/x-javascript 2606:4700:20::ac43:48db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intothebid.com/wrapper/brujula24/hb_brujula24.js

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353b6d30d4ddd577f0cb1716c131cf08e31e61d8b883c078e49b357aa3ca9e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3317
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 30 Nov 2022 14:54:15 GMT
server: cloudflare
etag: W/"3a446-63876e97-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veqeyZDQ1PcMPxpSyEfPc14zzNz0r2fisV9u0cZFwBTzNfIBedrUt2T47IZHp2OPFlNwK5h3z5He8UnEOWF4DIT4jALVjY%2FO6kC3rrrpt1zjTGns%2BgSGmT%2BwssTdCKRFXBvZq66nLoesB%2Bn9"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7745e5bd98a78ffa-FRA
expires: Mon, 04 Dec 2023 14:31:12 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 299ms
46ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 04 Dec 2022 16:25:20 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116406

GET
H2 200 frontend-legacy.min.css
www.labrujula24.com/wp-content/plugins/elementor/assets/css/ 13 KB
1 KB 70ms
51ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fde0d5a578eb6673d38d66dff152e36b610384b19954f0723e07f4302305592f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4O1qyFtb4GxtnXXMSzIlCyU0lHizo%2FKm2PnHu87oJU%2BDKk7OMmizI%2F1ulPS0u2fUp6adndvsCFP14HbERlHGaREY7A%2FEV2cgDE59ppcSnawd1XszP6mFmng2OW76Cq5tZIa6D2eoEwm4zALxenOKr6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc8c51bb41-FRA
expires: Sun, 11 Dec 2022 15:53:38 GMT

GET
H2 200 frontend.min.css
www.labrujula24.com/wp-content/plugins/elementor/assets/css/ 158 KB
20 KB 92ms
73ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b091fb04aeb43da4cec3392a4de451d0f6b97a91235e0dc68560bc271c2b83c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsnmaGdXR%2Bv9EyFbyVn1Tkqqng3sfPzJtTTjC0ETPcw40UmiQ9HsoPYmbJh26%2FT%2BrwEBC3VJXyKW7b3NfMq%2BEOxl8eXLWQ426YtBRx5Fa3OyX1YWu%2FOfQSKawz%2BGnB9XA8dv7lvjNEXsWMBX595HGJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc8c54bb41-FRA
expires: Sun, 11 Dec 2022 15:31:07 GMT

GET
H2 200 post-243688.css
www.labrujula24.com/wp-content/uploads/elementor/css/ 2 KB
939 B 91ms
73ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/uploads/elementor/css/post-243688.css?ver=1669690947
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aae1e3f431e578c71db076c0ac1cd58132a139caf16417de4b8fb7461815192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1449
cf-polished: origSize=2660
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 03:02:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGp%2BvgJ6yvcukXg%2Brg96S6rNNBmFHpjAqkGMw5zEZlJzMHCWShoMbCF%2BUPDh%2FaaAbD3Ak80yVmNYiojlwjop0CUEi%2FFCYr3EHnHf8%2Bxy6a%2BwUEUKICtUHlOuBwX4IvwMUDQ06M9a5VNxW3k4sbmleqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc8c58bb41-FRA
expires: Sun, 11 Dec 2022 15:27:59 GMT

GET
H2 200 post-210425.css
www.labrujula24.com/wp-content/uploads/elementor/css/ 7 KB
1 KB 86ms
67ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/uploads/elementor/css/post-210425.css?ver=1669690948
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05aa52b1f4f05d13d32d5a97df851a4ccc045c6a0ee422846a8f27557a0ee529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1449
cf-polished: origSize=7799
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 03:02:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFcrGNKQVk%2Fve3jwgO3%2FrXxXl2Jzu6hhdV3zzrnYod7%2B7jge3fpjstiBOn2XYCQi5b938oaRiwMFJlmtdhUE0GoIedAfJ5mEFeRrDhzwVv59dN6dUgU9w9y3JFqFqUA0S9bnvTJDcnlSBOX1xijGjBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc8c5bbb41-FRA
expires: Sun, 11 Dec 2022 15:08:32 GMT

GET
H2 200 post-201365.css
www.labrujula24.com/wp-content/uploads/elementor/css/ 3 KB
1022 B 96ms
77ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/uploads/elementor/css/post-201365.css?ver=1669690948
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb835cbef42441def4ca4ea4d1a9d92f50072e65c8bbbb0a8b727325b4ead408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1449
cf-polished: origSize=3421
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 03:02:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3m0EUkl9sEn1FfvLOBp41%2FPGffqhppMGKzfK2bBE8pgMjOQVW6oriYEzshRMRfE8NdcqWPN3kWJmkFfG%2FyRxUx1dGhjjl1xg5mZSURBa1Bq8%2FuCTW9n%2BBoVKfjWmTRoF4iGCy3R8NoGEhoLDUimO2XA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc8c63bb41-FRA
expires: Sun, 11 Dec 2022 15:08:32 GMT

GET
H2 200 post-169003.css
www.labrujula24.com/wp-content/uploads/elementor/css/ 3 KB
868 B 61ms
43ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/uploads/elementor/css/post-169003.css?ver=1669690948
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550a072b8f659dcdefb885328180c705271b372449f0341e2add1a743b82b455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1449
cf-polished: origSize=2849
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 03:02:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppEsyq2lToFQFOIIhBLlLocdh1fWY5ZjgTGyGNnF%2B75mBfo%2BBJQsPaICFZ7bQePE0Xx6ynER8BPGeSXBfh5gep%2Fm3JqPJTTO0cSMT%2FiyZSB44UpMisGYWs3%2B9e%2FVKoCfXYWtFe5SqwNN7kR9Lr6VDzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc8c66bb41-FRA
expires: Sun, 11 Dec 2022 15:08:32 GMT

GET
H2 200 post-39081.css
www.labrujula24.com/wp-content/uploads/elementor/css/ 20 KB
2 KB 94ms
76ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/uploads/elementor/css/post-39081.css?ver=1669690948
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e15df485a3c008b7a8871a65dd9ae1d113862b146e93ee9696d24db92c01c8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1449
cf-polished: origSize=21137
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 03:02:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jybhBsZ1CJM%2Fz1xn%2FG9v9oNqnpXwpWKWniT959LmthkCt46e9q4ygVJUoDTQvXqUGLJZiBKDjiNx6kQXcvxKBVQtlhk4pwx1MKENIMjhNSmYMbsPKaoMrzQcV9X7NDhY5AYqtGGJYGfXeadcFXFGfJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc8c6abb41-FRA
expires: Sun, 11 Dec 2022 15:08:32 GMT

GET
H2 200 elementor-icons.min.css
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 72ms
54ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9saVqd09EdyL3aRMNXy0DcD5TrjmiP4b2WxZa9VksbANd6IH28X%2FvuJG4MCkivr9b%2BqRJUfjEsGMLhXSJ39LnIQ%2Ba3cGyazkH09fNHN1dE16vXXnv2wVGKpPmprJ%2BxhnKkWfGcpoBJjJRGNdQq1sjJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c71bb41-FRA
expires: Sun, 11 Dec 2022 16:05:48 GMT

GET
H2 200 post-41547.css
www.labrujula24.com/wp-content/uploads/elementor/css/ 1 KB
847 B 79ms
61ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/uploads/elementor/css/post-41547.css?ver=1669690943
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ef6cd171c90486a96628f25f105ef757d9795f6a9631fff6419d20f342d692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1449
cf-polished: origSize=1331
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 03:02:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj2Yhsf42fLSGNmHmSpshvRAJRg79oZ8YaGrHdSzRMF03tlDd8guvFSsjIrhc4trd2t7j4CiClH5DBUhuL2pSPKq%2Bgr1sKGLp37bLTps4OsnlYm9t87KDZVaUHbmbmqUAOdRzVJWNzNto4NoMGmWZAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c78bb41-FRA
expires: Sun, 11 Dec 2022 15:53:46 GMT

GET
H2 200 frontend.min.css
www.labrujula24.com/wp-content/plugins/elementor-pro/assets/css/ 483 KB
45 KB 80ms
62ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.8.2
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b67ec1b48befcb446a701d41e607cd94abfc97e25a5da7ab163f368dd14c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 03:02:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1449
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgPFlRxzaSbqs%2FO19txCc5MbnRkpdjHMM8XIJmjLQCxnYUlwytWosEa84uYtWLt0H2t6CksbCQaMX7MIc3PI0El3edCq3lHmgXl%2BDSQo5tEdyZCuONBy9jnW5HDfIp9dV33nFxvac42Ok2Q94Z3OCA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c79bb41-FRA
expires: Sun, 11 Dec 2022 15:53:38 GMT

GET
H2 200 all.min.css
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 58 KB
13 KB 81ms
63ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uIrm%2B7D7A1PsKVGO9A%2B6K1jsaDt9g3FGY6nhLk8Kf7%2BhtXSExWKfinvKdYNt8vSNN1Uc2WnTsqm0hlOzC4fxKrU%2FkefL2c8%2FFZG7vSr3CTQhs%2BDJ7l%2FNeGftmwqTXTHNxua0Axh0WxS%2FlIzY4lwDfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c7bbb41-FRA
expires: Sun, 11 Dec 2022 15:37:30 GMT

GET
H2 200 v4-shims.min.css
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
4 KB 83ms
66ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVTu%2FES2mx%2B%2B7s0AqJ0%2BiQfcva0APTWaoZjibNlyf6EPDUVnOlCz2HrOlI7VTjC7rWew%2Ffgd2fIEBnki1RvfmypzUD%2BbX8YF8F3eG%2BO5iViG9yJnsKbnkD%2BySj%2FUxHb56yxKDA%2BAoASy32UgvXAr8V8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c7ebb41-FRA
expires: Sun, 11 Dec 2022 16:05:11 GMT

GET
H2 200 animations.min.css
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 85ms
68ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnyUtfBy6L0zrWgeAxi4JgxSWetB%2BnhsH2ahBh6JaJqfOg%2BUVAv4X0DWuQTmmh5BwOF64s4YxuXY8oO5k4LEo9yuCqRuwSIN6rXmb3U11VXiGPDiXWOa2DyMGKzFyqQ0LKsrQppgBB8kVPojJ1%2BEIeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c81bb41-FRA
expires: Sun, 11 Dec 2022 16:05:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 73 KB
2 KB 48ms
31ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdb0296c482753056176aa4e56d0dedeb82074dcaa83d54cb202e5755b679cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 16:25:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Dec 2022 16:25:20 GMT

GET
H2 200 index.js Show response
www.labrujula24.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 85ms
69ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 21 Oct 2022 14:58:50 GMT
server: cloudflare
age: 3318
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7cz7xlv%2FBS50QyW0fFCzkQfty6m7Nt4C3oGIgbdZsIeTw%2BJcLYRNBausR5gTlMPQh%2B%2B5XZTa6QYwy1HAqFyLON%2BndwNwAtEm2YCpteCUE4H%2FLkvRsYytOqKeD8NcUxftXXLRV9023GRC4LEcX8ej4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c83bb41-FRA
expires: Sun, 11 Dec 2022 15:15:59 GMT

GET
H2 200 index.js Show response
www.labrujula24.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 86ms
69ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 21 Oct 2022 14:58:50 GMT
server: cloudflare
age: 3318
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdMJ5suEDenXMgrsg7ZCHdTs%2B%2BYzIX4Q693vHC%2FP8BqZNHSPOi479iDTKBSe%2BAp%2BpxwfOk5Ak655qaIMYhWi5l%2F4FC3cygpUn2DGqnA208bOJOZwWxIcJkml%2Bd%2Faa6MFso2fgMGG3QRKkywkpzPkC%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c87bb41-FRA
expires: Sun, 11 Dec 2022 15:17:06 GMT

GET
H2 200 mvpcustom.js Show response
www.labrujula24.com/wp-content/themes/lb24/js/ 0
419 B 87ms
70ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/themes/lb24/js/mvpcustom.js?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3318
content-length: 0
cf-bgj: minify
last-modified: Sat, 29 Jun 2019 03:00:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVMi21K%2BQNmErBwu7bFslpQakExoJPXl4eEPIabxAsVOkr3JEbHhqLBzOcWSBqA58F%2Fig3XC40qHmitb3wV3EeX0EhRPb6fpYGKCgSOa2WUUgM42o%2Fz6nHoXrXsV2LReNUJDyNCDbjufo9Q8Hcl6ZMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5bc9c8bbb41-FRA
expires: Sun, 11 Dec 2022 14:49:28 GMT

GET
H2 200 scripts.js Show response
www.labrujula24.com/wp-content/themes/lb24/js/ 80 KB
21 KB 88ms
71ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/themes/lb24/js/scripts.js?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57867970db92f0ea2de63c77a9b8ef6e8e46fbdaeb7acea81d26f74a859ce919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3318
cf-polished: origSize=123360
cf-bgj: minify
last-modified: Sat, 29 Jun 2019 03:00:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bx9B4MXm5PqY0EScRUOqSYfXZoOuEq7WnuYbPQ3RkypokdMPU3AF3KCFh2jLYVL8lsDN%2FHLqyy67qV%2BZbldQG%2FVe4LUDoA%2B3vWSRtbeJqnVJtJu%2BjEf2uJsft22yMk4GsdmIhJAKQcXdGWXWLRZTgVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c8ebb41-FRA
expires: Sun, 11 Dec 2022 15:28:47 GMT

GET
H2 200 retina.js Show response
www.labrujula24.com/wp-content/themes/lb24/js/ 2 KB
1 KB 88ms
72ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/themes/lb24/js/retina.js?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6d935c5494a7d6121e463f319ac4882f805d38989d6dac70ec84a29a203d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3318
cf-polished: origSize=3104
cf-bgj: minify
last-modified: Sat, 29 Jun 2019 03:00:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABMtHgRUMAYJ8lFWebj3sxqmHi0C72cLSm1Id4Ku%2FWyNexgydQ7d9FKVHqatH7MZ9jL2wqQm%2BquKpZ2KFZ1pccTN3XplC8cw7waP%2BLkYsb4aSL8piuY1PAhHDgpyluqXKSp5sdN0tAgm7T6KEKwMk%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c92bb41-FRA
expires: Sun, 11 Dec 2022 14:49:28 GMT

GET
H2 200 comment-reply.min.js Show response
www.labrujula24.com/wp-includes/js/ 3 KB
2 KB 96ms
80ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 03:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3317
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBrJ1pkogaTF13zpzICamlcpi4knU8%2Br8qkJrWBLXuJF16tYJ8xARO53449DmkJy2MG%2BQU6hLABrl8XOXauC5Yn6Lb1PvbIUW%2BlIRBsXmwWmJ1LoR3j4%2BieqcHzsck2j6ooQ26RaR2llBYuDwZvP3kY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c97bb41-FRA
expires: Sun, 11 Dec 2022 14:35:31 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 78ms
25ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0.3

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1776
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7745e5bcc8cd9bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 07 Dec 2022 16:25:20 GMT

GET
H2 200 imagesloaded.min.js Show response
www.labrujula24.com/wp-includes/js/ 5 KB
2 KB 88ms
72ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Feb 2021 01:01:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyKtXx7nuX6YriTJWyKH1E%2FxDambGRat88hqnuJ7f6IIVFiWAy7%2BVLTuSYcCYe3Iu57zmWpq8oyNQYBmRwdxb8O5CKSHYwWiiV%2BJacve8QHh7Xsj4Gs%2FzTDLNwzyMxGWIVMPS3vxmyOUqEyZrmYccCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c9abb41-FRA
expires: Sun, 11 Dec 2022 16:07:31 GMT

GET
H2 200 v4-shims.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
4 KB 103ms
87ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRv8wN5tOx9%2FbIi07AhrftWfVw8cRipvcpYyqJ8W7K58SOZ515yDa4gk4ZoR4WT4ur%2Fs8pkGC%2FBQxUC4mkZ44oBKZvMD0vAxBw9BBzOgwX2KjYDWcvIQMtq4rs38gt3seYXs%2FwAOQaKmMZUB7z2%2B%2F1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9c9cbb41-FRA
expires: Sun, 11 Dec 2022 15:53:38 GMT

GET
H2 200 webpack-pro.runtime.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 94ms
78ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.2
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a7149ba9a80966cb6790ba4c536609cf7ad307eac7cd2eed36a009867464c7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 03:02:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1449
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tvv2dfe%2FHvzS%2BSsVyW5%2BXjlls8AYC3uoZtAh6R9uB84iI550Gt6tas%2BJtz9rWNTVMiWW%2BL9Eo9yyrfL7IqbRHV4pEb6U87c1mruWeZdKNCx1y8mrLHVZUfFeVy0vcLEgVg2DZI0eRUS0%2F9qVD8R%2FtXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9caebb41-FRA
expires: Sun, 11 Dec 2022 15:53:01 GMT

GET
H2 200 webpack.runtime.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 102ms
87ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIxgD%2BwW%2FVQbszlf3Cyo1pMEgUgzj6HV60p9PGetLuG4pUSQc%2B22N%2B8oiUkyJeT%2BDrFvSNZhXeh369vNCzqx3wcmTxx%2B7%2F0TVQ4yNRtCNTegosWpLRRa7sy1JXEwgL6x5Txb84m2AXfqXnQWBqqdxDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cb1bb41-FRA
expires: Sun, 11 Dec 2022 15:56:08 GMT

GET
H2 200 frontend-modules.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor/assets/js/ 32 KB
11 KB 96ms
80ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiKdXxPZQ%2BPmnJPMotl%2BHsygMibrp8rBYAXVbZitjt6GpciGcxFPmj1Kh5rU77uqOql8Tuqr3JPxTFv7fvvPJVlpAh43Qxyt4D9ezHkorFE9%2FhMPwJf%2BVp8%2B280u5o9AZrKHOoCtrNUJR1Mh6uPUXeI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cb4bb41-FRA
expires: Sun, 11 Dec 2022 16:00:36 GMT

GET
H2 200 regenerator-runtime.min.js Show response
www.labrujula24.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 106ms
90ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 03:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BxEFc%2FKH%2BDLvPQLp%2FvgRJEA1%2Bk%2Bk3LodMBsi420EZIWKxwg0rISmJV5pV6MaUw1nGCOoddXMV4vXJXoue20rS16rKhhHW0F4Z8jMzAUsedsOOJaRy3mCxnKJ%2F6aIdPJ0xkn4rS5D1aCA%2FKUrBTbFqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cb7bb41-FRA
expires: Sun, 11 Dec 2022 15:56:08 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.labrujula24.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 101ms
86ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 03:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ce7dRCy6H2g9sJS%2BEuVZ3DtFhfTQyW3%2F9WXOu%2FyOaMahhU0oe9QEk2%2FF%2BdycOh46%2BkG82zgqh7dKu8o5SEA3e8MDBafJshnLiHqAZvOROV%2FJRaiY6jsACxtXziXt0SIBykV%2BrbZyN1cHDadFyrcQUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cbfbb41-FRA
expires: Sun, 11 Dec 2022 15:28:51 GMT

GET
H2 200 hooks.min.js Show response
www.labrujula24.com/wp-includes/js/dist/ 5 KB
2 KB 94ms
79ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 03:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaopcKaM2WpPgYzbXNC6sK%2FmhYRf3yytnJZsd6D7QnAmjzlIdRffUqtC63WYK4PDrB7LUEt318251wjeIE2sqAb55HfzwGm3t%2FUNlK0Z5ImKvG%2F7M%2BUnMx6vN75hKlE3CDTCHGmQSXIyp1Uk9g13VaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cc1bb41-FRA
expires: Sun, 11 Dec 2022 16:08:21 GMT

GET
H2 200 i18n.min.js Show response
www.labrujula24.com/wp-includes/js/dist/ 10 KB
4 KB 112ms
96ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 03:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdHQOxPWSB1OE%2BUZcmZ2fQBkyiAKnnJp5VKVfxy6JInfLIQ%2FbjOu1jJya47fZv14SBcLAFm2ksNUjDQb1o2D2yPK14Mor7F1yYOBAL6mAt5v5kNrPw4K%2Bb63eJoAI2C3jwmzASEzickgcl%2FgYF1fjUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cc3bb41-FRA
expires: Sun, 11 Dec 2022 15:53:38 GMT

GET
H2 200 frontend.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor-pro/assets/js/ 21 KB
6 KB 110ms
95ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.2
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1682e20b56b5c356e3bccb831e0e417b5c2771d1c509d228499de8782fbd708c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 03:02:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1449
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6b8K1NADPQ9ZFYfZEB%2Boqg2XZxW%2BOIk31yShqRLFMJRM1hxbSsqxSdtpHPOzDsZcjrFtf%2BxKhQVTr2Es7HzkL0iBGIBHUq4tEUhDu9b9QtEeV3YyrtrFOBJ49iAGFfXl4XTOPMAIfWzn1cYo067OMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cc7bb41-FRA
expires: Sun, 11 Dec 2022 15:05:22 GMT

GET
H2 200 waypoints.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 100ms
85ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jr14I2lBvOKy%2BgKTvOSX7IHg7nRNQaYNDAkefrLwjPdIMejzBnS4mEkst3StNFTvIFhLgg6Chj9KDiBeFkAlLuMSRfztPKORFuPowz%2BEuxHdTNi1jVSRzUhfOPL1c5FllZnYVFCMJQt7RK39CFMv2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cc8bb41-FRA
expires: Sun, 11 Dec 2022 16:08:21 GMT

GET
H2 200 core.min.js Show response
www.labrujula24.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 103ms
88ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 03:19:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqlmfkFyj0%2Fp8kyAJhG%2Bve8%2FZo61wkpiwbRj76%2BxccGp1uH76T9gUBrKZDUDp5uonazI6ty3X6RVfRHTEI8J%2FCpzE25iyF%2BtRrFSq2aOsNYSpTcaKnYfXYYYMQ2a7PJ2VFWbHvwdJA9Hamij2yiZ1xc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9ccebb41-FRA
expires: Sun, 11 Dec 2022 15:20:57 GMT

GET
H2 200 swiper.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
36 KB 106ms
92ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4s33nxxXx7Z%2BuBxDnGu6Kf396af%2Bq5A%2B4vyjXvltLw%2F1s%2Fcl47wYScDM0%2Fxu%2BK8sXUTicAezTr%2BgWBZgoAcuCU82eh7nslyDbaFHHStWsqJPWEExj9ygyL%2F5sAB6xk7uVGT0Uxn27J2qlmkFV43MeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cd4bb41-FRA
expires: Sun, 11 Dec 2022 15:34:32 GMT

GET
H2 200 share-link.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 111ms
97ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpVQoW9b5jxlMX4msU3WxjsKjf5y23H7MM0zJBkapk9U17P5Lm99KmNXuPIUqu4tcyPG4ixKuBR6QsRljohMZTw4F9cRh17f11u1bXt48emUtS5gAgeq6qBK07gATdr9tjC7saGKWSCvmsW%2BEy89V4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cd9bb41-FRA
expires: Sun, 11 Dec 2022 16:05:44 GMT

GET
H2 200 dialog.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 104ms
90ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZSvOKEvhZ0T2lXZKhL8AN5ecVeezWhIqqpIVOJdlhYkg8iQvXAQTF9vfc3bR%2FYwq0G5dfX0Bc0mi0t99yv9f%2BRlF8jkHPtcRwttFQdLBLIiwsl0VjkpGBIO7bAdaLCO8bVFD4Ea4P32dNzwDMx5aOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cdbbb41-FRA
expires: Sun, 11 Dec 2022 15:43:48 GMT

GET
H2 200 frontend.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor/assets/js/ 40 KB
13 KB 105ms
91ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwzmCvyCWC3EMcEJJm%2BdAXQ5s3doL%2F5Q%2BxwfoF%2FoWWi7lVrxkSii8OAxpmRvoybIVpi7nk%2BjXOX%2FUtcng2BezY11b4fpNzrJt%2Fl3nmjcbOiMSafgeOlmqCC36d48Arn8foBWJKv03UT2EBrZDS6ZxWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bc9cddbb41-FRA
expires: Sun, 11 Dec 2022 16:00:36 GMT

GET
H2 200 preloaded-elements-handlers.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor-pro/assets/js/ 136 KB
33 KB 96ms
82ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.8.2
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ba9cc2f959cfa9fbf4f2eee543d9c6be04d7d68461bc777d76273871378e432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 03:02:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1448
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wL1KPC2w37c8jotb7%2BKWMEziyPi7cSzIT0kKHJ77Eds5%2BImrUDiqNv75r%2Fc2jQ%2BNQKWJjnO3Yvhm9cgNR6mk%2FK9P3HgXkG9tLxyszTdNkCm6k%2FsjFJ4APz7Ea94ZzAXRzCmG9pKBqJNzMQoVBwH5heU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bcccecbb41-FRA
expires: Sun, 11 Dec 2022 16:00:36 GMT

GET
H2 200 preloaded-modules.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor/assets/js/ 42 KB
13 KB 98ms
84ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 689cd339b9de5d18314f13848a05a7ede4548ae9e30673035d1302da6d139ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRwb00EzP%2FjK3iM1SBtnt7IxYRnZjE3X0jo66vZ4jaMtpT4YaCNVrVkdL%2FyVfTWn3KWIOKw9Mqb4qwUio3AtzRQHrwiIT5nWX0y1CiUN8WvDEs4JEcd5hrc3D5qp8%2BYyXjIz9CeycpYuBWPy4XQmo%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bcccf2bb41-FRA
expires: Sun, 11 Dec 2022 16:00:36 GMT

GET
H2 200 jquery.sticky.min.js Show response
www.labrujula24.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 112ms
98ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.2
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 03:02:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1448
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHElc2O4xc04innf2M0CMyt0%2B%2FMbYK5OSOi%2FF8gPBX7lE99D4y6IZHCRxGXIP%2BGgwACexVQaPIPEfRWyjOpRUTNoXrkEeuRrU7fe9FiJDfzkRZQ0wVZiSMrz78zrBNPLEHcvRBnOi5EbXkW603P2OwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5bcccf3bb41-FRA
expires: Sun, 11 Dec 2022 15:43:48 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 260ms
82ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.labrujula24.com/
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7745e5bd9bf19a03-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 205ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/js/adcase_lb24-20221129.js?v20221129-1859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c584b7b0c44ff76fc4a87b3fb65261ad613073b5d16d8a107bdab417ddc77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27506
x-xss-protection: 0
server: sffe
etag: "1411 / 216 of 1000 / last-modified: 1670022376"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 04 Dec 2022 16:25:20 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ 192 KB
67 KB 14ms
8ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 482
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: 7wIPYj56CLvAIg6fykq9qxqro93BGpQS1fUEj3FELKR-N5TYin9yYw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 93ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-34XRXKZ5DK&gtm=2oebu0&_p=1929333272&cid=579929824.1670171120&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670171120&sct=1&seg=0&dl=https%3A%2F%2Fwww.labrujula24.com%2F&dt=La%20Br%C3%BAjula%2024%20-%20Noticias%20de%20Bah%C3%ADa%20Blanca%20y%20la%20regi%C3%B3n&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-34XRXKZ5DK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.labrujula24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 87ms
70ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5922699194716681&plah=www.labrujula24.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8734c823f01daa032be4e8f4c0d6fb4232fb53c492933fa8eed8d3d93beb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119174
x-xss-protection: 0
server: cafe
etag: 2969017002435790543
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Dec 2022 16:25:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 5FA9 10 KB
5 KB 52ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 16:58:01 GMT
etag: 10353107486223812946
expires: Sat, 17 Dec 2022 16:58:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 36b204e2f1feac040d9ea2c2275c5f70.js Show response
scripts.cleverwebserver.com/ 125 KB
47 KB 182ms
134ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/36b204e2f1feac040d9ea2c2275c5f70.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8b3666cf5826cbae55cf0ccb8a326c4c3f975d2d706cd916b2691c961eafab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
x-amz-version-id: uxU_s1AU.dNOJZvmsmQE6g378f.9Iqqw
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 15 Nov 2022 00:27:14 GMT
server: cloudflare
x-amz-request-id: C63KPX48F9XSD187
etag: W/"3ecc5c0b2b292b775d3eab7a421013e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7745e5bdd9539a24-FRA
x-amz-id-2: eEi3aJh4BNCDhxlL6QOS5Q5GgowZUrCvNo5cZyntXGRtiQJwfzMAsxOx+VIvDGF6nqhkYGopnB0=
expires: Sun, 04 Dec 2022 16:55:20 GMT

GET
H2 200 pubads_impl_2022112901.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 324ms
11ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 15:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133261
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 09:37:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Dec 2023 15:33:37 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 415 B
194 B 68ms
42ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.labrujula24.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1bf59483476c93ef0df8a95b5d7c574e3249f63e64eda20fee1bc9b1d1c67d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 169
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:20 GMT

GET
H3 200 prebid7.26.0.brujula24.js Show response
intothebid.com/wrapper/brujula24/ 317 KB
97 KB 61ms
37ms Script
application/x-javascript 2606:4700:20::ac43:48db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:48db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af9221418b138d3b5fd8626f6f9818c3e6be143df3fac912dda975ff4b361a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 868
cf-polished: origSize=325159
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 30 Nov 2022 14:53:28 GMT
server: cloudflare
etag: W/"4f627-63876e68-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYWyy8tk%2FGbGNiI6hFahu89g6pGqaxt3xrsdGC%2FHJTofpDtZdiXrT6fEdjspQtW45l5irvciL4fM7S0obQ25lsfvQEQxyeq4BnAUhKcmQ5hgaQDPOMvbBRVduLj4gZoz%2BHHmeBxDbze6CxLu"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7745e5befa1f9007-FRA
expires: Mon, 04 Dec 2023 15:59:48 GMT

GET
H2 200 main_libre_riesgo.css
servicios.labrujula24.com/cotizaciones/css/ Frame 81F0 4 KB
1 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicios.labrujula24.com/cotizaciones/css/main_libre_riesgo.css?v20210128-2143
Requested by: Host: servicios.labrujula24.com
URL: https://servicios.labrujula24.com/cotizaciones/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b5d9ce8c1c3267902470f977199851b6192fb31b3940dc941288e62c8e16c82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servicios.labrujula24.com/cotizaciones/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1446
cf-polished: origSize=4952
cf-bgj: minify
last-modified: Thu, 28 Jan 2021 23:51:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXnY0KEpCDmlZq2yDNN5ml7b5p%2B8dOAsVFAkBDM%2BFUMq9pL6chSHcXN0qHFnOpaf6WuuhXfIuLc8XJX0Uyd3kHMqmQTZypFE3r9M7fqSH3gqKtjKK7KjIJQfEleHG%2BIura6zQJhQGbgBFH1jfF6TrJueX8jktkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5c04bf6bb41-FRA
expires: Wed, 07 Dec 2022 15:38:37 GMT

GET
H2 200 get_libre_2021.js Show response
servicios.labrujula24.com/cotizaciones/js/ Frame 81F0 1 KB
1000 B 33ms
32ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicios.labrujula24.com/cotizaciones/js/get_libre_2021.js?v20210128-2147
Requested by: Host: servicios.labrujula24.com
URL: https://servicios.labrujula24.com/cotizaciones/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e532d515993bc3b860f480b9a487c25ab101f576a2cee71351613bbf74619b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servicios.labrujula24.com/cotizaciones/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83748
cf-polished: origSize=1842
cf-bgj: minify
last-modified: Fri, 29 Jan 2021 01:26:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9j5LmYVHDYhoDiR%2BYdiMLbWOiIyv%2Fq%2F%2BJhO73l7cnPe3%2BmjL4BXLUZako0%2FrvV%2BjD0xTA494BczFWQ8DHvFLOUlmi%2BLX8s3NmXS8C039DvRNpZGxP0z%2BhR4UxDOEvo2z9ko%2Bd6PLF2BjPggl3R9x5xrRauZALo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5c04bfbbb41-FRA
expires: Wed, 07 Dec 2022 15:38:37 GMT

GET
H2 200 iframeResizer.contentWindow.min.js Show response
servicios.labrujula24.com/cotizaciones/js/dist/ Frame 81F0 13 KB
5 KB 28ms
27ms Script
application/javascript 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicios.labrujula24.com/cotizaciones/js/dist/iframeResizer.contentWindow.min.js
Requested by: Host: servicios.labrujula24.com
URL: https://servicios.labrujula24.com/cotizaciones/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b15da8aef80564cf6d85e12c7b222dc815d730da801ebf7192c28cb56b27db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servicios.labrujula24.com/cotizaciones/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Sep 2019 16:37:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 83748
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyGxZgWRu8BEM7GJ0d3%2FzyWZT2Luh8cWHuNidf12gJD2QXMSTmCjDpSMEz3pz62Jm%2FKSWtrc90sBM8BYOjjohYHOpXyDmwMIAi9j%2Fw9ppfn3Tu%2FVmnyQRG4L%2Fmr1uYNEf%2FZDDTiyCaaXpbfAbvn9w0qp117OxQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5c04bfebb41-FRA
expires: Wed, 07 Dec 2022 15:38:37 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 81F0 17 KB
6 KB 88ms
88ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: servicios.labrujula24.com
URL: https://servicios.labrujula24.com/cotizaciones/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://servicios.labrujula24.com/
Origin: https://servicios.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7745e5c0aa539a03-FRA

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
699 B 131ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.labrujula24.com&callback=_gfp_s_&client=ca-pub-5922699194716681&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5922699194716681&plah=www.labrujula24.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1cb4a25c57934c4c328981a39a97a6035a6313a85b8d2a087cb72ca9bf0391f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 124ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.labrujula24.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 122ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.labrujula24.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C047 0
19 B 128ms
110ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922699194716681&output=html&adk=1812271804&adf=3025194257&lmt=1670171120&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.labrujula24.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670171120206&bpp=3&bdt=451&idt=491&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3932011046584&frm=20&pv=2&ga_vid=579929824.1670171120&ga_sid=1670171121&ga_hid=1929333272&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070993&oid=2&pvsid=2516472175970245&tmod=611838522&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=507

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:20 GMT
expires: Sun, 04 Dec 2022 16:25:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 84ms
7ms Script
application/x-javascript 88.221.169.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-143.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=12070
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H2 200 / Show response
ui.cleverwebserver.com/ 159 B
205 B 61ms
51ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74fe5fb0193174b7c51798ccf76c5f996551dae89e8d1ebb0699badd12781ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7745e5c0cf869a24-FRA
content-type: application/javascript

GET
H2 200 fa-brands-400.woff2
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
75 KB 24ms
24ms Font
font/woff2 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:21 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gcyPW8wrCHPtVYGG6k7GVJ%2BhbBVDriQ1NSIgzQfgzi7HdBeSoKNXbti0pA9Zp9fqGCpNtBMzB3qCuES24UiMElQQqezx%2BESWxH8oF5CJ425xEkh3sTzoNA2pK2HGdctI6Xeg586w3pJcKNnKrdj86w%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5c35a6cbb41-FRA
content-length: 76764
expires: Sun, 11 Dec 2022 15:34:34 GMT

GET
H2 200 fa-regular-400.woff2
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 13 KB
13 KB 31ms
31ms Font
font/woff2 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Request headers

Referer: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:21 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khToRZiAX6EFmLHRUf2lTmac%2FZjOKRjtCAlI%2FFaVrO%2BA27U4PvIuC94P5h%2BGLT2yicS2MC7sdqRENXvGcj8API%2FFGl9nGPr33Zd%2BUT%2FFUgDo6mQzoPhIS7k%2FaKgnyPKYaffnde7BCMc6GNXlmozLTlw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5c35a6fbb41-FRA
content-length: 13276
expires: Sun, 11 Dec 2022 15:56:43 GMT

GET
H2 200 fa-solid-900.woff2
www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 30ms
30ms Font
font/woff2 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://www.labrujula24.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:21 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eofeqWLMcKQW5NZfqvNPEuMkpQDMfQGzpiYlUyPWhuJLyZOQU1ry2Ztg%2BuDql3PNs7kRLZhv5RmkGzchY8GAtXqJJBAYb5PYDSGqDPDi3acHXY%2Fd6jw1ctRX1wfqbSfzvrJ4k7FtUJvWcP9hee%2BARAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5c36a7fbb41-FRA
content-length: 78196
expires: Sun, 11 Dec 2022 16:09:58 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 27ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.labrujula24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 509697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:50:24 GMT

GET
H2 200 ESC_vive_cada-dia_leandro.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/03/ 61 KB
61 KB 21ms
21ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/03/ESC_vive_cada-dia_leandro.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc46386fa3bfbf4760bbf1286d2d971e6c91475eb56cc7835f56c5f617809bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:21 GMT
cf-cache-status: HIT
last-modified: Sun, 08 May 2022 18:53:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sk2H1wjI1k0gzlBQt0WYsxhiBYoq3WbfG3vwINI5jA07qHxHNhXESmxKeHJf0frqUsWgk3YMmzjBj%2BVsJ5Ft76PyJVglqQ3rOHAh7MSYVrdN6u2HR%2B%2BrzF6S4hGIecIrYVZeJBu4XRnvRbEykEHgWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5c3aaffbb41-FRA
content-length: 62444
expires: Sun, 11 Dec 2022 15:58:04 GMT

GET
H2 200 ESC_nunca-es-tarde_olaya.jpg.webp
www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/03/ 41 KB
42 KB 18ms
17ms Image
image/webp 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/webp-express/webp-images/uploads/2022/03/ESC_nunca-es-tarde_olaya.jpg.webp
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1185e128a6060c5fdebd56898885b796c95b2b681bca3ecb9edc654eb405201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:21 GMT
cf-cache-status: HIT
last-modified: Sun, 08 May 2022 18:53:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 381
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjzrSUZLlzSjG97%2FoRh2uolHJ1l3VH%2Bpujqb9Q0di6bgsTsmZKed7uZQik81J7tsGUZXO49Co4Mp0ymOGfAkvZfJJPWOPzXArODU8yv32Jt4FBAABW1ZM3qQkELTwGVFWeck7TRwS0NB5svSMgXZ2HQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5c3ab00bb41-FRA
content-length: 42396
expires: Sun, 11 Dec 2022 15:58:04 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 63ms
21ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.labrujula24.com%2F&domain=www.labrujula24.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.labrujula24.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.labrujula24.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 04 Dec 2022 16:25:20 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 558417
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.labrujula24.com%2F&domain=www.labrujula24.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=KQp963xGVWpWNHNlb3h1c3NWeEZTZVJPbFl4OTREaDdNOHpuRll3eTllT0sybFhRUks1cnk4UFhIMFVjaXlOMFJZd244ODJldzlYZVFua3ZNc1ZZNk9XWWwwYzRDTlBKZVFkVWZoOFpoY2VXcmRvVVFLbVd0S25BekdONF...

357 B
645 B

44ms
14ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=KQp963xGVWpWNHNlb3h1c3NWeEZTZVJPbFl4OTREaDdNOHpuRll3eTllT0sybFhRUks1cnk4UFhIMFVjaXlOMFJZd244ODJldzlYZVFua3ZNc1ZZNk9XWWwwYzRDTlBKZVFkVWZoOFpoY2VXcmRvVVFLbVd0S25BekdONFI4a2dHZU5rWTVyM1FZbmxNRFk5eEc3aWN5TUd5dUVINjFhVFN6OXZPL0xmalBFNEZNMTdsbElJR2RIck1KNFltd2NaTFlhVXM4bmdWRk5LdHVVc2NmRlZhcnkyVWdXaUVsTXgzN2lhazhINFVIYk1NUUdFaDkrNFYzdkxjMmpFS3NrWUFFSHJ4fA&cppv=2

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

84ff1fb6573156edfb72e08b10071ec269ce12545208ca2273e106a754698f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:21 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 575189
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=KQp963xGVWpWNHNlb3h1c3NWeEZTZVJPbFl4OTREaDdNOHpuRll3eTllT0sybFhRUks1cnk4UFhIMFVjaXlOMFJZd244ODJldzlYZVFua3ZNc1ZZNk9XWWwwYzRDTlBKZVFkVWZoOFpoY2VXcmRvVVFLbVd0S25BekdONFI4a2dHZU5rWTVyM1FZbmxNRFk5eEc3aWN5TUd5dUVINjFhVFN6OXZPL0xmalBFNEZNMTdsbElJR2RIck1KNFltd2NaTFlhVXM4bmdWRk5LdHVVc2NmRlZhcnkyVWdXaUVsTXgzN2lhazhINFVIYk1NUUdFaDkrNFYzdkxjMmpFS3NrWUFFSHJ4fA&cppv=2
access-control-allow-origin: https://www.labrujula24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 358613
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 136 B
549 B 37ms
12ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

406e955a989c925bcd1d8e8a702bd5e737487d76370dc3e19780a7f34dd0cde4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.labrujula24.com
date: Sun, 04 Dec 2022 16:25:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
788 B 91ms
21ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 602749
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw8tdQcc36lkGlERLJCOdoMtwWCvM7a6uuTiU85EKWdKhrxP5mNB8JJ8LmindbnzzgJrsWXLNwNArAA4bIeGYkPSnyN1PDsdQiC9gn9WI6rPAs%2BeCHs1zbvL%2FsFwTxLkmgZfJpyK67krqa6d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7745e5c44d5f9b88-FRA
expires: Sun, 04 Dec 2022 16:55:21 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 696 KB
88 KB 676ms
676ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2516472175970245&correlator=1228663074449047&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&iu_parts=22031857995%2CHOME_01%2CHOME_03%2CHOME_04%2CHOME_05%2CHOME_06%2CHOME_07%2CHOME_08%2CHOME_BIG_01%2CHOME_BIG_02%2CHOME_BIG_03%2CHOME_BIG_04%2CHOME_BIG_MAX%2CHOME_LAT_FLOAT%2CHOME_SKY%2CHOME_TW_01%2CHOME_SUPERBLOCK%2CHOME_MEGATOP%2CHOME_FOOTER_STICKY&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=300x600%2C300x250%2C300x250%2C300x600%2C300x250%2C300x250%2C300x250%2C970x250%7C1000x300%2C1000x300%2C970x250%7C1000x300%2C970x250%2C970x250%2C160x600%7C250x600%7C260x600%7C260x800%2C728x90%7C970x90%2C300x600%2C728x90%7C970x90%7C970x250%7C1000x80%7C1000x200%2C800x600%7C1000x540%2C728x90%7C970x90&ifi=2&adks=688463805%2C3965050435%2C1121963328%2C78205328%2C2509612312%2C1976826566%2C348852787%2C1188452385%2C4218657575%2C2185983553%2C3971651247%2C2623665282%2C2105569026%2C3152355748%2C3666489090%2C1855356639%2C2546185889%2C974443919&didk=3436639650~916304360~916304343~916304342~916304341~3436639656~3436639657~4194371109~3619690533~3619690532~4194371096~3299025074~3619690534~1901569453~3619690555~418838165~1263763604~1703378242&sfv=1-0-40&cust_params=adcase%3D5.0.1&sc=1&cookie_enabled=1&abxe=1&dt=1670171121298&lmt=1670171121&dlt=1670171119755&idt=1501&adxs=970%2C970%2C970%2C970%2C970%2C970%2C970%2C219%2C204%2C219%2C219%2C219%2C1308%2C80%2C90%2C340%2C-12245933%2C-9&adys=2591%2C5625%2C5915%2C6388%2C9711%2C7683%2C8385%2C2154%2C3359%2C8291%2C12805%2C749%2C68%2C213%2C10976%2C1525%2C-12245933%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C0%7C0%7C0%7C12%7C13%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.labrujula24.com%2F&frm=20&vis=1&psz=320x622%7C320x587%7C320x587%7C320x265%7C320x272%7C320x272%7C320x272%7C1408x20%7C1408x20%7C1408x20%7C1408x20%7C1408x20%7C260x-1%7C1200x0%7C320x630%7C1408x4%7C800x0%7C0x-1&msz=300x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C1408x0%7C1408x0%7C1408x0%7C1408x0%7C1408x0%7C260x-1%7C1200x-1%7C300x-1%7C1408x0%7C0x0%7C0x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C516%2C4%2C4%2C4%2C132%2C2&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0&ga_vid=579929824.1670171120&ga_sid=1670171121&ga_hid=1929333272&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86cebff13be08b4f86f217045fbc1818145cffe81f1665f2e72ebb3187943282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90079
x-xss-protection: 0
google-lineitem-id: 6152452014,5874295898,5874277352,6037883666,5873661292,-1,5836463415,5874271343,-2,5874296573,-1,-1,5874281687,5873672083,5873674291,5874656134,5872067723,5874286796
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138412058777,138390249543,138409047994,138394269852,138376913663,-1,138372165214,138376913537,-2,138404794667,-1,-1,138376931409,138415068972,138390762558,138411887804,138376843005,138376931511
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.labrujula24.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1524 6 KB
3 KB 97ms
15ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:21 GMT
expires: Mon, 04 Dec 2023 16:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 48ms
34ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1781
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7745e5c47b125bf1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 07 Dec 2022 16:25:21 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5a73565f05c394c2/ 2 KB
787 B 257ms
227ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5a73565f05c394c2/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9428f8198e9f6f9e29828b1ea9514a4127327897b38c8db30f2541ec29ad7d14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:21 GMT
content-encoding: gzip
etag: -1679152658--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 611

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 207ms
184ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=638cc9f08620ddf2&bkl=0&bl=1&pdt=1212&sid=638cc9f08620ddf2&pub=ra-5a73565f05c394c2&rev=v8.28.8-wp&ln=es&pc=wpp&cb=0&ab=-&dp=www.labrujula24.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670171121375&wpv=wpp-6.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.7%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22anonymous_profile_id%22%3A%22wp-175886d9d136c6bb36652eeb642e96c2%22%2C%22page_info%22%3A%7B%22template%22%3A%22home%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=638cc9f05e6e5f9d000&skipb=1&callback=addthis.cbs.jsonp__152725771953158280
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69615f85a7e09ef1d3373e6090eea9e918c7a53de34e94cfd59e18d2a0e22742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:21 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 153C 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame B771 71 KB
26 KB 18ms
17ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Sun, 04 Dec 2022 16:25:21 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.es.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 38ms
11ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.es.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

007276382e4e3f77c660fb7488fec524a21f7893a736db96dca415012a25075e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 04 Dec 2022 16:25:21 GMT
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-e9d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1753

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb73633f1cee75d4647a4bca2be901f2cd7ee479434264a963f761b9cfe3ba4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 82ms
17ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 04 Dec 2022 16:25:21 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 397387
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
452 B 72ms
43ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 984f3b9f7e4d0a979ff9bd2cfb7f3c1f1312495444b025be942cf01cdf1a68b6

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:21 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.labrujula24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7745e5c76e779174-FRA
expires: 0

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
215 B 134ms
57ms XHR
text/plain 3.123.150.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=22736&adtype=banner&auc=itb_mobile_intext&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.94%20Safari%2F537.36&l=en&dt=1&pid=62240&requestId=4f070b64f3582c&schain=%5Bobject%20Object%5D&bidfloor=0&d=labrujula24.com&sp=https%253A%252F%252Fwww.labrujula24.com%252F&usp=&coppa=false&videoContext=
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.150.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-150-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.labrujula24.com
date: Sun, 04 Dec 2022 16:25:21 GMT
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
406 B 96ms
26ms XHR
application/json 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.26.0
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: d2c48553124433c8b0db05669f7c9726a22c3214cabe2b5a6d13e2aab34e14f3

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Dec 2022 16:25:21 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.labrujula24.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 48ms
10ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.labrujula24.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 339 B
903 B 244ms
140ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2585480&size_id=15&rp_schain=1.0,1!flower-ads.com,fw0102,1,,,&eid_pubcid.org=ba778d19-b4a7-4f86-927e-4fde3eb83c1a%5E1&rf=https%3A%2F%2Fwww.labrujula24.com%2F&tg_i.page=https%3A%2F%2Fwww.labrujula24.com%2F&tg_i.domain=labrujula24.com&tg_i.pbadslot=itb_mobile_intext&tk_flint=pbjs_lite_v7.26.0&x_source.tid=3693b68a-ff06-47ce-80f9-43de0a208bf3&l_pb_bid_id=10c5e852ee4dfb5&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.00622791180753679
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: af276085f69dfa8ede3d5a363976ac179311ade4a08c02eecf8c2300e8048ee7

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:22 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.labrujula24.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 339
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
571 B 71ms
42ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=909998
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f34dceefc90f0f9621eb56da5715f59a13c948436cd2a4c8fcd4626d176618

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkkAb22Lo0iQoQfdJIW3wAHEd%2Bj6o3wI1Bedn9Scfw45OKIaLListOS1ciRAvSss8sUx4AWPgWTFEZ8lLoAHKie%2BFDpd%2FqNR7SJyP%2FAhngid84lvj%2FXA%2FbIKsCsgXO5wJCPitBqN"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.labrujula24.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7745e5c77c98694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
959 B 83ms
47ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU15JWV5
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2afd4502e3c4edeac9e8b1157ef7faacbbfdeb12202eff24d6a6bfca9fa6adbb

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:21 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.labrujula24.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sun, 04 Dec 2022 16:25:21 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
406 B 39ms
8ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

1bb8956adcaa7af1454c66ac60ef9b80eb981f92ee8a44ec12fabd9159fd1455

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.labrujula24.com
date: Sun, 04 Dec 2022 16:25:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 dolar-libre-riesgo-2021.json Show response
servicios.labrujula24.com/cotizaciones/ Frame 81F0 398 B
620 B 174ms
174ms XHR
application/json 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicios.labrujula24.com/cotizaciones/dolar-libre-riesgo-2021.json
Requested by: Host: servicios.labrujula24.com
URL: https://servicios.labrujula24.com/cotizaciones/js/get_libre_2021.js?v20210128-2147
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ef7a72dff767da73cc41b0483aac92b80ee4d7028bf750cc66e365420242cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servicios.labrujula24.com/cotizaciones/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 04 Dec 2022 16:00:02 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Nl2bvvBuowh0PpiFtk7Xo7vXnLXIJAOSW%2BuQJwmMaI8cQSb2Ah9c4mXsChkskE56x2eNnkOBCcQPwVp3UhJQmTUIaNTE99aUdFwAjt89xxVfeYaUQA2YgQRMQ46ku9TjIt0iLvq5AzSelfAGZOaXpKsSzASkyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-turbo-charged-by: LiteSpeed
cf-ray: 7745e5c74a53bb41-FRA

GET
H2 200 adagio.js Show response
script.4dex.io/ 74 KB
23 KB 46ms
25ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RC7A1J3MRAXRGQHM
age: 1057316
x-amz-id-2: UOkusr99iL9JMqkZJJXUKpScCRlJo/uSTjlsRkYNW9Zej1SK98gJeoVgoGKNWEWoeBXsyfvgU0Y=
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
server: cloudflare
etag: W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJvRnCBjsX5qGc56Zy8EDGckocwJOarper3QyZ8sKp26qdbF6jyhxvkAON3mlz9w9T9CVFAQXNwI4juWllE5W5YaZ42HYDnWlM6dXv1mJWPMPgxD%2FRCzjSWVD4IYPFb%2F%2F6x8JoGa%2B%2BB%2FwXD0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7745e5cd5ab99296-FRA

GET
H3 200 container.html Show response
dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D67E 6 KB
3 KB 25ms
9ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:21 GMT
expires: Mon, 04 Dec 2023 16:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame A8B6 192 KB
67 KB 10ms
10ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 484
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: rpIak2Gexm6mjhtHeK0C2_AM11z-rOdH6c7LKXpV1ZaoAhyfHDugNg==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame E299 192 KB
67 KB 12ms
12ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 484
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: iANn-5d8ztlD426yGUXAiUdVoqadS7Jv0i1jttcoTKTety2SnI8EPA==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame CE3A 192 KB
67 KB 8ms
8ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 484
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: 2BzOPKhVWg8P86Ev_AsNocAHA5KZE2z-mf_pwes77vZifFJHqiwiYQ==

GET
H3 200 container.html Show response
dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 21A9 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:21 GMT
expires: Mon, 04 Dec 2023 16:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AEBE 6 KB
3 KB 10ms
9ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:21 GMT
expires: Mon, 04 Dec 2023 16:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7CC6 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:21 GMT
expires: Mon, 04 Dec 2023 16:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame 2E2B 192 KB
67 KB 8ms
8ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 484
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: fbdWoKTCWtrKv-T4penaKIISbAeNU9mFTsGj1QwkESCGtrEcsGtIdw==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame 8C71 192 KB
67 KB 8ms
8ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 484
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: aTOb_sNirvRNg4fiuGkJVDHuY1sw6bOjfKblWIcsN4QJY92u9hj4zw==

GET
H3 200 container.html Show response
dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B6D 6 KB
3 KB 10ms
9ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:21 GMT
expires: Mon, 04 Dec 2023 16:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame 0F4D 192 KB
67 KB 9ms
9ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 484
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: -rL88R9NdxWprMmFVlujfhNEpJBDwPNcoWXNyJMDJ-zob-tZ034mnQ==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame D468 192 KB
67 KB 9ms
8ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 484
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: C19voGXI22Co0nAnPG1VW0DUxSIIQVjiKyBstUVu1aKTNghLzRIIpA==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame CB3D 192 KB
67 KB 11ms
11ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 484
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: 4UpHJIZ2iFuj16T5vRvMN7c9-tqbcY-bCmdqZLtdCObS_SBxKrHN7A==

GET
H3 200 container.html Show response
dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 090E 6 KB
3 KB 11ms
11ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:21 GMT
expires: Mon, 04 Dec 2023 16:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame E154 192 KB
67 KB 8ms
8ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 484
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: YLF-aD7rKmWbGP7zHEysh5rMnRjXdzPiI1IRU5UJl3Lu7KUdnWn9iw==

GET
H3 200 container.html Show response
dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D650 6 KB
3 KB 16ms
12ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:21 GMT
expires: Mon, 04 Dec 2023 16:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame 7711 192 KB
67 KB 17ms
17ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 484
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: icG-n3uOy4m8eoevaOfisc7bXInCRyDmitlti50jphjRTIixhfy1xQ==

GET
H2 200 bateas-residuos.jpg
www.labrujula24.com/wp-content/uploads/2022/12/ 346 KB
347 KB 17ms
16ms Image
image/jpeg 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/uploads/2022/12/bateas-residuos.jpg
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd17f83593fd29b4cf3ffa0530321c093d4d40da9e48c3b5d0b4590ff39d5ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1438
cf-polished: origSize=421347
content-length: 354400
cf-bgj: imgq:100,h2pri
last-modified: Fri, 02 Dec 2022 22:14:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzXCN8eeJHSTpQW2wKbf5t%2FpraYKkxfLe9h1UoF2jpHyB2Z20DMbIo4tkX2LFuCt1FFeBAliAO%2Ff8SBgscKuutbHBA%2BmsY1kjnvwXrbeqASLivYD1qshO2Mh7htSTtHxzWPb4YgERqNaa7DJXa1lPno%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5ce687bbb41-FRA
expires: Sun, 11 Dec 2022 15:21:30 GMT

GET
H2 200 fumigacion6-1.jpg
www.labrujula24.com/wp-content/uploads/2022/12/ 218 KB
219 KB 21ms
21ms Image
image/jpeg 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/wp-content/uploads/2022/12/fumigacion6-1.jpg
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da01470fa976ce99059f0fc48cce38b79b137d04eb79658b757a3305679ade3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1438
cf-polished: origSize=261338
content-length: 223504
cf-bgj: imgq:100,h2pri
last-modified: Fri, 02 Dec 2022 22:12:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKGcZriZx5byT1xj9945815Khiq9rxVHrPJCk7SB40rKXo70qDr9jV0i8IuBDD%2B01FCmrxOfg3lJUzfW1DPPPcg1zIFCV5kbT%2FCchjICkX20u6DSrsLjiv%2BUu4qiKIE0%2BX%2F9m2x%2FoddJWFIqMD7fBBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5ce687fbb41-FRA
expires: Sun, 11 Dec 2022 15:18:45 GMT

GET
H2

200

/ Show response
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame DB7B
Redirect Chain

https://sender.clevernt.com/transporter/56138.php?ppuc=1&ppu=0&id=598423&ref=aHR0cHM6Ly93d3cubGFicnVqdWxhMjQuY29tLw%3D%3D&ruri=&r=630618110&tok=33419711310201791433&t=1670171120&cmpId=&fb=0&iv=-1&c...
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674

4 KB
974 B

109ms
98ms

Document
text/html

2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1f62ccc66595ef17514586f32f092c3275fa255b69bdcc95285be3c979c0cf

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=1800
cf-cache-status: REVALIDATED
cf-ray: 7745e5d0a9c49a24-FRA
content-encoding: br
content-type: text/html
date: Sun, 04 Dec 2022 16:25:23 GMT
expires: Sun, 04 Dec 2022 16:55:23 GMT
last-modified: Sun, 04 Dec 2022 10:04:34 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: V80Sl9REvWrz8ibCm8cotHpijqP8MohmSLCVSex28jiX/qH+4zLCZxYSOz6TsBMGgXe0ZbwW2KI=
x-amz-request-id: ZYTPFE9EC2A99GYW

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 16:25:23 GMT
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Sun, 04 Dec 2022 16:25:23 GMT
location: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
pragma: no-cache
server: nginx

GET
DATA 200
OK truncated
/ 655 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 11ms
11ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 04 Dec 2022 16:25:23 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 9ms
9ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.labrujula24.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
696 B 21ms
21ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU15JWV5
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c39d0965199df797698112751f87e2ad92d60e897143d1028fea5329299191c6

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.labrujula24.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sun, 04 Dec 2022 16:25:23 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
505 B 112ms
112ms XHR
application/json 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.26.0
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 69cb050dbe8ff0d49666e8fb460a2a0c59846b1c4dc461aac991218b5677fc30

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Dec 2022 16:25:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.labrujula24.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
214 B 98ms
98ms XHR
text/plain 3.123.150.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=22736&adtype=banner&auc=%2F22031857995%2FHOME_BIG_02&w=1000&h=300&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.94%20Safari%2F537.36&l=en&dt=1&pid=62240&requestId=2344bc990ffaa56&schain=%5Bobject%20Object%5D&bidfloor=0&d=labrujula24.com&sp=https%253A%252F%252Fwww.labrujula24.com%252F&usp=&coppa=false&videoContext=
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.150.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-150-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.labrujula24.com
date: Sun, 04 Dec 2022 16:25:23 GMT
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
544 B 54ms
43ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=909998
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 458893380bf0a272e9a6f6ac01b719fe971aaeb68a057545b42038c9b5d6f448

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxAETdvpTQO7ylKRt2tVBN4h%2B4tggM4iPXlt%2BKtFwFYRUyBl0KpGqXP7jmIJLK898UEnaZUoE02fwnjL8N39uQqWqoCIfh6K2vxaCUzkJzml2%2B8zgsKXgzZCEC2WfDfnhLdbE%2Fvg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.labrujula24.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7745e5cf28ab9ba7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
346 B 51ms
50ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ad787c5b12c627342078c5820231f55b1da252368359dcc5ac70c1d811ce537

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Sun, 04 Dec 2022 16:25:23 GMT
x-err: Validating the Prebid Request adunits. no valid non-debug AdUnits
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Validating the Prebid Request adunits. No supported banner or video size for adUnit: /22031857995/HOME_BIG_02
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.labrujula24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7745e5cf1d289174-FRA
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 351 B
409 B 85ms
85ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2585480&size_id=113&rp_schain=1.0,1!flower-ads.com,fw0102,1,,,&eid_criteo.com=3qMV719uV0FtUDdYaE93TlMzMWpQTEFPZzhZZVVCWFhhalg3NW9XWDVnUmNtcWhCZ0wycnJVdlJ0ZVpsMkJGME1SY0huZ1VOSUhWWGpsWkloeW9WWnRaaTJuZyUzRCUzRA%5E1&eid_pubcid.org=ba778d19-b4a7-4f86-927e-4fde3eb83c1a%5E1&rf=https%3A%2F%2Fwww.labrujula24.com%2F&tg_i.page=https%3A%2F%2Fwww.labrujula24.com%2F&tg_i.domain=labrujula24.com&tg_i.pbadslot=%2F22031857995%2FHOME_BIG_02&tk_flint=pbjs_lite_v7.26.0&x_source.tid=1cd21801-9427-44b2-88a3-264c068a2be7&l_pb_bid_id=29172f0bbd3ca6a&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F22031857995%2FHOME_BIG_02&slots=1&rand=0.1442643367366312
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3d6e2d352945483ee41d7c08963c0ea4882a8aaadd50a6d0084599f3f65d2019

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.labrujula24.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 351
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200 1097.json Show response
id5-sync.com/g/v2/ 216 B
629 B 28ms
9ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1097.json

Requested by

Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/prebid7.26.0.brujula24.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

d8ef22d7fa4cf37a1fb485b1d3913dc02e66a31608977747fabc7345774806d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.labrujula24.com
date: Sun, 04 Dec 2022 16:25:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 /
call.cleverwebserver.com/ 43 B
156 B 101ms
91ms Image
image/gif 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://call.cleverwebserver.com/?id=56138&c=DE&r=null&l=2225&b=Chrome&os=Win10&mob=0&v=1.28.0&ref=aHR0cHM6Ly93d3cubGFicnVqdWxhMjQuY29tLw%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7745e5cf8f779a24-FRA
content-length: 43
content-type: image/gif

POST
H2 204 rum Show response
servicios.labrujula24.com/cdn-cgi/ Frame 81F0 0
212 B 14ms
14ms XHR
text/plain 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicios.labrujula24.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://servicios.labrujula24.com/cotizaciones/index.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type: application/json

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://servicios.labrujula24.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7745e5cf7ac8bb41-FRA

GET
H2 200 web Show response
onesignal.com/api/v1/sync/ac339ff8-99a8-42ff-ab79-18576e0f887f/ 3 KB
2 KB 71ms
61ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/ac339ff8-99a8-42ff-ab79-18576e0f887f/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017e84c828e13d620bd504940eca41510f251ba207ccad8087437dabd9b3d335

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
status: 200 OK
x-envoy-upstream-service-time: 29
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e25cc04e-5e11-44ff-afd0-33a9de54332a
x-runtime: 0.027696
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"017e84c828e13d620bd504940eca4151"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7745e5cf9ca99bc2-FRA
access-control-allow-headers: SDK-Version
expires: Sun, 04 Dec 2022 17:25:23 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame D67E 192 KB
67 KB 8ms
8ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 485
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: v_vEZoR1dyrncS1xn8KJ3W-NOH8p-TdOhGUZCiAquLvugeuLPZ_cPg==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame 21A9 192 KB
67 KB 10ms
10ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 485
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: HbsJ4PSmMpvOAJvocIYeDhbwyAR5TNElC-Z_Ukp4bzn1Gc4KjYoS8A==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame AEBE 192 KB
67 KB 11ms
11ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 485
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: B4nJkJdSA0Ygz-Go2O4sDpsy5VdfvBJwGxuLPTfeHn5IgmyJS8DJFw==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame 7CC6 192 KB
67 KB 9ms
9ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 485
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: awDAVcEkBmFSQwN1d-kyy7YiOX2HdwFa-Y0xm72lJ7e6-B34EniRDw==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame 7B6D 192 KB
67 KB 12ms
12ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 485
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: 4dVEAtG3heWeaYFKuUKRl13a-BGN9g0oTUjDTWKKWGnaLjxYtZ8XfA==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame 090E 192 KB
67 KB 14ms
13ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 485
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: eX1-LZTlaJUj2SmON6yqYcLuLeQzMF4IBRogLHy2Tdgi8i_re0fKcQ==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/ Frame D650 192 KB
67 KB 20ms
17ms Script
text/javascript 2600:9000:206f:1000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:17:19 GMT
content-encoding: br
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-version-id: uy7RlPab5Bv.arauVKH8u5dOxhOYA4.Q
last-modified: Sun, 04 Dec 2022 16:12:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 485
etag: W/"e6faada8afa4975b396870db3cb9a6d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: NRNIwK8MnBxl0RsCgoNH9obAe55qpNFBUaImbWDeKgnsn_sQfYiCbw==

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame A8B6 0
95 B 578ms
299ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A8B6 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHPHYQLVkDOhnk7OGLRvT-1tZy_q0J163IbAe42g8cX2S0PeUFglKKCnkJKLK7tLTatL-a0PadQ5OIe76Y_Vln3TjtNU4I6VFZncN6lH7m5aZdaMuRVK1ygG2iPL_HJXm0sbcGi7VHiy1fGU1I_fb69NaDcvGbupYJYPtwNmV0n3vdWJk7rYvhd36BGunAt2ArszD2DU6qBqMmcxKcWys72f5owaK7z4cTxo4FLPK5TaXH5PwNIREYpJxRgsm2br6z_aH8u_8cut427DXWKVe-Y3mJz0Cb2gO_pOLqq6PPTYSX6TABk0wEHTcVF16oIfL7Qt4&sai=AMfl-YT0TVd1-D_SlI6tb-NhPzEYDp1TOH1DkbMfK8rm3EG-_lRI_pjUbJu6fcU8HqErSxo2qqpqzKjHmWg3rlB8f_k3eB31r3IUbN0QO-rsBPnOLo_AOHUx8IXStAVQW0Uxqw&sig=Cg0ArKJSzCzwlvQfP3IwEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame A8B6 23 KB
9 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A8B6 3 KB
1 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A8B6 0
0 69ms
16ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3sIGy7MUPh6FFhNf7rD0OnZBg92IMopFYgPOrTa8MQljBRRq054wPv-UgwaEiiz3qnDHhNRAsy0DDdOLLeix6TCYByg
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8B6 155 KB
47 KB 93ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H2 200 14607722654784830319
tpc.googlesyndication.com/simgad/ Frame A8B6 47 KB
47 KB 35ms
21ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14607722654784830319

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f3ac675e1c4e41a1775ff6d536e299f60707e4f7e74f2b9528b9d2f44f6e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 12:25:00 GMT
x-content-type-options: nosniff
age: 187223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48144
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 17:34:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 12:25:00 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame E299 0
96 B 552ms
282ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E299 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssft4R45kxWH0Gy8qFlw5VkG2OvdpXCV8R-PJrfzFMWYTDeHEDFRNKsCyolUTrvVWdCZ_VW0kOpy8fmQRzto1PPAJc6zQtXwPrwU2f7ejuMK7LYQD2v61nwQMV7eWh61sfcGKD9aOK-A2sANteCx3J95Z8xMli2OHlHaa4P7mGUqqpCvLCgHJ5zpOZgZGtYZyoB5EBNNGshR-v-V0vqWg5XniSiTL66Kh-Mq266y7dksU-MN4LQHBaBqoNEiETYy2_Jewr5qFacmInbluLGhQ7YWsBuYEgDW-lHb2LyWJlvZvCS6X5PDrJuVS4UcmTafQjiBF0&sai=AMfl-YQLtp5eUbgJr_aztfWMecu1PVPYvHGvPID8mAkRtVaQbJ38pvwHNXO-7q8WILCs2Njuz7mweryoM6N2dJ6_-SCdcxpmfBooOQGYnhKMRximq9oZz3n_D4uRFfoTO-RYhg&sig=Cg0ArKJSzLXWUZzpFrJ6EAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame E299 23 KB
9 KB 18ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E299 3 KB
1 KB 24ms
16ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E299 0
0 62ms
16ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2Gkpm6xsmCfwXWXgFE_yvbMHQ6aSd0E6WVf2Y-hGs7zaQTRtD5cU6UhTdGTRW9kL7fTBixC4sWQf9Xc8VZW1Z_D2UCg
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E299 155 KB
47 KB 82ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H2 200 1579117272310578426
tpc.googlesyndication.com/simgad/ Frame E299 62 KB
62 KB 24ms
17ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1579117272310578426

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9bd1abe1d2aa2df1e9f258c7c45adb8e2c222e20ed5d4678c40fffa136003d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:29:03 GMT
x-content-type-options: nosniff
age: 176180
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63040
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 16:48:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 15:29:03 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame CE3A 0
95 B 549ms
285ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CE3A 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzUbFQsYongw9biNAag4OXuW7f1j3h3RKbn3-HB_53YmBnlGmHsEJd_sdHYDLd9LHwW3qjg6yEleS26wf2TezWcusttsVHDBPgIPB9rtutnacCUWSsiwmXOtlyCTNOqQLpqdcA-4lvTzBzy9ZyjA4poW79UgF2OXl1l7V9T5zEbJqD-1q-GLsCOSptGWjH6jRkMgrva7ubDADzZBl5Ah60B2Sqcta8pfLOgIC-TQG66MwqaJMX74Gd4bOP2U5Rpr3-ruH-UfK6Dwtrr2z1pFpGm9ey-x1CHI-XFsRknoCEqXMxxOZ46XJLLncU4r1hRSQ&sai=AMfl-YR35oQu1hUOeWRKSKAwLsQGxmu8k3kX9uz0ca7_NFpUyRRRX0ZqtYq5srHnNTB8xnnO7hdvGviV0GLvwb-_BMPsGygyjggA62CYYf5LSI3_WNA15gi96uancTRkYwj1fw&sig=Cg0ArKJSzF131zciPdpGEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame CE3A 23 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CE3A 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CE3A 0
0 27ms
17ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxId460ippVpv3zEO7BiysOLH5l6yFanQAfMz_M68US81aNap8827fUEdjY4_mkDslq1ppIXV8EDhprAK3Y9YpdZHgHw
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE3A 155 KB
47 KB 56ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 3023996722182665400
tpc.googlesyndication.com/simgad/ Frame CE3A 65 KB
65 KB 28ms
23ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3023996722182665400

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79afb092e04dace1fef9df22acaa2e86cfc41cb58cca46bad33b1acf8011cf1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 02:25:54 GMT
x-content-type-options: nosniff
age: 136769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66825
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 15:24:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 02:25:54 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 8C71 0
95 B 544ms
286ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C71 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVekL4j7ZOXpCL1qFk6u8jTNYk5jAOj_5UXCZSNY90B9IPdGkTJjF7FrGjMFEq74WvLIOWet6u-aj4nPLOmovk_UWjQGJ52FkKw-5G4RrJg8zktdtQL2eUKM8tS3R47T1V26-JiC_kpmYdeNAFIRf2fax-HXk5CdD68if151pBDp6vhOxd7rv_BxoQli57_STrvYf4y0NAnuux6f9pWFBlsLfEo3jSDq5qEi4WJT_e09Mbw8mC5f_25t1qF5dhFitUcCxq0FS3cMaBwzFlG-Bk7tscIn-Jbo1XbwN7eim5Z5sh1Bu9uRNKm5JeNoeYJN6CT8zo&sai=AMfl-YSXGh_IN0P8BnGfWoZaAMC_DrePu-mV6_BJxqLDrhl1AdI5CBAOW-zsuOf439SaPXrACtU9RZ70DWQGny9Cmqu4aais655y0Vpe0MgEk8-mBogkd4klrri9C9Rg7EZF8A&sig=Cg0ArKJSzIb9G9si5u8XEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 8C71 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8C71 3 KB
1 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8C71 0
0 24ms
17ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_3IcKX1Oxc3QHoaA4WYTZDTpTqPWFhIbi6sJuTlwR-7ax7SRxKxTTjZpTIwHVuDApDoLZDsQjhNHpwLLj5wcxXX8UMQ
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C71 155 KB
47 KB 73ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 14597434803250754798
tpc.googlesyndication.com/simgad/ Frame 8C71 234 KB
234 KB 26ms
23ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14597434803250754798

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e8a7d090d8bba6dbd500fb9438c2f3efbb23da3545dc3ca973503f2ab0e73b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 13:19:00 GMT
x-content-type-options: nosniff
age: 97583
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239138
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 16:54:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 13:19:00 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 2E2B 0
95 B 535ms
285ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E2B 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCjlHJDv5GyiSbE5ldGEfbz37SeLjLl8sfT2BEXD8eJWjN2U5Fg_vW8dNpjF5XNQmJZYBnUBEs33UvOW2RnjGpud2gSaTJApIcTjdybhDeMM61KVaXj--65fbyKN9B8JG7Lp11xonfuRz7YkJTKIuwkGWEmcsp1YxtTz7ijn_dhcDzAu1FGV8RrGlBc9BPKJVtwEQXtLWrfjZ4iLN_thM0CrtgCyntLOgFYZ4VZtptBRvoBFs01vHccDzaeYM_YkvfQJe6kxHxr4Eeu75knzJ9CO34vLjYhhTB0cAFyzK06-nN8X3TOnAWEXdAM4yXUnAJgNbD&sai=AMfl-YTqqNjYTymLEaug9YVoIWvZzL82GM70DrPofefe3tlApbSo7wYK3HXEQXu9bFcVArM8ZOJHW46DavlAi8hfZ9O8V7A48kP_cZ7pJX0gYjo5XYBEi3z8TrKpilFvzQ1iYw&sig=Cg0ArKJSzNybLjjZ6JA3EAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 2E2B 23 KB
9 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2E2B 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2E2B 0
0 23ms
17ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpo-ape0JLz6M2AAglnglQRNtEcRMax5szylNFqyH1oGoEnw8f7xdqW8GDD-bn4rby11HmS15EJPtFZGmRBvrPtHjEzw
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E2B 155 KB
47 KB 64ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 11517652256520696324
tpc.googlesyndication.com/simgad/ Frame 2E2B 345 KB
345 KB 17ms
15ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11517652256520696324

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f324a5c16f39113f5e9a304f836572377784710629ee6f3d0fc7902d3521d4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:12:15 GMT
x-content-type-options: nosniff
age: 198788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 353128
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 20:48:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 09:12:15 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 0F4D 0
95 B 525ms
284ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 0F4D 221 KB
61 KB 87ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Dec 2022 16:29:52 GMT
age: 258931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Dec 2023 16:29:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0F4D 14 KB
5 KB 65ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Dec 2022 07:11:23 GMT
age: 206040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 07:11:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0F4D 94 KB
28 KB 66ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Dec 2022 21:42:14 GMT
age: 153789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 21:42:14 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0F4D 72 KB
16 KB 70ms
32ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-animation-0.1.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe75d0fb01c62e14b75d418f8e5bb6e413e49610f564e90248669d7e3513403

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 28 Nov 2022 18:08:54 GMT
age: 512189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16659
x-xss-protection: 0
server: sffe
etag: "94fac542ca9cc297"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Nov 2023 18:08:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0F4D 5 KB
2 KB 68ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Dec 2022 16:29:52 GMT
age: 258931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Dec 2023 16:29:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0F4D 40 KB
13 KB 69ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Dec 2022 16:29:52 GMT
age: 258931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Dec 2023 16:29:52 GMT

GET
DATA 200
OK truncated
/ Frame 0F4D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77d7a6fb60cc657d75c18e592577eab4557abef145245c9d638e32a558e0f530

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 28444a0056af66d80a1e16c8ea13f2ec__cr_w970_h250_x-104_y-67.jpg
tpc.googlesyndication.com/sadbundle/1299547854852663204/ Frame 0F4D 42 KB
42 KB 24ms
17ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1299547854852663204/28444a0056af66d80a1e16c8ea13f2ec__cr_w970_h250_x-104_y-67.jpg

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f0320a2d40ff5310891622b85610a3b5d935ee745f33c85c1d20f25b0e152d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:48:36 GMT
x-content-type-options: nosniff
age: 596207
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42945
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 14:37:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 18:48:36 GMT

GET
H3 200 b4ebb1a21908ce675a57cba46da81051__cr_w123_h98_x0_y0.png
tpc.googlesyndication.com/sadbundle/1299547854852663204/ Frame 0F4D 4 KB
4 KB 21ms
14ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1299547854852663204/b4ebb1a21908ce675a57cba46da81051__cr_w123_h98_x0_y0.png

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b4591a1b52d125d97258e597a4cdf1b7ca20b6f5532346bd861a2d264df2c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:48:36 GMT
x-content-type-options: nosniff
age: 596207
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4156
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 14:37:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 18:48:36 GMT

GET
H3 200 0e6bb28d7aa9aa6376a1b2669c124699__cr_w313_h79_x0_y0.png
tpc.googlesyndication.com/sadbundle/1299547854852663204/ Frame 0F4D 6 KB
6 KB 23ms
16ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1299547854852663204/0e6bb28d7aa9aa6376a1b2669c124699__cr_w313_h79_x0_y0.png

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

680d7a85642baaca400b6e65283333e7036610603b30084399cd3773ecbce7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:42:28 GMT
x-content-type-options: nosniff
age: 596575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6502
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 14:37:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 18:42:28 GMT

GET
H3 200 ca95836128b85338824a016f24a242f1__cr_w970_h250_x-298_y-103.jpg
tpc.googlesyndication.com/sadbundle/1299547854852663204/ Frame 0F4D 36 KB
36 KB 22ms
15ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1299547854852663204/ca95836128b85338824a016f24a242f1__cr_w970_h250_x-298_y-103.jpg

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af640d92477458b84d4cb9265c1976af8d38e247afa482f17c7a7c456ba62fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:42:28 GMT
x-content-type-options: nosniff
age: 596575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36722
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 14:37:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 18:42:28 GMT

GET
H3 200 c7e606effd6b9dbe0dd392224ac1babd__cr_w363_h164_x0_y0.png
tpc.googlesyndication.com/sadbundle/1299547854852663204/ Frame 0F4D 20 KB
20 KB 26ms
19ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1299547854852663204/c7e606effd6b9dbe0dd392224ac1babd__cr_w363_h164_x0_y0.png

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfa08db03641a67cbb347c3c0b04de1888de3a1ec4f3b9cbe39558e98c338ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:42:28 GMT
x-content-type-options: nosniff
age: 596575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20559
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 14:37:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 18:42:28 GMT

GET
H3 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0F4D 3 KB
3 KB 26ms
20ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 05:47:19 GMT
x-content-type-options: nosniff
server: cafe
age: 38284
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Mon, 05 Dec 2022 05:47:19 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0F4D 295 B
319 B 19ms
13ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.labrujula24.com
URL: https://www.labrujula24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 23560
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 05 Dec 2022 09:52:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0F4D 0
0 46ms
18ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIAI1WP1IHOKDQg2Qp63l2KRVBxq7fZAkYtlQBYoSBG8aXIOgFY_JdaHEGaQ3Vaw2FCnYh1oiiz2VN1mVTk_w_N5XC2A
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0F4D 0
0 63ms
57ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyT4B8cmMY83nGuzG7_UP7qKYyASziYW9bb7wyMjFEP_1qJicNxABIKeS_XxglYKAgJgHoAHFgMekA8gBCakCRL-0GpessT7gAgCoAwHIAwiqBJ8CT9A1GUgucV_VURq6CmooqpPmygVext61q6Q3mtwxXtXfRkpIPNM6uBMyWK-PeyUZ3ZjvSulcDtGINfMQgbh7phaj6CL7ztIy2sy_gqJNDIVjIu92rehn4fNzLXub6U_4e8PkyfhV3froEfHHgUzwemhIFMkpE-p-UbZ_lkBeMjNWeHhbd5GdeCAGYYPaxM4uamCpX9MntzLE7y6hT-HGlVUHy9UBeTmBiE_idnOidsWZJkqjbLuYCVj00ToZlYm7_UaR8R8sjLtcdU59dvtPLPwKIUBxVzL-V_JnxjMLqlVgTC-0r772pWdbAWymLnn8Cm5yfkU0mHMvt-LFChEzMuoVym8pEfKs7eCVOR4NVcB_8ERjgvOHHFiaezSezGHABNXnzLuVBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAej_7hbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4s0h0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwrQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDU0NDk1MTE2ODA5ODIzMhjahnc&sigh=YFuGf4HjMMA&uach_m=[UACH]&cid=CAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM&template_id=419
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame CB3D 0
95 B 514ms
286ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB3D 0
0 53ms
51ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvB8ZIf8pmwZDZ9rkyKjbL58o9b8pPO06LAHOf1ncJijOX_noNqLP0tCXKXW8BGpZIujsmOENyEyMtieqEslQ2uz_CnwyxdIOffUoO9X6nPAGlM50u83qWOA9P2HZUT3Aa8p8T0-RqxSfe19mPZf95di3ya53P0Pyj-geHyZDltX0PMKLLj-rdAxVHajFCVe4CSjZcVyZ9BQDakVPiOf7xrRtwTBMQXdxHhzdK2SSMGbGhSigAPOuZaiIy59DQmdNu-OUPVKS8rfvj4BXY6vL0beRFhIxO2dDHvKdqwj-unC_2RpoBsP_kG5nXEZyS4G_A&sai=AMfl-YQregHpBNgG76wCnvd7-KOt-48mDyPeUO6YiUX-JvulFcfzV6-bcHTid9lO5ZiGGxdQL2SziYR5XzAWDdhEVrAOqKXoOdjMENeR3vn1y5ZKdUzYKRt8DO4V2RwPFhltYg&sig=Cg0ArKJSzGIztV4UJ_V3EAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame CB3D 23 KB
9 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CB3D 3 KB
1 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB3D 155 KB
48 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 15967289181732833278
tpc.googlesyndication.com/simgad/ Frame CB3D 18 KB
18 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15967289181732833278

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbdaba4d5365bfc364f02b9299f0e259780a323cf7790eac4033b55f4897766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 22:32:10 GMT
x-content-type-options: nosniff
age: 64393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18343
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 12:45:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 22:32:10 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame D468 0
95 B 511ms
291ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D468 0
0 53ms
51ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssz0pth4RpakLpkNXwC1sdCFaH-4bYERwi2-jn6SDO50YQvIMKk4XHYzo-WfdRlVSPJI7juph_8JmvQ5XoszxHspGiUmKRcCRbNLfxEPbSoTZegxC0hWNzm3MN3EJaf01JH7TUsYGsuxjmnuce8aw6Bgc-NDYc4m0pf0T0xtbip5QyF7rBDklAEsO_DWE32ffOVGHUB0QeBwwQeCCxBC0BdJOAa4zUXPNLClueVhC08Gyo32Lb1tF9xTAfubRuaGYU5FsK3-47AY3tvMlaHPAGsWPxlG8RclduBE0rw6wBk9D2Prr2erV01Mai5sfKyfD9fXWPObJR&sai=AMfl-YRjvWJ63s3TA2tb2zLhZdRk6Zw4kAyRTh5Rpe35E9yC51-pVUzXIGcnHOnUBBTcZFqpRVbT6PccVKiB_sU1gJ7NMT4Rjbxy2J2kE-A0X_gBqq_tQeTO2fopF27JkGNtww&sig=Cg0ArKJSzG6CHNN-31ipEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D468 23 KB
9 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D468 3 KB
1 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D468 0
0 29ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVWuL9vX9k_gz7WhRMzkeqRn9IzhxLfIrjhY1fqWmopkmP4LHu1wnaNjRSVcWRMMLxiiFgD5qaAIU9jayDDXASUZdd4g
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D468 155 KB
47 KB 51ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 14448731758022330885
tpc.googlesyndication.com/simgad/ Frame D468 68 KB
68 KB 21ms
14ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14448731758022330885

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f39bc8d6a5dbcbe8725d21c2cee12069d3f757714aa3748d41298e7f1058fe67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 17:32:55 GMT
x-content-type-options: nosniff
age: 255148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69149
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 21:10:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 17:32:55 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame E154 0
95 B 536ms
342ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E154 0
0 46ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth3p_KW-X__CAPL5ZbKBJuqM3YNaT0NpXPFPqqfv_62JfDlf6TUwSwYsyLdBnY58NrBBCEDVIKAoAtz95aoD4MzSbj3R2y4XKhHCePg2UElC8qsyR000btF8OAlyKuS3JHmJT4lBzsypgoq98GsfKzk-xBAVsry8fcjlQJqWKOXeNyVLSkctcyQjNHqOmQwSr9Q-SI0eRwruSANE6KGPCxmizU6hLeYVq2PGebdHLBAqY-d-V2o_7IJQzWvK-lwMrkf3Jt6fQeBPjHVEDy0_pWQifAuDqBMBM0YFdC6KiZK14_bp5aHevvYgbf47gdpPK06pZk275-&sai=AMfl-YTxej1ftsQ7Y5fS8b8zRJbMhx45Xwscl05kXMWd6Qb07QNS1y4_FGkkEJ4zfJyXC724iNnH52lZ21ByaY3-MytwFHbMCVzKom3NgmuKAmDnW0weSWRIkEKhgtHZbR6TOg&sig=Cg0ArKJSzPWdDgJWGcmDEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame E154 23 KB
9 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E154 3 KB
1 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E154 0
0 35ms
18ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXrm_VIchkqJ52oZ0TX9tDAY-0UNb-paI3FDJ6zjAfHkEkL6GKqVnMxy65ZrIYjIRBrxEqdj3qSFNdpBwPgTRu3NP07Q
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E154 155 KB
47 KB 65ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 3565725400450686868
tpc.googlesyndication.com/simgad/ Frame E154 79 KB
79 KB 79ms
77ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3565725400450686868

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

080167517b95b372af435c48b04b5b78171a4130864199a6901028d6ccd13ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80999
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 13:53:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 04 Dec 2023 16:25:23 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 7711 0
95 B 468ms
286ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7711 0
0 57ms
46ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_NJQiDop6jdWz9TfSvBiAdJaWUmAhguARp9lpOg5uiRLee8zpfelgxqPJWz3HDiKMTi6nksisRryz0jV41pwmr0KQEVogvfZOiGVVgUDycMvwWXk-WMgLX0yWdReGdseQwg2DXdDRmVGKAKYkgO4XLkcMCzcFOeGUwnpSTJc8DQ46VBrZTW0G3Ghk8hK0GX4Jf_b1r18snay00Cn8hkvrJv11UzfMz-F8uv3Hwml0GeM2Ji6Jqco7OIIDVF-Nx07Uo2Q6M2T4Bnr27gKM0Gm0Zi0vKGLiEAJXnMZeLglmrc93Z3oE2vnxwNOoEAp9R2sQdf3HeD6MYqYw&sai=AMfl-YS8rkiWZV0B0W_jwec3eBfqn-teA41dRpux4x3vzIV2TpPoQ3gu_dxpZEO8-aUmMI2NteXK76pV_cuThqQoi1IdT--Q0h2qwFy1kajeJ7esXKsyjPcn7ZePEcXBQKzbFw&sig=Cg0ArKJSzO4Q3B4leWlgEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 7711 23 KB
9 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7711 3 KB
1 KB 26ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7711 0
0 36ms
25ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSP1Iu8T4mGSRtB0ithOL1Rf3H4E0SnDw_jmaOiKsHYzmJDKeAYOn9_iNn5KXtdCUV7C1WyNRZV2o4HRC7jDux-RMAreg
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7711 155 KB
47 KB 68ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 7278587572710027412
tpc.googlesyndication.com/simgad/ Frame 7711 99 KB
99 KB 27ms
17ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7278587572710027412

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05faa60c17641d50de6c2fe48f9519788fcce1ccd78b5caee06ab7678f7ea33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:12:17 GMT
x-content-type-options: nosniff
age: 198786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101102
x-xss-protection: 0
last-modified: Wed, 09 Sep 2020 21:52:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 09:12:17 GMT

GET
H2 200 bid_op.json Show response
3pl.bidsolo.io/5ErpIibaDtnHAxAT6aUoSP/default/1/ 5 KB
2 KB 71ms
20ms XHR
application/json 2606:4700:20::681a:138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3pl.bidsolo.io/5ErpIibaDtnHAxAT6aUoSP/default/1/bid_op.json
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/brujula24/hb_brujula24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97615dc21d0ee6e53a4540adea59feb5b8b155d0992f7ce6c7e1e95f831f7f27

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3148
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"13ed-63825b56-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iaGRuREyzo6AyicCJYy9ZqASsQzgthoWfbTJ6FJ3QMGwvI5x95jl43xq7QQzG21RA9F1HvhZ6P6hxPzJwTRbxheiAHBXop%2BmFDORi0FcCcRKddv6ef89zVYbsyfehAvnViAWwoyzGRM7Y7J"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7745e5d18da892b9-FRA
expires: Sun, 04 Dec 2022 16:32:34 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 21A9 0
95 B 370ms
370ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame D67E 0
95 B 451ms
451ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
DATA 200
OK truncated
/ Frame E299 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f97f671c74df06d2401109e9a7efdde3d83a245b5cb6d8dad5d62d40257388a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E299 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQJhLilSmqwye-Ps5jPJSFaM2Fw_OUXuaMMPKVXeb6-ylAhaZ3YDTY17tQZdwzCwEdq66T0xR_Ch8jIECRWsXyzZtL9PE3n-sNRuZGDsr1XCd9OBun3LhHIbinV-aMHdyzi7-KMLLtrv7swA69h5KCy82hz1BE_h--2Y-9nhCQiUmycSr796et2o8hXBrMeyQ8XRQjiAqP1OjU1aH5feR19wbcGLRX9-3wpog2Ytz2EZx1OFf_0OPjkK5J9OIhJf4TzMZby9dgOlIBfXBDXjb1ISyYqXtYmunrlw5RhohY5bfjSCFpoFRDVa5XS8gvXR4gNBCTkQ&sai=AMfl-YTa0vmMC3_I_lVUz5-sxfF0i8ryL0VeldJoZogAOKctyVcsMJfdKLGIDwhPVSa6kgl8LCmK5jJGSfVFtxe8cMN91dBg4V_MmXcVmiuQexIiBv9DmK8gFbo0lPegD1Ut5w&sig=Cg0ArKJSzID70ZbtYfrvEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
DATA 200
OK truncated
/ Frame 2E2B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3aa6066328b9df5da9ed6e9a4a1394b93a702b39b2decf9351b278b24f495fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E2B 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssp4DmavC-NHMAxcVpn5u8TLUNRFHoLrDc5AokMIPL8BPNLHMp5t-AnMqR1thC_35dfnVbrQi1nHqS7G_l6JhkrmKR9SfTETErclDTrhoaUV17m_wRBDrYW1LSjaXYj2FOE_cCOJ1h75sg2ul8nQTD6hPdvCEo9F5RJxkC8Ob3NZB23DiREo-XJdjs7XVa0QAMFG-kXbtZDCJBScSuIMrff_WdQs65x1LKhffV_AM_1NGdgE_Ld3XO4RPtzZ9I3qrO4TTDgUo0S5OsbS_E4CUtAj8hCA1V2T8uSzwi85N8kD3m-aIVTPw8umeBkEbsu8leiVMK-C6o&sai=AMfl-YRy36iox44FgNXko3VsxuBHSiByFGCHj98CyEsK4EibRwUEVREsv3oAPguJl1KHiehsy7Owkp7Jtgx_4QcCYV-ISZPq54sf1HKmhBGzpo6NCH1GS9RtkmJHEM-EpRUeSw&sig=Cg0ArKJSzBKzIacabao8EAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H2 200 style.css
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame DB7B 11 KB
2 KB 36ms
35ms Stylesheet
text/css 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57e4f09712f9ca05fdc60d34ef9308ffc80a592d3fb4035decd71080fa23d1b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: QPEJ21R5E4V55FMV
age: 84
cf-polished: origSize=11956
x-amz-id-2: MC4t6O9JGKFQTGyDqeQzdrSmkoSn/MFLnR1V3nj1zBnpri5o03UKeIIXFyeg9WybnVknduWJDhs=
cf-bgj: minify
last-modified: Sun, 04 Dec 2022 10:06:32 GMT
server: cloudflare
etag: W/"bf5b43010766718411fff126585ba859"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
cf-ray: 7745e5d1fcee9a24-FRA
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 anzeige.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 1 KB
899 B 34ms
34ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/anzeige.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Dec 2022 20:54:16 GMT
server: cloudflare
x-amz-request-id: 09VB5ZTT424X2FWB
age: 1638
etag: W/"3e9d1a10a1056de77db1bab72b55ef1c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d1fcf79a24-FRA
x-amz-id-2: 3RKKaT9lpZZy2jgO4TE6b7+7kfQerBgwCyHwiBcVmv+f/ctwof9LpcR5iF1SG6UzcZj0zH44Ko8=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 logo.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 2 KB
1 KB 125ms
117ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/logo.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Dec 2022 20:52:17 GMT
server: cloudflare
x-amz-request-id: 7TSDN106A1N00QAM
age: 238
etag: W/"89cc1efb4630095200908a2c0e01275c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d31f499a24-FRA
x-amz-id-2: SQk2iApOcHSE4129W3SnUjK+oY4NoYX+OdIOTrrqfwPWnxNbJAyBEhaZTOo5DXOpH4epEwvh5UY=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 copy_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 12 KB
4 KB 56ms
48ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 10:07:50 GMT
server: cloudflare
x-amz-request-id: FV8E3VF2AP35D0WS
age: 1392
etag: W/"48521ed69677855391819664023f03a2"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d31f4a9a24-FRA
x-amz-id-2: AyKHUNNQ8Uf3cj3BSGEBYj5QwnuFxkC1wT5aJR2oJt5Z0fI4gQcF4k6YRpeM9Cc2BkR02ByL/Ag=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 copy_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 12 KB
4 KB 40ms
33ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 20:06:08 GMT
server: cloudflare
x-amz-request-id: E7XGWCVM6CNAC2VD
age: 238
etag: W/"b021ae3bd30deb5a02a9d0476e269ae5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d31f4c9a24-FRA
x-amz-id-2: 6ciIqproHJlyzZ+Rwvl6IIAR3vW+uUptA6bf69YzyzknAppHmxYxKAzJDsCUBBbLaDlo99MeIJs=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 copy.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 12 KB
4 KB 42ms
35ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 20:07:46 GMT
server: cloudflare
x-amz-request-id: 0VM46C6Q09GF9AM3
age: 475
etag: W/"6a14ab0d467b44cc536dff1c855843d1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d31f4f9a24-FRA
x-amz-id-2: jQjnChxT2dfe8pcuu7Gnliz0fhxRhBklhdOXSWMV6YzxL7II4LvdCmUHFU521KxBvEaBdmB7TD4=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 copy2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 5 KB
2 KB 41ms
35ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 27 Nov 2022 20:06:44 GMT
server: cloudflare
x-amz-request-id: CY8B0GP1NMTAZRSR
age: 238
etag: W/"beb4ce05eda61995a0eba82cbef0fb8e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d31f519a24-FRA
x-amz-id-2: dBbUyDuwve33x396WZVOOICM00KD1cbF9yM6+5YZv119U467o/8dmth9xLb3bVru3QGuez9iw7g=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 copy2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 5 KB
2 KB 41ms
35ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 20:06:08 GMT
server: cloudflare
x-amz-request-id: 4KGBES0J31KH4BV2
age: 747
etag: W/"5dafc545e73be5464256dd78dc118a9c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d31f539a24-FRA
x-amz-id-2: IHZQcYj0y6QfuNmXWlEEqogA6kktZN3YHgtuDgixzKHoyYE18XS6IAB1vMy99J5whfvQqmWN8Wo=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 copy2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 5 KB
2 KB 29ms
24ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 20:07:46 GMT
server: cloudflare
x-amz-request-id: W9JJBTQ18TAP6Y4K
age: 238
etag: W/"dc43a4e11b82fa41efb8bdc2acd73425"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d36ff09a24-FRA
x-amz-id-2: +nw0TzXSAPP/ZW7NH5WI+foRJsFPNPTafc4xdSZFRbHz9z5xrihCA5f3MkPVJ2v7QAEP0YO6oH8=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 copy3.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 6 KB
2 KB 53ms
48ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy3.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Dec 2022 20:54:16 GMT
server: cloudflare
x-amz-request-id: SJKB5FNM37TYM5RC
age: 475
etag: W/"9048820dc635dbe10d09725e919ba54f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d36ff29a24-FRA
x-amz-id-2: zlcAvcPE8n9KLLPoxRHW+3PulLci5/Iz3L+cJNOKzphFFPoCPqE6V8qRclD3zWF0WewWICZ0jWw=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 cta.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 3 KB
1 KB 36ms
32ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/cta.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 10:07:50 GMT
server: cloudflare
x-amz-request-id: A50Z8GN51FVD2CN2
age: 772
etag: W/"b26d0f732978180e7c2480406f97e7f3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d36ff39a24-FRA
x-amz-id-2: UFfBj3ALrg9cZ0Uu8zZtwx9YOQH7BA+kLEwKrmeiXrCCkt900DpMrG+A0swSfldUwOhvFlmm5FA=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 legal2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 12 KB
4 KB 55ms
51ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushmobile.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Dec 2022 10:06:32 GMT
server: cloudflare
x-amz-request-id: DCHPMZ43E4VRD1E6
age: 475
etag: W/"22316355cfe04cd150c2b810a54167a4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d388499a24-FRA
x-amz-id-2: LFeYEownKU7lXfbkqyzLaT/2ZHKm7u2YEq6l+rArDN8l5BSe4++OZoqsgLxHZwMZSQYnQ1XTcEc=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 legal2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 33 KB
6 KB 94ms
94ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushdown.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 01:36:37 GMT
server: cloudflare
x-amz-request-id: VJYYM7BC47KCD46Q
age: 1685
etag: W/"19cfc2171558b226e44590caa30ac756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d3884b9a24-FRA
x-amz-id-2: /wNgZ4fcsH6ZYOb552jjW7tupWQDntDTag3f2Y8kOam5dRkgveAfEdlH2JT/seNyGfd6K0/fxjM=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 legal2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 33 KB
6 KB 31ms
31ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2.svg?v=5
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Dec 2022 10:04:34 GMT
server: cloudflare
x-amz-request-id: 3MT4ND6M170GMRN2
age: 232
etag: W/"a33282a0f66d9e18e14ed6c9fa761dd6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7745e5d3884f9a24-FRA
x-amz-id-2: 0aXcofNuZ4VWXAcMvDZoFHMtTmUMUNdNgEVNPC1rj0z90xa9gmCmk7pfzhSF9hV8jJV3bBztBjM=
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame DB7B 12 KB
4 KB 14ms
11ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
server: cloudflare
etag: W/"6387a18d-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7745e5d3b8a79a24-FRA
expires: Tue, 06 Dec 2022 16:25:23 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame D650 0
95 B 399ms
399ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 7CC6 0
95 B 389ms
388ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame AEBE 0
95 B 387ms
387ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 090E 0
95 B 384ms
383ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
DATA 200
OK truncated
/ Frame A8B6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30737a07e3c8780aa453f71ee18a470028dbef22f14c26e1dc1f34d603a246c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CE3A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2cf09305561b3108bcd21968bcd4f0ca805c2180eecb138d612618d7250c132

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8C71 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 011411877b0cd55a1c763cc70b9db1ccac1a50219f9314d2721bae875126afba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D468 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ff12349882cc4d7c060aaeeaea2531c2c31b04187423a032c544f2b0e80c0cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CB3D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b00a3eb9bf3f95aeee1159ea43999db85c98afd79e4cdc4bdac1e649bb98d23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A8B6 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8kGP9_s5omNaHyZRHUtugTN4Qqu041GUxgJIpdVmk6Wv7Oz7D4JftjlkmHWFZK3lvf2zgNk-sabZuNUbOqncJ0kdN-qvIcoQ1iJ7uojhq668nK08r7BlBD4Iv7JAmKnGJV1PxQFKHmlTyIOTgip7rubzBfrtnIQkGZ2JKoSOm9qeAMfItbBNzloEo-kwkeoB3In5N3vrcnmHF0oughtCcBg47g_F9XIAr8BprJy2W2fdM1BafI6GmRCSUrO2xktiUBJr_I1kSjXDvX06NRUNCut3QQKEV17ZCRoE0AOwOxUK0ewPXKYABNciuHwYkhtu4CoXNkw&sai=AMfl-YTnXT2neb-d1fdpESe4VYwiBBm4U4-QPAhXuyAIb3hlAoOgFcWvz1xGd7cDvLazcbpyaLuaAYmJl7azXUNQ2u3RYiM8U4O37rDv7A85G82P_3wxPWQWz5LeNm0PSbDnmg&sig=Cg0ArKJSzNFVoEqJgRQAEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:23 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 7B6D 0
95 B 357ms
357ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CE3A 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmVTU0sq4jVSH73hnEjnSkZwLcHvYLPQGV1RbKpA7dV0K8HQ-16INKNtk8aUjZHUstnivRnBkmdgOJCDIhp8RyIVg7KnRU3MlGuilk2p7oIO4e-fAMAh23iTw1233pH4MNEqbiHP13g1TylOhVso0-Npq0deNxESEVSuwF6PYciAdeu_KrD1j3N8OW52pE1Zrw2RtuQjRJ4YEEPVVqWxcSp7Vx_5rAv5C6kn6WBgk0Nve1TvFVvXyysBPI_PTOiA0K8ab2RnovddhNTgnzFsvHJvSCL8yN-hJ0fAuVJtAD973dmhkonKJ_GWtTEV0jT1NqAA&sai=AMfl-YT1hUKpFH0ow5ZMzG-I-rkrh4uJi793oFxA3d3p68DE29gsC5hfB05pGYh1PV0RL6FqsAs7SmC8r1Ofmi5aOOCXfIZr2MIhA-Ldc-SeuFBWeO29WVB1tHGG1zMkag5hfw&sig=Cg0ArKJSzMMlpE4OiS3iEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
DATA 200
OK truncated
/ Frame 7711 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6883f78d4dc10042145ee34532a4f3d1880324f34ea841f12ba68b1e308c9ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7711 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjmrguRotSr-DBnwKIgfKCVFFL-euEHty_2xKGEoH5_t-Sy-yJx_1r1vijX2OFm8mea_YiXdakTEY58bKx8TMeEh8seaE9l06VsQi80wYWhwx52Y-ahuduNdAcgld_XXlRiSMkGN86Kx3opFySATrer8XvLkfYjj5tAnd-X9k2eaSKB9NvU-4Bua-RBC9WOiCsmz_bE8dXNSBERX26i2W_b2pdlMTZuDcnPYZt2Mu5eoLppTqKlyJ9RrvXK4q_Dl29Uy5zv51fjJz_xv-VJ1Zua8_w_O9rDXwpp3fMRl8ou-7H4oV8skzntXfIJpQWagMORC8n1g1zjHkvZ38&sai=AMfl-YRP3W0fOFe0heGEnZ-TLG8j4Wgjrh6pCIccDy2ZvDMdwWrwdd4qRkIlmrH2eGlN808Us0nHGoddBT5teabPBX8Z23AlNUco1XJKjz75K3FaG0pMfBRY30Tpf5i0SzV24w&sig=Cg0ArKJSzCr_rDJ-GjBXEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C71 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLF2okDM4MZv8FPFqCptIMlDNiSYteVilu83ECwizQnHexSZZU2wI5MbeX-LA3DWcu4GhnivMlftX2ZlGUrxhJeGBA3S3PE6Q6sEGimlf6mZWoHovl7WCAVoHa7a9HUXJ0-t9egpC0qSg-zE9qOnLTDX5kiHOLBHlJcRWQoyEmPdUr7NIMTIL2B0xyWlJRdSBdKzmkOLQ3EEq1-M50Y2MxMtG_jqodWShhe8XwoRDj1qFKl5IdMYYA95ZanZfG2z9496vGqwa6wbwCuv-zV7SCm59DCc2bRGWcK-5DP11bSvhvc2dpAT68MEkz0Tbq79oFGxUzREE&sai=AMfl-YQkdjE9s-8wM_NqhdOADqsV5eO-bGsJpfv_hfY01DitGiyXh9yPWU0tjRm-rgdkGre2dE3TK3ojTQKAUGcN0wpbibwU-oeQwEA4CPjBcjlZ6nZdcHk-TPQ7MyXKbLjjOQ&sig=Cg0ArKJSzOe2uXn74HFCEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB3D 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7NOZ1v103hPvyOs-AHelRrbXjtYEbM2zu9KR-BhHmb6-HSptXUaDJLedCA-CrrczISsVAwvED78-9t4-JIscFQjwtAVgfA--siBgLQFHaPTbQwNjjxqQm85rQqy7gK6NaOid8aWR7x0Js2rVLQ6OlBOI_SAFrBIgO98FzP9JgaG9B8Go8JR6zr8LzO2lgu7kcpmNHNRHf9gFxS1GrGNpbuX5IvMHR6nnq4RWJ7L-DhEs37lF35-j3Zoj4Hksh5H2hpERU4HegqbI6kcZyurX6vO_t5OxkXpaSaq8Igv3pYPYMs0aDiSxU5AsKJBRB3Vr3Eg&sai=AMfl-YQt3dBu41drtuNiKFXq_4x-k2LPZL2cnBJR0ksfOKRkbrSqAPltG1KD77vRCd85bIsQKk7LeYFY3ghdMH_3YO_ZzIEA4GDOCoZNBkQQR7Gt7r7Qera5NvpF3I8LdaMmWA&sig=Cg0ArKJSzHiRTZs2ERKKEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D468 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteSmoA8f20goDnCaSFqITgsqUXOcc6SYPxj7fOdr9PD7AgEJI32NAREv3O4FC1doR9dsjIXXo3c77Ap6xhUHU4jg5temamBBFS-IbMLpqGqCvLyOLk79nMmxzuyleqG6-fpZEI-6DOiOVard-2RMMDbyEWEsE-5Fd9KsPRl4QpWjf8EWvtMmgRDNlyLOjj2MPz-HOhNreMZyOPk7ibYrQ2X4UnwKNbaXKTsCtzT9ZqfOIN0jZ_sRgo8lDajSzT1cF2Qpa9z1RpEyCM86ha4aeNKJzYHWs_0eMIS3SCrJmiX8vKDbolKZ2D57-P6XhyfsBMEbJ22W-13bQ&sai=AMfl-YQXuqCmijm6tl81Y8zng90qWdPrEG8By5VWvQR_XLTNedZR6OgUbTEj0WA6-t2QXmOKHWgxSErtcrIKm6s571w5NgvKCFF-znu7m8OSAvAPImqr_mQpnOc11fkf7-K7oQ&sig=Cg0ArKJSzIuF6jaK67ucEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
DATA 200
OK truncated
/ Frame E154 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f64d3df5be069e6229fbfbcb32ca2eb35a57a46322317a27bcbf2e406db98d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E154 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubhyBjOWxh1HvRR1U0-IjbxCVVP5JMFecIngrca1lV5jAedByWeWsIrtT26qDSilOEANU-LrVAAJC7fbHDreidkYkzZ9Ws2CZ9aIl9hFzVj41d5DrZa41ydA7fCz9VfQJhGsZg6a_safuMYjdzfIl7LhFe21lOe-1oGzvUcE_qEUTXzwWSgI3YwXafVBoTTRBAwyr9_7H21At5HtIuNaaUHWn8sO9U33CAKDLIMAV_Ncqu3LZcKmFpsOCgvLENSDRFMpoc0psld8ldVm2WHlZ0RIDM6P1sN6LVZCAsn9Jc_W7JD6cxkdFii4AT65Fm4zsE-S22pMIBNIA&sai=AMfl-YQp70EHG8EIXt0_d7Xs6Xiawi1WHNomAyxa60CxAZU3Tif7aFn3wW2bkgPAbFyovVzz7KtFGX8Pa968pC9KHLXdLZdERA-toezLtJHtrKeNm1ysSXUwdu5jqQn3zXFfvw&sig=Cg0ArKJSzPN1pMh51Gx1EAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 21A9 23 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 21A9 24 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 02 Dec 2023 20:11:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21A9 155 KB
47 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

POST
H2 200 stats Show response
gw.geoedge.be/api/ Frame A8B6 0
95 B 262ms
262ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/stats
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:23 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D67E 23 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D67E 24 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 02 Dec 2023 20:11:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D67E 155 KB
47 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D650 24 KB
6 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 02 Dec 2023 20:11:36 GMT

GET
H3 200 15945155768788143923
tpc.googlesyndication.com/simgad/ Frame D650 123 KB
123 KB 73ms
70ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15945155768788143923?

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9556490177c5174f9a068f7c217b78df5b3b0c44bf479ae26e6ba68d02fa6273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126095
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 12:40:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 04 Dec 2023 16:25:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D650 155 KB
47 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 7CC6 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7CC6 24 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 02 Dec 2023 20:11:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7CC6 155 KB
47 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CE4D 624 B
242 B 45ms
44ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXNdUN7At3WZqIGe5msiZIWsyEkqYW5kUi2UQbl8P1Kdu3U_80rHEr3e2cF3xueyEzjanTVmePlbgZ02Sdef7OChZNe08cm252hIEmMsHYMpADt80W4Kg9bB92l7BBGEOmtOuUKZi0qk0eveywGR1m84nTZg4YlUT8KJ3gxR82X6bvCCc4

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AEBE 15 KB
11 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqwtA329GOw8noJOuWXHIXIlcRdCRSF0TH9EjqzL1OlnyCzF7VGpcHWiny5G4k1nQ-mw3ADsIgUj4BVoiPSqQwOyr695rRSFEKOLo2ksIyDVCNy6QEKpBFqowt0h4ttH7Iio4eqXoAy5Afk2Aus9b6TS8umquajIjp8lkD-0Q_iMBBVs4&cry=1&dbm_d=AKAmf-CJKeysa1lHd1JXlJy5P2Mtd8LpDwEt01nWl9NAQpqVmK8ilVmU0nkosbVpDMkkPmUdjVDWlerMV8ozgmP0_aFDycellbaGEohRx6zdzM7X0C3QqekLKZvxnTb68Gsfp_ppW9c9gs2ZhNK0IpNuwO9-TnJjB1jRKch7E8qpV-w4A8Ce5qSP-xjZ6c8aaqtPnGWigjyFsUfYnpekOwCwk-Q20wtGGJI4SdOAwiBOHWiY50p4RV1yOu2KZNE6j40XUK8uDKOiLgZ1A31y2c6bNhiTS3-ttVdzgabs4rMorWifGQm8T0lLwAtCLFeVb2xC8eezBqD0aJObOo7i1KizL74RWty98K9P_InRJlIPM759KxksAR-cLSB8sqEMICzDo1DRIi-cctU9BQZlHGVwxizAjrjoT226z5_kkW84fFp_LfY0OiedVDtq4JhAD9jt0zFryb4iD1c_082hVa_iD_22PvfaPxaTu747i7VuUiFq2t4kviB-wiHdUsIPhb28KaLMpE3t_FlLzLWpC62s65c3Y0WMYECHy7s2NKWcDWMrYMzoAi0xg3heXSqNxYEynkYwSIRgCAkKNM7iFXhEg-cHAkxOGSmB1mivUY1lONCm4T6RbXycmOzSLs5looV-mcTEJ2l2jGZdEO80OwceHlo05w05jW4WxLCrQV5QsS3K-299aVVUwDw2tGf--N0qUqejgq504v9_gJUY5WeRQxqBQmIDmHKt5pDInxZ3IhD49g9aUXjluDvdHxs23QrI5cWUElqfxAC57fXYfQ06gA8lOOJlwQuM-69rQMB0mQ6Jvl2mpNAHm85aTmCPdyVnS9m5vMItilftNgQs-0JeKw5PsM6lQy8f9Rg3Ns6WqkHxApsQ6svlECRH3ZxodQFzmsTMEHdf-h2e9TeAP7zSfW2YajRDS2ivSD2s3WFOtHTIaQ_gwkmQNd3N-SAypnNPzfg2Tt7apSuO30uCQInllmcEQLBbAJ9Ee8alq54Slky5EVad5omzuen0YlxoKUvE3pQdZjQLiYTyTF1-4GslKnngceMt1GIi0HTvB-2km7kdf66Qn9ac4kCtMHRQ6LrgAMJV28e3l0xwpImeuluCrZ8Zr-ukJnbW3jMAgnZk5ETAdvRePHXBtsEAaxsWO4OgU94zkFkqKq275oGzwrMLx7LdFQjbVxgDZ_04hRGMEwl0ft3mf_1bGk9lkNqWpO5tXn9iCYRzzU2NZ-GcEAgU93htajkSCSnsngO08vAAyu-UwODXpxYlOTRp-OO9Tg37lfxMEDl4VoDqkKY-MnK0eaIIJ5v4wWqauV6oV82PjPypNc-z5eIkiPAJR_c20XdbsDBr-3zvs3voNTzw3BAT6ai-tMmFCUB5w2FmLJaqT7ZCmXtFpXOUz8oMlLwiJyk4Bb2rfDBPDKXCxak-ykR2LYEBFZmW1deaWg2mVEnfxigElP0z21U3E8rvhqNBwuVLGwjAOuD9KxkigXCKtmcJZbYkNfHSCnne6zHWfA64g7-lUmgLpS5B4ZT9wJGjEInsGHK1-TGT3IlIWrgmtJacH3ivcq1pT226nKpYzOqY2dcRbBFrZy-nspYlO_5IZ_7kzv-_i7CXFVuwqvXTojqssuv7NXJutJEZDJFyDiYfBI3alnC6JZaWnsHLKHzVk7txEMB9CZOkzhWy2V6hnMPzCPSlhkADgJP14E_a6NbWljkx60UxKRBhFULO5SEdzJytWbDV-yOoSYK78q7aVQdt-9Bvukuz8wmyDJCMrA8KszMsnKKtYEUBlCb0E8rRYlYBl1xZwsxFTjh8U0tnhgmiLhOGybf1uMVp49l53LDoFnNBj1gEJgTD5rqPV1SkGz5OnLgdYUFPwGj8CA9X8UBLsuNeuyoFqb7JXnpuH_8GJ0_DCjC47wSOTc-6Oa-A-7sH21ixKMIJ-YzxBOEBTMZzygZr_Aahf500sw9Tumh1v1oMlytfZrRFEY4QlVKISsgftDWGw9rpF2cyAzAmr6Fc0V4ldy-9qpoNsChiuKIW735G6-ZEJ3Pm8bjRVF613QYkz-9sICQW5crWI64s0MksIs3Xz2QLvklXN1qjgNWHfd4hfsJpy5nmuN1yBThLvLcJkUNeyRcGbn6-LFWagBXru-rWXnBZZHXcDJgRDpiVl-FBpQmMS1s6pMVhTY61yIeUjmmXB_Sx34JyWsbfhWMNP1uvGF4qiT_kdRvl_ODmCgnvHzHiuXYe7aV-yKYkjlrFr7kHG4icvt1cHnzf80df609TS8JsKIOt1NTlP-4aFfaZEL5TdHpP8P3Tl2D5ZovgRSdeJAokbdJvzg7fN4g_SEHjvpLuwhfmzyMvzNaT7A-b99xA-GiTKFx83_GkhZa1scoEFCqUu5ckclfrCJVssjzwFJDrP3lmeMnzc-CuD8M7KmB8ZRLOUIdwhmACHV4WZwuaOZV34ocJomLQjqx7_kY1-QJyBkE5sYJ6FjvQ2XsXnWDeCInQ5pMFPkpwUyKB-8nqb1Z00XS1K9QYxST8BeoeGWZIk0m6y8hq3XR7wwpiH1GCinoqvD-5VsVB33eQFTNHv1dbKVB3Exl4oGwIwLcqx9g_-KJh2UBV5NQFhEFoX1YGs1U0PNS3e_-hFeWy760DkxEObu7ea8r2wGRmmJ456cRJ5h5ifsbu4DY0w2-Dk1VIlgg1ERwWoZpvAE0wor2a5vS6ObIKmzUTn1W22pbQPCokpuQ0aPU6N9ctLkKPZX5yxoVGdIh0Wi9aBcHXs59Qyadu55gwY-ySfk_Mb8pUC82dXWKkDg1h5fudnk6mBYdzzxtSZE9PgDV5KxtRbY-O0BP19O5waJTTfS1qPt9doc_t214pFShSS_JtVoksJHqnp4s-5vI8G0czUk5InVCJH77q_0Yerh69TcIGgQtjFWz9oHfgTlCJ58wmFQma1IZhQFt2TgSAXp6kv_VBACImYo8WEUy-aeYcFBH59WxfPbkuCTIJvqxJ_lEE3J2SdAFZhzk14CCzjgTxHPNNizlCezHd0ouosScGlg5EDgL2-dzO5av_WsBJDHsG8bBLwJYxCl6JLlz1MU8p9UwL-9nTznj1KtmuYYusoLMHiIX6n8dK3Uvg-_-SZA6Ga47qaSzmfz7yG_N-qJQ5gbYAsV9KCVYYesS33-3gPl5IZi5kRYOoRHqS-zXgzq4X0XKOU4tntYE5i9ZZQ0-6Rio4_QqtlSF5jY-9VVlMIHbc7Er19tHCd722HYYL1Cl3NaLsX-P-IIn2WoRUP5iHZsCI7JO01Dvi0EZQ5UiknikVkaLZ6DOjHdQAE7Fca71tpE4lYjirqHrQ15er5rTWLToJr1HVe3NVBBm_MqO80UP9D28KBmf1Ercmv9qiz86Dk2M-641Yg--eMNhGTJf17b9CkTyfdG_oBzk2dFv8JZZEk7vOoXLYuAJHKIfKcdxrrG9sHkzuffagdenGIEgucB2tqVsum8Wy_ZrWg2fNw3YG34iVEzVhggS79IRAa3Shg5E6uCSx5Pz2C_WIWF8OeRTbw7ByEcioxwbYcySDjzZKybJ3-4EoIPa9Zsp2VOUFuzr7MW7CMuYKNM88y6ewrHS4HTHyFIqIjsQfYoPnWE4ctmFBGiJKMChKJEpOomqY_TJjzOvPA7Q&cid=CAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.labrujula24.com%252F%240

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b8f31189fd5669897a743bb8152ce8dde9b72838ab88672d529840777c90386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AEBE 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AEBE 18 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:10:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AEBE 0
0 23ms
23ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0ZHcQBD7smMtDbCSRBn_GhZWtw0Y1Ls7UkrDrzzdGsrmlYoZPe3vFrXpyBlHlf1lYzVKyAuspshpO833EI6LW1DiIjg
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEBE 155 KB
47 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AEBE 42 B
63 B 151ms
151ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AErtIPLERoCuODKvDo92LY9DSv6ZShEP1p1drahQrsawiwkMXZXJ3-u8LUSySK54B-Cz2QavFr_2Z-VKdz_2OUguWHoc-ntmg-i2OPs5X_qJTTvIM

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 090E 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 090E 24 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 02 Dec 2023 20:11:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 090E 155 KB
47 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DB7B 8 KB
730 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 15:45:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BD57 624 B
242 B 65ms
53ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVnzU1RvQ57WgKHSOyocFi2jL_DY8CNUjmOj93fi0ukmN0IVltRbRjQgfVPWtHFrVp44Q69xtHZiOqeqY3VaGIkkBak_JDS3DaFEwymHwR0h0k916habkAdT0C9Xqcmtkc0M82zt0iZ0-SfmdhoiVd646DtcZlg8lnSW1IBoXKrt-s3pY4

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7B6D 15 KB
11 KB 67ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFH6bX0An9MUsWYbWK43knwSMbif3njZSCIFjZjuiALaUTA5MYHRWj3nNaAxm7fR0j0ci73rWy_j9xvgQa44jvfVxzNNoU4jJaPy2Iv17X1-XfT3WJ03DpksnnMz3YJsqOOa_7lfNKtAMKcNBtqTxKAKmgYpc7euhkJT4GwJ_AVAB2JKc&cry=1&dbm_d=AKAmf-Bi1l6vDjo8vPUJVsfNPJfwVDKka8DY6BsiQ6HFrddrnpsMw1FexwxP_RVN_0fvGhhCwWQ_Ndoyb_X5wGcFPJgk7T3uvSmx_7AKwpRcv4tnPqWq2FBMBM5i_q6CSAFBNvjbxsNJdmZtGuTYL51bqc4w1I8dxY-GAR_fq4rvMoyTnQ5Oij-pGt67IVQZTb0f7pQu010SmpRkY9ud5wwvL7EqJSzRVq_Nm4DTjxM4uDeo5KR7a9Fv6VFSn-uqCJNYuiRiOhy85mvh8KkHCdAwpcD6dR3gHV2ZQ8fxKgoIH5BzUAyRVlKDF_-rrazBocmYpo9G4WUQM0Rrnw7EOLBqGrV8dz42Rs6t64MIQT4weTKFkBKcAzupnLcuoe4uIdQ14W1jDa9mJOQkronJzq7Xh4WQIeG3Zma2wuiXBOHQMPm9LOB0Jxdm-ULEf3KxDm73-rzHChoXMZlfbK79RbPo6CyZYJAs0yBvzTf2GocCd4Fn_HhV3xw_EhsTL5AfV1AJBJVOIUwy0DkIvtH7qHOKyVIaU1SuW6vQ2vmFjgwNkNg2m3JJt7RReKrlIShcrgZrsZC-jy7fAB05tsy3lTFjWVF66vym3AXIsn16dpw_hUucZsWh3sAQz92s7uPYoUaAe_F_EKroYe4rn60wAUGWdMrux2FIOP7pOugIlZpH5noMR5dpsIRXiMTg8OyHtgYO_zbHd9QFC_sVr-0cnirX3wFcSTeNGOZ9YSIgXU7xg_kHO4GrkVHrlZKnh4gn8m8MoHqDrUgEtJKqfw_FvYghDU51-IyJDnC1x61jHfrgBOZhEjglUgAYZTFm3Hu28_02JLhpHUX8ew-aZ4RLpx_FOAjotB40ABBi0toXOs0jZhgo78EZELO7bI0buB6RiAiR9qNvOeTfXFYDNBtTlLWM7qElV8SNdhLsdC9dT689aJPZ1GHk6Y0XCR-LuKveWtmTryEgjDVIa0KpdEkk-Qx_FwgAdT0-5LwV9u1cm6VirtYaML8ws8R_nMzmaUuog8SEomQsEucYvhT0pXuHykev0frF9US7EEWsp7NbsidEdabfcqyb8ZAfS1b34Kr6ZPZ4yLW25PuZiAqNqRQwYxkccAQmM10uDuHpx4JSkxreAYv7GsgSYJC0v0JxVJu3Zp1I3Upj0Ijgdn4DG6DtJVClSLLLryfjV6Xt0Tj3fGrNDe6ncN66i257382bJb6Uj1kNL9MOZ6zyu4zvhvdDasaSZw0C1_uwib42HYlL5irOx2WQ3SsSsSccjwvuYZafXxUI1V7aWKkugnu9grBrNnU-40zKiqxH78spSOLqDHHs1llmrM2sL_RCPvtnawDTpPmNseAxvrSAwPTnDw8tM_ze4KyzmaHX_bkVAs__OpVKsydolrZqJC1DMkEB4CxwapTvYBhiKkdSJkMdQM79Ld2-EZjaMEgUyePVLTJGMvqv0Z-4spZUJG_EiUuBSPJ44yB987A_yk8YRCGEaCuEqYldTWO-GNpHKYRSn9PSQIAJ8X1SVI8_7iGnFs5B17WLStjtLR1HI3JZ237tFbdC-HRo3UwsXgOxolZlTHEWhGoAMIyXtXlRMB27vqTul7yFcNEpHjjnSW-kMPfud7vb6-ax3NSaCkiVphpdgjEu6-sHgcNQLsXBcgiajJ0NylQlKAmxTs9lRSy26-nLMfFXSR9oz7dKpjnCJrG99pHz083GABn7K0LYA8Olbes9rHc3JdhnnIq6uyF8KvYJmpd0FqExFhFLkEp6gQv4yDFSChuqlaG-xzEe5SM9fIhUIixsn3HYzc8OxXbqPkjpJ5pN2cwvpFi33h45moXilT9BB5DB_mFSMpcy2Kf25TTXJZkyRwexV1qJJcWiuKKw_WKCjM0DNsIgzHP2wwh6fZ0ijayjp54-yx1II0hUD0BqDS0c-lvWtdM7_wl4hyvtCa12MNdGv4S88xiDMAIiLyi4VtT5p9B9Py0cVShHHq3hfDV3Pi17vUMgGEODPeulETcIfaMmtKK6EAJ-fxUWuaRXOXMUrb6ivLoHgTlmepFpMr3u4aiJlrzKcTc5ML0eHGn3Btc4FSvwetJqLx75FZlklg_DSb8Kwiwpo0xSQ-cd8S8CSJHOk1Yn1I_WygDUMslY7yyFHRLeEiZUf58dXVKv0jU0CY097M9bXhBe55RtvVI0fiD_JGm1tkeodnIfXkDu66kvPMWjO44PnRH25yH0Y91-LmayUVWVCKFTITUWIBaSggvL9hsqp10y061yq7I9MFmW6HMsad30w1GSGutbWTljRYtBsrEWVgsP7xCc23mVlQnkJbnMEucdmtFD6AFvri_WKEXcr2VgzIJv0KdjjvkpXMV0TVSoXeMmATMiPX1hDqd9b_fGQ4g7itKyezBMkABoEfo2rbnpynjbun2UTi72-RcIG0kpDK3Dhggn1G4oZ8evZ5lGghxnEHeSLAwjWAip7oIbwGP482qZmRDDq-QM86sDCopr3faKPU7k5vNxBzWBpj0gvhUunDjIvZkCr52Ou2sn7lIaKwiiFzSDFxKgcMvuNNekF7vh-n6fG1etdyN3EdD1iCrH5Y042JSBi1VSkSFeF739Bl5DxH-Md9gsMg2aMw6kLI4RTQ99gOc_7dAtyJYvJ4viKck54tIP4w5fq_mEb0UorZLdgXTI6igfYbxM0ImukG_YQpsgpNGAUVT670LfmEOlXw5_l8UqqgZCvbEQKFaIWKzBL5PM4GhdnMeyeyK1szssHsUTyOUZlB0dj-zxqznJw41iuihyQhbnNPluyWHnNWaetNpFixEVHgid2qRO9aNQkFK_N3a_XZGi6DZXrcqdSslpRpXIvoUXQgU_oDe19tOq3DwDjfCNhHVpez0imxqRNf5qcTlEtPpw7OZywDE0AyZZPrr3FoofPuw_h80fSHXZ1gWLU3E9pbg-ywgFKvqK95qjTL03PyclsLGoEuw-l2ExsoO1UCXMNyCajYQB3A8R5kiDXR_sqfe-g_fAppcGhjfXOiF-FOQMOjEx2Zx789QdDCQQoAlW_dIPSvAte2_yjYi7hrpR4NXAh1AwKC1j8Xxx0dEi8v7n-7Wts3tiRAetnDUyNUAtCE0lKXeLOYzJ6j7PT2fpPRwqhM44qhzzdZhsg6vCdBIBSyFf8ZH3OYmPqYMs2HqOLbyITQAlLT3LdIJIlpl9AGPbpUrBM3kF1ChoLk7rcDA1olp-vqwWStTurY-1Em6UvTkQ8YnMsKCISZFCprV3gY1CI6D3VsCrNp6hHwrkACpxWqYcAzMrjugPTuYV4xhjQkslfm_-b9-LP7ewpagLPxdVd_JRjEVIF7lhtpIdHOzfYagdE5w_-_PrZrCBQkC5kGiuGUfEt93MRizng-xvO-ja2gqb5NTDEmSlZr7BNlVtRD1rGxGzzfsMK9fkGsM3ymnED3KcD2D67SbBnhE7AFOJVxZfkGLkb1OSZRsckJG5Ymg3JqQNDbVagk2M6KIyZZ1n3nq50QXva7UGmx_luX6gx1fFD-siM9U4dW2ZGoXUjBjEfUOXJuyRl9ORuIIgoucMptI6fk8_0H5MZXLhB-0_p4rLzJwa8GaopmBm7h00-1mXuele-N5c4eeYcfhY1jzlalJYcpkpNbti3HVz7qzPAhAu6k8&cid=CAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.labrujula24.com%252F%240

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8cd3a5514fa9ec4387914a6da304af226e3406178c018e3cd2f7392a56ef117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11392
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7B6D 3 KB
1 KB 20ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:46:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7B6D 18 KB
7 KB 21ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:10:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B6D 155 KB
47 KB 34ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B6D 42 B
63 B 162ms
151ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACiM8jwyCHNY8dxqr0ryQgxt5pZS1otyUGJUsg_Qfgk6PgoQibvFhKdj9kEd9JNq6VcenXlRnUdpZ2e2cR0XCVs0rMAXZZTbOKECVw1VhI-aQ1uJw

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CE4D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXNdUN7At3WZqIGe5msiZIWsyEkqYW5kUi2UQbl8P1Kdu3U_80rHEr3e2cF3xueyEzjanTVmePlbgZ02Sdef7OChZNe08cm252hIEmMsHYMpADt80W4Kg9bB92l7BBGEOmtOuUKZi0qk0eveywGR1m84nTZg4YlUT8KJ3gxR82X6bvCCc4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CE4D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4zJ8-BRLT7Djnrl7SL.ugAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1&google_hm=2

43 B
894 B

12ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXNdUN7At3WZqIGe5msiZIWsyEkqYW5kUi2UQbl8P1Kdu3U_80rHEr3e2cF3xueyEzjanTVmePlbgZ02Sdef7OChZNe08cm252hIEmMsHYMpADt80W4Kg9bB92l7BBGEOmtOuUKZi0qk0eveywGR1m84nTZg4YlUT8KJ3gxR82X6bvCCc4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CE4D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB540g-XsLO8AWz4sHzUtSw&google_cver=1

43 B
1010 B

11ms
8ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB540g-XsLO8AWz4sHzUtSw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXNdUN7At3WZqIGe5msiZIWsyEkqYW5kUi2UQbl8P1Kdu3U_80rHEr3e2cF3xueyEzjanTVmePlbgZ02Sdef7OChZNe08cm252hIEmMsHYMpADt80W4Kg9bB92l7BBGEOmtOuUKZi0qk0eveywGR1m84nTZg4YlUT8KJ3gxR82X6bvCCc4

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
AN-X-Request-Uuid: 3ffcd931-0a55-4580-aad7-9cafa2043f13
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB540g-XsLO8AWz4sHzUtSw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE4D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxMTU5NDYyMTUzMDc4MTc2OA%3D%3D

170 B
188 B

21ms
21ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxMTU5NDYyMTUzMDc4MTc2OA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
AN-X-Request-Uuid: dab23811-bfc0-46f7-aab4-8f7d6317417c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxMTU5NDYyMTUzMDc4MTc2OA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0F4D 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 05:47:19 GMT
x-content-type-options: nosniff
server: cafe
age: 38284
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Mon, 05 Dec 2022 05:47:19 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0F4D 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 23560
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 05 Dec 2022 09:52:43 GMT

GET
H2 200 bg-pushdown_2.jpg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame DB7B 26 KB
26 KB 27ms
27ms Image
image/jpeg 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/bg-pushdown_2.jpg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
cf-cache-status: HIT
x-amz-request-id: 4DC0FJ8JKVR6CWVH
age: 1173
cf-polished: origSize=27972, status=webp_bigger
content-length: 26182
x-amz-id-2: xv/vmWUKgUefktjuK/9v/cgfIC+fkyc8gjl/qQ343Uo2YLOnQMG5j4RrXqfC/ZukYb6OUOsO7jA=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 02 Dec 2022 14:57:47 GMT
server: cloudflare
etag: "badb98ee3ef98cf931012151d07083fe"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 7745e5d4197b9a24-FRA
expires: Sun, 04 Dec 2022 16:55:23 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame DB7B 44 KB
44 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.cleverwebserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 509699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:50:24 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BD57
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVnzU1RvQ57WgKHSOyocFi2jL_DY8CNUjmOj93fi0ukmN0IVltRbRjQgfVPWtHFrVp44Q69xtHZiOqeqY3VaGIkkBak_JDS3DaFEwymHwR0h0k916habkAdT0C9Xqcmtkc0M82zt0iZ0-SfmdhoiVd646DtcZlg8lnSW1IBoXKrt-s3pY4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BD57
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4zJ8-BRLT7Djnrl7SL.ugAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVnzU1RvQ57WgKHSOyocFi2jL_DY8CNUjmOj93fi0ukmN0IVltRbRjQgfVPWtHFrVp44Q69xtHZiOqeqY3VaGIkkBak_JDS3DaFEwymHwR0h0k916habkAdT0C9Xqcmtkc0M82zt0iZ0-SfmdhoiVd646DtcZlg8lnSW1IBoXKrt-s3pY4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIS5gIVy5Bz_6f33pS7wnL8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BD57
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB540g-XsLO8AWz4sHzUtSw&google_cver=1

43 B
1010 B

13ms
9ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB540g-XsLO8AWz4sHzUtSw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNVnzU1RvQ57WgKHSOyocFi2jL_DY8CNUjmOj93fi0ukmN0IVltRbRjQgfVPWtHFrVp44Q69xtHZiOqeqY3VaGIkkBak_JDS3DaFEwymHwR0h0k916habkAdT0C9Xqcmtkc0M82zt0iZ0-SfmdhoiVd646DtcZlg8lnSW1IBoXKrt-s3pY4

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
AN-X-Request-Uuid: a71afbf6-6e38-494e-96ed-2869470e4b31
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB540g-XsLO8AWz4sHzUtSw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD57
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxMTU5NDYyMTUzMDc4MTc2OA%3D%3D

170 B
188 B

22ms
22ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxMTU5NDYyMTUzMDc4MTc2OA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
AN-X-Request-Uuid: 35961b17-133d-42b3-ab68-559ccda53d26
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxMTU5NDYyMTUzMDc4MTc2OA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D650 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstK9cTEADVeelXYGba7GMLOzkJQGe7FByBuDubUsN47QUTcv0tvTeN67cedLJ6OPiA3F1i-oQMh4f8bCoeP70u0U8XGz89C8ekC3azPxm31AHpdxxD9XaGhx37zvI4wGzveHHo05AK1zGo84HS96PS9EFbyvGn3Siu5tG4YjoX8CxD3E-a42yLv28AQIHkPjnO-MORNYTQT4Eo-7qWHA1W6OMxaC9sGqhiaAl2OgYCAGuSax1aJW1217rhZHziFWcA9OShx9zxxwAb-m7HUmdEUYttb1do56QMQBQIOIDLtF3qzXrjxsREKHhvxIZwN9LjrbDJlgQ&sai=AMfl-YQvHNPWLetgC8c8WFedBOd3hRJDu86J6UJcjR1nGiWmz4ncUBuw_9uBictYcSP5WqkHykFhdsOsep25iynkvy2R9Eq1GJV4IiBXVSpfoClFH_11NZ3GC4j_WYZaA-8quw&sig=Cg0ArKJSzJjD7nQtVy11EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 7CC6 109 KB
38 KB 65ms
13ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Origin: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 17:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 17:15:00 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 090E 109 KB
38 KB 64ms
22ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Origin: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 17:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 17:15:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AEBE 41 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 16:29:42 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame AEBE 11 KB
4 KB 41ms
9ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5We48cmMY_XgGuzG7_UP7qKYyASm5b2gaa2VnKfJD_AuEAEgp5L9fGCVgoCAmAfIAQmpAkS_tBqXrLE-qAMBqgSaAk_Qus1KkCnCJ44vsJYjK26yLp3q0eV9Qgq8ZSH11-k-H8ewQwAvYqWt26JShbYA1irtmJJNsBOvfNTOY7JNa-8iUbL1lJZDHZBH3VQWcu4gMFOL4bDeaFH-qbhRsNBPOhVE3g79DiRZMP98HIPOmguiYhKRuWfQRZiwbLujggpP72pzxXvZEIw71QYZNSxDs7Vo1NaUSNeJTDLVZvsfmxsUpYDdHVGFaETccKhzO47WftVuLo9dKnkdFTTAnJAFFfNpUz6_PIkpn7xFTuoXR8Kp_tOCfaKhpkz32Ni2VrD9TkoaZFsfgbRWLTGSqzZlqLWylgbHuV-2CfZObnkN9890Xa_Xk_TghKGQDuWKZ9AuFbvsxNojVvAa4cAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM%26sig%3DAOD64_1pMa-q29PYRFWnVkJl-nA8YabCMQ%26client%3Dca-pub-4544951168098232%26dbm_c%3DAKAmf-AuoXjUw0fWuOqyiITtouNlNfbzOgaay7uNutNIz5QzDsm6bQi71GJ4gYXQcUrBNsHcoG7-xPRGBo9_OGc4Nf1BPh24t4ZW3HghL4NvBgQLfJ6JPI4cpmgaja6JrryJsWiAQop2NBgTsWf8-ePMBVDnOreoBflsDOm7l57cOZ97HwMYFuU%26cry%3D1%26dbm_d%3DAKAmf-AyRaPtlVKX6E5LML9w2AzCFxK1HazeZSVt9XJICj_IgCH2b65hSeZLPQ6hGhYqrijQiSjRvhayZU4fKUMcr4saCsxt7jPo_EwyAnbitTC-XwmQ3_a4qDcfqOKTbGPlr3SOV1OiM4eQ8SC__b1Jll4kACCxuqLEzB8jPCHYYB3o3CPF-LCpn7Z7ixGsDhGpr5SooyqiiggMexj9NvFfCypdq4inPDcclBmYb9Y0FjdGlW2sLk1y-WqtK9n2X8wjs_OaYc5od0wCb5lLRXLlpNbF96fa6ETJ61UcyCGc4JMrVIaSvyXhVc6RgtfHJpJGS_5Z9eVgKylNJl9EAauCtHo7UKfqthsV--cbSv838-Oo4EXPSbwqEdkG1I4R342rWTMWGgWx6Lh3-5peK-3qv5PJFs--Karv9Rl0L2-C74rUFidOcWYW1l85Oe9691sM7EwssldMZawYIoxInKFlHlEkKdcEQpnZPusVniTiAAjp3zf1ZTAx49vxnn3TH2HxG0F1BEi1uOUsjUlqK6_xWJTQNBK312y_VliW6ZllKcsxrKHWpio%26adurl%3D
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Baden-Baden, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: c1b929312bd47af29752f987857e15627fbd36abf0c78266a2a9e1fc07b541fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:23 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4119
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 21A9 109 KB
38 KB 31ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Origin: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 17:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 17:15:00 GMT

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame D67E 109 KB
38 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Origin: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 17:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 17:15:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7B6D 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 16:29:42 GMT

GET
H/1.1 200
OK vjdy8w6hewcq Show response
hal9000.redintelligence.net/zone/ Frame 7B6D 11 KB
4 KB 22ms
10ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjvpx8cmMY6_lGuzG7_UP7qKYyASm5b2gaZWTnKfJD_AuEAEgp5L9fGCVgoCAmAfIAQmpAkS_tBqXrLE-qAMBqgSXAk_QVn9IktF9FT6_QtDtT_mKmVbBpCXI9A31ZZFPDQ9c-G_OHuFJizCqIyXAzKf8MN99YWXQQ8jdTAiisHc-B-SJTtINSQ3_p0vPOnAHeS6APUP1ZNk7YKVOGtcJJdDbQ9oNV44HxAj40J1X499lNS7elr4SpLLiJS01y2r1e-FODsolkG2k_vuNCC6G1RXnUTaH05gcK9h-tl3SIDUzQR6lBNr9sL29uisvG3SeQbl61tKYFMmeXK8Ms30eiiNIvYkcgmHw25gfsB7CB0aMGJ1yA-QeVXgeUaJR0rEa9NEebaPsT-M_DVpHmaUm7LrRqPXchvew3vtxJLR_WDnF8WGF0Aay491HZENOv4eGGMf4kovxZkJhh8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM%26sig%3DAOD64_0b6W5WkdPmLeSRfeRkiZEAVRKxoQ%26client%3Dca-pub-4544951168098232%26dbm_c%3DAKAmf-B_St5cPwIFIN5fIQrQG1xDXlDWMlTjEorW6jnnKP57XrwvjlsfTthHZWdlqcNNIX6wjrajSz0ReqVkrxt_DI8UH-Y9rcdpK6-CaQvoj0Q6pixdKGWjVWQ_jHuGn78ecU5zjlVGM5aeRQFQOeqofqqKPlUQgnhU3skrKdzst59XSR9VvrQ%26cry%3D1%26dbm_d%3DAKAmf-CgCmf96hzvnvtFPZE4uSiaRShxhluLg9ZiCaQ4SCR3Su64eXLYneG5deYX0YudC27Llxbh7xviJz9yE7F17OCWKobgOR2iwaJumf0QJXe_0_OpsyYZqeZeZO_ofkNKyngXlIAL9yLsncDSbhxrUOwpOoSVPvGgc-3DowkqgtrbKhAa_9ocu6JsbRF-Qn2bUjmHs26N-4LxotKWwOGuSZowTJXzwK6sdkqjGewYeuEV0pSh9JttC8Ts5y_HORsCyHG_ZfKdjWvGU0GeZH_n99YgK2j9JTJrRSoAAvNsuWMGZ4iZQgBA17MCQkmMs0wVzZBt4m7vpP8Lqk6HdtG0R1d4vXQBQ9kE8TTXLenjSFcC2wE5IkaRZfzdEjMNWmcn8viTMpeLyro4BITp-Ye6dKq9KQuTpXsrLNE6w3XNtm6wfSgMSTu1yhW5yWUNo604IpCLdnFWy2d0jpiwXGv6QV7cyeFi0FzwdWv3guU2tjqnSuTRrHws8C_cVFFhLFZQHXVtR0VqiiAafRJkltNWKYfCJ5K1MGXxLc9f_hVn8lb0DTtfuwU%26adurl%3D
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Baden-Baden, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: d21246556bd6e5a19755dabb0bd7270e688874bc205ed2db8e47dca09bc81639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4116
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 clever.de.js Show response
lp.cleverwebserver.com/bet365/js/ Frame DB7B 821 B
756 B 29ms
29ms Script
text/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/bet365/js/clever.de.js
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c6c9d8548d627e7686b7181eefb0e8939df4aa139f5d9cebecbf0ba8f0ccb36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01163674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: HKHSFKW0A3G9Z4J1
age: 1220
cf-polished: origSize=992
x-amz-id-2: AsUCklx02Z43kTSKlNLiyNg2hZjxeiX88MhkLHKdN8/d9ArSpMPhTYmz2oi3rcr8VH4z/va9GwQ=
cf-bgj: minify
last-modified: Sat, 03 Dec 2022 20:07:50 GMT
server: cloudflare
etag: W/"75326716c6b75ca126b399a79ba549c4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1800
cf-ray: 7745e5d4fb479a24-FRA
expires: Sun, 04 Dec 2022 16:55:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D650 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ862l3LmTlepHpqmOAmcAk5T1I8FfaFK8kjHis8xiT1LzTD9a_EJykmBe7hFZUOX4MXnO9JnPVvgVFnsX8o7w0giig627FmKZYRkUes2Cr2PvlrtUKwN6QDxCnNd2wvybFoQp6sPPaegagZ-E1PWsSYN6i1FDh3vLXDF_0hjEEzgPtEIqRE_kHjRhAQzTP7L9hJlxf42_bTaoVWDlji-BC5B5J1p5nf4LVYh2yaWFt_tQJssuSmkRjpLapla39nOTDXCD7csc2Uyric1DX74KjFd6SwsOdh01urRr4zvSxJT9-4EjIL9WC2fF4B3A2rny1KBMaCgy&sai=AMfl-YTfjjtv0plW9WGe1eJUrUuONJz4G8MjhMWtmbrwqkXvjmkipaVmCAtHkgVY6NEEY_jMA_j20WzP3qA0RbfVarwQdzQUsV_truwNrK6ArDmQ2dO0cJTGtnx6cwY7vQdpOw&sig=Cg0ArKJSzCkpvgu-dZhFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:24 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D412 22 KB
8 KB 12ms
11ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 192594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 10:55:30 GMT
expires: Sat, 02 Dec 2023 10:55:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/1950554/5093048588/1637154337423/ Frame 47FE 98 KB
20 KB 26ms
8ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/index.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4d8026aa06817962da17cc13faabd698bdc10fe7366e24dc948c3ec7831d566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 61972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 20361
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 23:12:32 GMT
expires: Sun, 04 Dec 2022 23:12:32 GMT
last-modified: Wed, 17 Nov 2021 13:05:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7CC6 0
26 B 46ms
46ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4PVte9O04vzhn9bhsTrFluMWP9K9uEP8qkxTAUAj_yFAakjadJwwEeJ1dnoEQLRlcMaPIjy89ESiJUcrMaC7PwfrnVomZZV5L3tX2w7hij0HpThjHKb5pmjhPddJ629t3yxfedqRpz2EWHIGShpGRRh52VxOzzLtd8hdrGWm7CTMPVUsQeqgkHTFKseIqMYwHex2lOWzurl-EwJ5cgFv2o0JBIUWl5xAAAvSvUjXQb4AOXWKx7dmprD3scjRjQdQGKF0o3Kep95rNgIF1OXe6X2BgsEIramSqLjuZPN75jd3748BMGMDV8-MauQ7JZapLAqs&sai=AMfl-YSb1-hXOkqCbvpATIcM-Ib6VdGgA7-WH6GRGFN6TpkAuMtN5fpMZB43X_iLDQgKWQOoycRAe8oCyNlkcGkTTEdEfVRysJssoK6VL7-T1BzyKU2ibr5Lhr6IZy_0q-xUTw&sig=Cg0ArKJSzEpVuf83O6loEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/1950554/5048003917/1651682367598/ Frame 0B71 12 KB
4 KB 35ms
24ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/index.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c526a7c1849df42e5b8fd7d481e5fa542d9d14e9de6aa360ebe2faf15758e0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 3842
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:24 GMT
expires: Mon, 05 Dec 2022 16:25:24 GMT
last-modified: Wed, 04 May 2022 16:39:28 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 090E 0
26 B 48ms
48ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuphEVmHpuN0W4-2deIvbUvL_PYYmDb7FpFVwG4b5dWfD73Qdk4X_ikU26H7xEKz04HZQO3fIWJd1ue9J9GCR46GT-sJDRI7sG5uXotAd2nomGGD9xTqkReVGhmBTBzsWOoNTrF22ar4Ebm4Y9LT9EI8qbSRbbc4or678r532Ga8SU7DGHUCIHXH6oyJq-xuY3VWYhGnmXPAIUgwm3r3Ek0BcZuaeIpKxC-5-xlrVb80wa1jncLH4_tk2iBO1DNwHN8WHZ7BQsTLsLxnv7Y6Sj84hI1ZUMnrWp1ZNKUc4y0UwmjJbvsowBLpUc0o7x1jseOLSs&sai=AMfl-YSIFWMHLBFhhMOlf8tF3gOG63AZ3StFiBmq0Xuyj2jBTUYt3VO1ur5px8vFwvaRCcPlg0NOu-sCzJ4MylcduKyHOFHXCJlG61sGoG5ZAgXFy3A9U3onrDjJBHMCTRjfPQ&sig=Cg0ArKJSzAyk6WVLb06lEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900022.redintelligence.net/ Frame AEBE
Redirect Chain

https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=37e7156b99&subid=&uid=3983f0972fd9b589&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=37e7156b99&subid=&uid=3983f0972fd9b589&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

179ms
162ms

Script
application/x-javascript

144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=37e7156b99&subid=&uid=3983f0972fd9b589&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5We48cmMY_XgGuzG7_UP7qKYyASm5b2gaa2VnKfJD_AuEAEgp5L9fGCVgoCAmAfIAQmpAkS_tBqXrLE-qAMBqgSaAk_Qus1KkCnCJ44vsJYjK26yLp3q0eV9Qgq8ZSH11-k-H8ewQwAvYqWt26JShbYA1irtmJJNsBOvfNTOY7JNa-8iUbL1lJZDHZBH3VQWcu4gMFOL4bDeaFH-qbhRsNBPOhVE3g79DiRZMP98HIPOmguiYhKRuWfQRZiwbLujggpP72pzxXvZEIw71QYZNSxDs7Vo1NaUSNeJTDLVZvsfmxsUpYDdHVGFaETccKhzO47WftVuLo9dKnkdFTTAnJAFFfNpUz6_PIkpn7xFTuoXR8Kp_tOCfaKhpkz32Ni2VrD9TkoaZFsfgbRWLTGSqzZlqLWylgbHuV-2CfZObnkN9890Xa_Xk_TghKGQDuWKZ9AuFbvsxNojVvAa4cAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM%26sig%3DAOD64_1pMa-q29PYRFWnVkJl-nA8YabCMQ%26client%3Dca-pub-4544951168098232%26dbm_c%3DAKAmf-AuoXjUw0fWuOqyiITtouNlNfbzOgaay7uNutNIz5QzDsm6bQi71GJ4gYXQcUrBNsHcoG7-xPRGBo9_OGc4Nf1BPh24t4ZW3HghL4NvBgQLfJ6JPI4cpmgaja6JrryJsWiAQop2NBgTsWf8-ePMBVDnOreoBflsDOm7l57cOZ97HwMYFuU%26cry%3D1%26dbm_d%3DAKAmf-AyRaPtlVKX6E5LML9w2AzCFxK1HazeZSVt9XJICj_IgCH2b65hSeZLPQ6hGhYqrijQiSjRvhayZU4fKUMcr4saCsxt7jPo_EwyAnbitTC-XwmQ3_a4qDcfqOKTbGPlr3SOV1OiM4eQ8SC__b1Jll4kACCxuqLEzB8jPCHYYB3o3CPF-LCpn7Z7ixGsDhGpr5SooyqiiggMexj9NvFfCypdq4inPDcclBmYb9Y0FjdGlW2sLk1y-WqtK9n2X8wjs_OaYc5od0wCb5lLRXLlpNbF96fa6ETJ61UcyCGc4JMrVIaSvyXhVc6RgtfHJpJGS_5Z9eVgKylNJl9EAauCtHo7UKfqthsV--cbSv838-Oo4EXPSbwqEdkG1I4R342rWTMWGgWx6Lh3-5peK-3qv5PJFs--Karv9Rl0L2-C74rUFidOcWYW1l85Oe9691sM7EwssldMZawYIoxInKFlHlEkKdcEQpnZPusVniTiAAjp3zf1ZTAx49vxnn3TH2HxG0F1BEi1uOUsjUlqK6_xWJTQNBK312y_VliW6ZllKcsxrKHWpio%26adurl%3D&documentReferer=https%3A%2F%2Fwww.labrujula24.com%2F&ancestorOrigins=https%3A%2F%2Fwww.labrujula24.com&random=5810629794267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 7e0568e035a9e8d224ea44edb81eef494102317eaf0497a7432865a784133a65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 51270700093060604444554012163022
Connection: close
Content-Length: 1312
Expires: Sun, 04 Dec 2022 16:25:24 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=37e7156b99&subid=&uid=3983f0972fd9b589&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5We48cmMY_XgGuzG7_UP7qKYyASm5b2gaa2VnKfJD_AuEAEgp5L9fGCVgoCAmAfIAQmpAkS_tBqXrLE-qAMBqgSaAk_Qus1KkCnCJ44vsJYjK26yLp3q0eV9Qgq8ZSH11-k-H8ewQwAvYqWt26JShbYA1irtmJJNsBOvfNTOY7JNa-8iUbL1lJZDHZBH3VQWcu4gMFOL4bDeaFH-qbhRsNBPOhVE3g79DiRZMP98HIPOmguiYhKRuWfQRZiwbLujggpP72pzxXvZEIw71QYZNSxDs7Vo1NaUSNeJTDLVZvsfmxsUpYDdHVGFaETccKhzO47WftVuLo9dKnkdFTTAnJAFFfNpUz6_PIkpn7xFTuoXR8Kp_tOCfaKhpkz32Ni2VrD9TkoaZFsfgbRWLTGSqzZlqLWylgbHuV-2CfZObnkN9890Xa_Xk_TghKGQDuWKZ9AuFbvsxNojVvAa4cAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM%26sig%3DAOD64_1pMa-q29PYRFWnVkJl-nA8YabCMQ%26client%3Dca-pub-4544951168098232%26dbm_c%3DAKAmf-AuoXjUw0fWuOqyiITtouNlNfbzOgaay7uNutNIz5QzDsm6bQi71GJ4gYXQcUrBNsHcoG7-xPRGBo9_OGc4Nf1BPh24t4ZW3HghL4NvBgQLfJ6JPI4cpmgaja6JrryJsWiAQop2NBgTsWf8-ePMBVDnOreoBflsDOm7l57cOZ97HwMYFuU%26cry%3D1%26dbm_d%3DAKAmf-AyRaPtlVKX6E5LML9w2AzCFxK1HazeZSVt9XJICj_IgCH2b65hSeZLPQ6hGhYqrijQiSjRvhayZU4fKUMcr4saCsxt7jPo_EwyAnbitTC-XwmQ3_a4qDcfqOKTbGPlr3SOV1OiM4eQ8SC__b1Jll4kACCxuqLEzB8jPCHYYB3o3CPF-LCpn7Z7ixGsDhGpr5SooyqiiggMexj9NvFfCypdq4inPDcclBmYb9Y0FjdGlW2sLk1y-WqtK9n2X8wjs_OaYc5od0wCb5lLRXLlpNbF96fa6ETJ61UcyCGc4JMrVIaSvyXhVc6RgtfHJpJGS_5Z9eVgKylNJl9EAauCtHo7UKfqthsV--cbSv838-Oo4EXPSbwqEdkG1I4R342rWTMWGgWx6Lh3-5peK-3qv5PJFs--Karv9Rl0L2-C74rUFidOcWYW1l85Oe9691sM7EwssldMZawYIoxInKFlHlEkKdcEQpnZPusVniTiAAjp3zf1ZTAx49vxnn3TH2HxG0F1BEi1uOUsjUlqK6_xWJTQNBK312y_VliW6ZllKcsxrKHWpio%26adurl%3D&documentReferer=https%3A%2F%2Fwww.labrujula24.com%2F&ancestorOrigins=https%3A%2F%2Fwww.labrujula24.com&random=5810629794267&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 04 Dec 2022 16:25:24 +0100

GET
DATA 200
OK truncated
/ Frame D650 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73c17a8bc1ab83f49d4bb223ba00eaa3c48e52e3695fbf8bcb4b4b0b3bee4389

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 35A8 22 KB
8 KB 13ms
12ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 192594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 10:55:30 GMT
expires: Sat, 02 Dec 2023 10:55:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.de/Members/Helpers/ Frame A677 84 B
1 KB 213ms
168ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01163674
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/js/clever.de.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer: https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7745e5d6390a6945-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 177
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 16:25:24 GMT
ME-Redirect: PQB
Server: cloudflare
Vary: Accept-Encoding

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/1950554/5178170803/1668091603061/ Frame A2B8 76 KB
20 KB 10ms
9ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/index.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ec4d275a51dcae4a76bf245cb95aa3075fa401298186f501908c53784edcb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 71547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 20041
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 20:32:57 GMT
expires: Sun, 04 Dec 2022 20:32:57 GMT
last-modified: Thu, 10 Nov 2022 14:46:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D67E 0
26 B 49ms
48ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFd2yTwMY3uUR2_PuDAvWfKzTLfZ4Yt6wzyFdeF831Glk7AdrntpMLThozRoVs7aWtX6ssb9IamoulvcioMIxmP1F1fKdf8J2s8GBu6vtStkcXUi10Wm3jxhmVQr3kZ7M67pUF9zVm9bvOhymaEXnfw_vdpIJox8KUNHqgp7ptO_kRO-iBPdDz4KT5XBfoCLAa8SlKdvRe_BJrc7XuJ2QZJNcFs_MxTu8DCsxVHBQpYk4Buy8liIJckYL-qi4RYkhphoSgUHL1WF6lC4_cK3MvAjIKCD-pYgRsdmMQlVyUbPvSv_1apQltHlCp-O3mPno&sai=AMfl-YR0_bp3TT3q_z_e-NfdP5c3FhwseZjmvp80eyErJzGY2o7Q2d0PObY7adPgIEQIa3TTPR58W-2JCQ_kRIUEbuLOe8S7ISeMAqYoTMqTwqA2jW5jyvMIVhCcQtQjI8WM2g&sig=Cg0ArKJSzBXfaQ0KduGaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900015.redintelligence.net/ Frame 7B6D
Redirect Chain

https://hal900015.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=4453e684ca&subid=&uid=ac0e815d21938000&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900015.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=4453e684ca&subid=&uid=ac0e815d21938000&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

98ms
84ms

Script
application/x-javascript

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=4453e684ca&subid=&uid=ac0e815d21938000&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjvpx8cmMY6_lGuzG7_UP7qKYyASm5b2gaZWTnKfJD_AuEAEgp5L9fGCVgoCAmAfIAQmpAkS_tBqXrLE-qAMBqgSXAk_QVn9IktF9FT6_QtDtT_mKmVbBpCXI9A31ZZFPDQ9c-G_OHuFJizCqIyXAzKf8MN99YWXQQ8jdTAiisHc-B-SJTtINSQ3_p0vPOnAHeS6APUP1ZNk7YKVOGtcJJdDbQ9oNV44HxAj40J1X499lNS7elr4SpLLiJS01y2r1e-FODsolkG2k_vuNCC6G1RXnUTaH05gcK9h-tl3SIDUzQR6lBNr9sL29uisvG3SeQbl61tKYFMmeXK8Ms30eiiNIvYkcgmHw25gfsB7CB0aMGJ1yA-QeVXgeUaJR0rEa9NEebaPsT-M_DVpHmaUm7LrRqPXchvew3vtxJLR_WDnF8WGF0Aay491HZENOv4eGGMf4kovxZkJhh8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM%26sig%3DAOD64_0b6W5WkdPmLeSRfeRkiZEAVRKxoQ%26client%3Dca-pub-4544951168098232%26dbm_c%3DAKAmf-B_St5cPwIFIN5fIQrQG1xDXlDWMlTjEorW6jnnKP57XrwvjlsfTthHZWdlqcNNIX6wjrajSz0ReqVkrxt_DI8UH-Y9rcdpK6-CaQvoj0Q6pixdKGWjVWQ_jHuGn78ecU5zjlVGM5aeRQFQOeqofqqKPlUQgnhU3skrKdzst59XSR9VvrQ%26cry%3D1%26dbm_d%3DAKAmf-CgCmf96hzvnvtFPZE4uSiaRShxhluLg9ZiCaQ4SCR3Su64eXLYneG5deYX0YudC27Llxbh7xviJz9yE7F17OCWKobgOR2iwaJumf0QJXe_0_OpsyYZqeZeZO_ofkNKyngXlIAL9yLsncDSbhxrUOwpOoSVPvGgc-3DowkqgtrbKhAa_9ocu6JsbRF-Qn2bUjmHs26N-4LxotKWwOGuSZowTJXzwK6sdkqjGewYeuEV0pSh9JttC8Ts5y_HORsCyHG_ZfKdjWvGU0GeZH_n99YgK2j9JTJrRSoAAvNsuWMGZ4iZQgBA17MCQkmMs0wVzZBt4m7vpP8Lqk6HdtG0R1d4vXQBQ9kE8TTXLenjSFcC2wE5IkaRZfzdEjMNWmcn8viTMpeLyro4BITp-Ye6dKq9KQuTpXsrLNE6w3XNtm6wfSgMSTu1yhW5yWUNo604IpCLdnFWy2d0jpiwXGv6QV7cyeFi0FzwdWv3guU2tjqnSuTRrHws8C_cVFFhLFZQHXVtR0VqiiAafRJkltNWKYfCJ5K1MGXxLc9f_hVn8lb0DTtfuwU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.labrujula24.com%2F&ancestorOrigins=https%3A%2F%2Fwww.labrujula24.com&random=6255889720509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.135.164 Bingen am Rhein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3aaf33514ac3c58fb0ef06256ae5eaed1cd6c3bbeeb47c99daa1c90905f93fc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 75104700093626104444990012163015
Connection: close
Content-Length: 1351
Expires: Sun, 04 Dec 2022 16:25:24 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=4453e684ca&subid=&uid=ac0e815d21938000&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjvpx8cmMY6_lGuzG7_UP7qKYyASm5b2gaZWTnKfJD_AuEAEgp5L9fGCVgoCAmAfIAQmpAkS_tBqXrLE-qAMBqgSXAk_QVn9IktF9FT6_QtDtT_mKmVbBpCXI9A31ZZFPDQ9c-G_OHuFJizCqIyXAzKf8MN99YWXQQ8jdTAiisHc-B-SJTtINSQ3_p0vPOnAHeS6APUP1ZNk7YKVOGtcJJdDbQ9oNV44HxAj40J1X499lNS7elr4SpLLiJS01y2r1e-FODsolkG2k_vuNCC6G1RXnUTaH05gcK9h-tl3SIDUzQR6lBNr9sL29uisvG3SeQbl61tKYFMmeXK8Ms30eiiNIvYkcgmHw25gfsB7CB0aMGJ1yA-QeVXgeUaJR0rEa9NEebaPsT-M_DVpHmaUm7LrRqPXchvew3vtxJLR_WDnF8WGF0Aay491HZENOv4eGGMf4kovxZkJhh8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9ntf34ncXYNdp6QPHMitDqDjvzKrZVl3hUPD0wjJYgd7psjsu3Dwzwup9oKHLz5i8pv0gyhU64RgBIBM%26sig%3DAOD64_0b6W5WkdPmLeSRfeRkiZEAVRKxoQ%26client%3Dca-pub-4544951168098232%26dbm_c%3DAKAmf-B_St5cPwIFIN5fIQrQG1xDXlDWMlTjEorW6jnnKP57XrwvjlsfTthHZWdlqcNNIX6wjrajSz0ReqVkrxt_DI8UH-Y9rcdpK6-CaQvoj0Q6pixdKGWjVWQ_jHuGn78ecU5zjlVGM5aeRQFQOeqofqqKPlUQgnhU3skrKdzst59XSR9VvrQ%26cry%3D1%26dbm_d%3DAKAmf-CgCmf96hzvnvtFPZE4uSiaRShxhluLg9ZiCaQ4SCR3Su64eXLYneG5deYX0YudC27Llxbh7xviJz9yE7F17OCWKobgOR2iwaJumf0QJXe_0_OpsyYZqeZeZO_ofkNKyngXlIAL9yLsncDSbhxrUOwpOoSVPvGgc-3DowkqgtrbKhAa_9ocu6JsbRF-Qn2bUjmHs26N-4LxotKWwOGuSZowTJXzwK6sdkqjGewYeuEV0pSh9JttC8Ts5y_HORsCyHG_ZfKdjWvGU0GeZH_n99YgK2j9JTJrRSoAAvNsuWMGZ4iZQgBA17MCQkmMs0wVzZBt4m7vpP8Lqk6HdtG0R1d4vXQBQ9kE8TTXLenjSFcC2wE5IkaRZfzdEjMNWmcn8viTMpeLyro4BITp-Ye6dKq9KQuTpXsrLNE6w3XNtm6wfSgMSTu1yhW5yWUNo604IpCLdnFWy2d0jpiwXGv6QV7cyeFi0FzwdWv3guU2tjqnSuTRrHws8C_cVFFhLFZQHXVtR0VqiiAafRJkltNWKYfCJ5K1MGXxLc9f_hVn8lb0DTtfuwU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.labrujula24.com%2F&ancestorOrigins=https%3A%2F%2Fwww.labrujula24.com&random=6255889720509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 04 Dec 2022 16:25:24 +0100

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 148 KB
23 KB 80ms
79ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a443003189fef795443415e1e6ffa982051411367387ece6313ced1f5a8d56c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 23940
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:24 GMT
expires: Mon, 05 Dec 2022 16:25:24 GMT
last-modified: Mon, 31 Aug 2020 21:00:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 21A9 0
26 B 50ms
49ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyJecKy2jhHKjMv3Dv-HwMmRuWSbq0bb22fWMaDSQqTAOiw2mrlS7LNsbAHEd6UVm_1jk2CKjoU3glcbUpzzIcWcqr3YteT6fyg3voFrFy1VITh-lkm6vKCeKedmrIiMQzylTmYZz_M6VYJqgY74F-ssEVsk7C8NlwEFnPQgdoKK06yn4Z50JUTEaugf167itU6Do0C9evdAaEg7DqSwYhZu_JUsLf2hce8yazrmy15TI-fXNA2ciisSQtaYFf2CNIc7wrICmbsYXuyxa9BI7py5DWKT-9fBA9WXeNG8fxs2rDlS0JpwFPiM1TK2CfI9vasmE&sai=AMfl-YS4VHAgWp0ZQ1XiYMViZfTOKBc5WHWHCBMKHusuoheIQQdhsFZk9JdVLiPmViTj86S-ZRGLLjxE255sMSVYDMwDeh12aWKCA0PJ-A7Q9H_KuOJ_VMDtBVIBYo5M2ghtOw&sig=Cg0ArKJSzKZhYr4z2y9GEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_243.js Show response
s0.2mdn.net/879366/ Frame 47FE 29 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_243.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 21:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10603
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 01:55:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 21:40:23 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 0B71 236 KB
63 KB 85ms
15ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:40:24 GMT

GET
H3 200 DcmEnabler_01_243.js Show response
s0.2mdn.net/879366/ Frame A2B8 29 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_243.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 21:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10603
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 01:55:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 21:40:23 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame D412 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 13:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 13:54:29 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 35A8 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 13:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 13:54:29 GMT

GET
H3 200 tira.png
s0.2mdn.net/dfp/1950554/5093048588/1637154337423/ Frame 47FE 18 KB
18 KB 10ms
9ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/tira.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

346a91d068b03cde508f8e00d1bc1f79e884e0c53e3aaa91db8f16e379d4eede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 23:12:32 GMT
x-content-type-options: nosniff
age: 61972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18684
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 13:05:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 23:12:32 GMT

GET
H3 200 3.png
s0.2mdn.net/dfp/1950554/5093048588/1637154337423/ Frame 47FE 26 KB
26 KB 15ms
14ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/3.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd8d978d21282f99c5f2483125e420849175373ab7bfc24421210d9235b323d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 03:35:31 GMT
x-content-type-options: nosniff
age: 46193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26877
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 13:05:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 03:35:31 GMT

GET
H3 200 2.png
s0.2mdn.net/dfp/1950554/5093048588/1637154337423/ Frame 47FE 27 KB
27 KB 21ms
20ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/2.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec43c737ec58e089e9cf7e4f04f8cbe4353e0a1c7aa98d64a911684faf2909bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 23:12:32 GMT
x-content-type-options: nosniff
age: 61972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27731
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 13:05:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 23:12:32 GMT

GET
H3 200 1.png
s0.2mdn.net/dfp/1950554/5093048588/1637154337423/ Frame 47FE 26 KB
26 KB 18ms
17ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/1.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d51b61eebeacd84c1ef0c381d74d76aea4fccd2736a99d3a5a9f1c69795d28a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 23:12:32 GMT
x-content-type-options: nosniff
age: 61972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26362
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 13:05:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 23:12:32 GMT

GET
H3 200 logo_surland.png
s0.2mdn.net/dfp/1950554/5093048588/1637154337423/ Frame 47FE 9 KB
9 KB 11ms
10ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/logo_surland.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a33d781d880a29e1a110bfc2c3ad799b848a46cafdf8e87f973dc55a64a7948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5093048588/1637154337423/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 23:12:32 GMT
x-content-type-options: nosniff
age: 61972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 13:05:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 23:12:32 GMT

GET
H3 200 DcmEnabler_01_243.js Show response
s0.2mdn.net/879366/ Frame BF8A 29 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_243.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 21:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10603
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 01:55:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 21:40:23 GMT

GET
H3 200 PLACA_4.png
s0.2mdn.net/dfp/1950554/5178170803/1668091603061/ Frame A2B8 28 KB
28 KB 9ms
9ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/PLACA_4.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8461b10de0cfca8daa88a22ff34674893a0a58facdb70edacd6895415b1a5ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 13:58:19 GMT
x-content-type-options: nosniff
age: 8825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28673
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 14:46:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 13:58:19 GMT

GET
H3 200 PLACA_3.png
s0.2mdn.net/dfp/1950554/5178170803/1668091603061/ Frame A2B8 25 KB
25 KB 10ms
9ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/PLACA_3.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b7f2d4878b7f6f454c989d2bd18e80caab06b54f1d24f0753a7261ae8567eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:34:29 GMT
x-content-type-options: nosniff
age: 42655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25850
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 14:46:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 04:34:29 GMT

GET
H3 200 PLACA_2.png
s0.2mdn.net/dfp/1950554/5178170803/1668091603061/ Frame A2B8 19 KB
19 KB 12ms
11ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/PLACA_2.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

370260a1859b491f42c6340ea6cc58486eac8889b9a8ebaf78c15236fd640a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:34:29 GMT
x-content-type-options: nosniff
age: 42655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 14:46:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 04:34:29 GMT

GET
H3 200 PLACA_1.png
s0.2mdn.net/dfp/1950554/5178170803/1668091603061/ Frame A2B8 56 KB
56 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/PLACA_1.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0645e9a26c93b4356b8bab4118e44c7a23607ee02fc98b5059faa80292ea8b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5178170803/1668091603061/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:34:29 GMT
x-content-type-options: nosniff
age: 42655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57516
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 14:46:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 04:34:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7CC6 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnTfDW5mGIozOGrls-1NDbhzb7UIv1L70m3BpicbblGexVfiicYoPhRgpVAKqf7J0Xn7h30Cg2jexMmzRbqhHtdHz9CP0vLpzQdSvnOxFiB7hoeCoKGnsU2TgTHwQetGlf_C-JXkX4DOqJsr4C5QBs1gVHFZ89a-QHtSVDv1sm2aNn1jG5GH-M4tBnj9Y8mj5OCn_5p9Gh7aWuxpSKq3QsszOBjX_TVkXGRo472a57UejgrtMJSfPa0TBWQ8A_ewQp_f6BIFcEdWWGgLADLBqvkoXrFqzWux85nZ90ZGohzot3m1nNqwmjh260Xogil7_WPeojgA&sai=AMfl-YRPZDAxhktpruaBYzkEzk9hTV8AyJFRuYZshLz_3_y58e_HiOzJpZGkIdNTAW3PDb0A0Xf5renLClnuXPOOVnU-yKxNrZga-7uyLh_k2Jgn3anKdAVJusGcZJBvt28aUQ&sig=Cg0ArKJSzGQs7um_hiM5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D67E 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5nzHfGVDjoOdsJ78J_YC_xqdAcQg4ESg2qj9ILsF6aolZc-IW85ElYB2nahWZN06lT918raa9UG9BisooXzkZx3XP6M9jbBwUCYDJmDbAjIJ_Nv67k8P3983hyWehqpbdBGc9gYqCCr-O9U16xFpYxy4aLv_J5fKDYGK-eTrzpKFe8bqY1IU93IXc-p_hUpYF5PHo-WqQv916FXfbYqlkzOuCAGCc3mQJ7Uyct9JWl8ULd4z0s45Rq1ELZ4UkF3OYAELXllMF553njtbp1XG2hKZObVjqJNIvh6goghTPm7zhj_0ES-7oxZI0cMePCmQLvg&sai=AMfl-YQt1FTS-gE3QgVVh4yjScL7nibJ58P_jOlP9XYSoWRH-_7lKXNiyJ5ajBFS62T71i-InD0BIAujx-9xJ1sSxESMV8fh0NzX43KlbvCus4luISzZxwkW-uJmr6IdPP2zBQ&sig=Cg0ArKJSzDfNwOlJcBNgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:24 GMT

GET
H3 200 banner1.jpg
s0.2mdn.net/dfp/1950554/5048003917/1651682367598/ Frame 0B71 55 KB
55 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/banner1.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d1f662fffdff87adebe974d191787f67330e85b0195ea17ae579b225a33bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 15:54:36 GMT
x-content-type-options: nosniff
age: 1848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56426
x-xss-protection: 0
last-modified: Wed, 04 May 2022 16:39:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 15:54:36 GMT

GET
H3 200 banner2.jpg
s0.2mdn.net/dfp/1950554/5048003917/1651682367598/ Frame 0B71 85 KB
85 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/banner2.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff497dadf51b214f1453dfd8c44821e83cbf9cf67c3c4a073f53393adeb602a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 15:54:38 GMT
x-content-type-options: nosniff
age: 1846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87274
x-xss-protection: 0
last-modified: Wed, 04 May 2022 16:39:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 15:54:38 GMT

GET
H3 200 marco__1_.png
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 382 B
406 B 9ms
8ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/marco__1_.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80786622b6b1e3dc6434fa76fe99c1ca6f6829ee9220a970d1f09a8745c21527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 382
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 HORARII_CORRIDO_2.png
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 11 KB
11 KB 15ms
12ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/HORARII_CORRIDO_2.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

852a87733fc394f64bdb72130138f0dba946e346f9369cf1d67d3fd32b780540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11086
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 REDES.jpg
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 2 KB
2 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/REDES.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82557ddb638e3b2b827da40ff62ccddc6911c107f06929997800b7fad64b0a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2397
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 ENVIOS_GRATIS.jpg
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 12 KB
12 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ENVIOS_GRATIS.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87ecdc754328736bdf8c2db0703fd31598204d84e9df5f6d7755beecc9b9b457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11777
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 DATOS_corregido.jpg
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 7 KB
7 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/DATOS_corregido.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a8cce8f6baaf0ab55b6081a02cb32c0ab08088ab028d5c551794e4f33d3e7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7229
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 ESTAMOS_ENTREGANDO.jpg
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 5 KB
5 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ESTAMOS_ENTREGANDO.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

107aea484294fcf7910b357a47de12133f4559d6e67c19aba8821c66c06528de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4889
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 TIRA_DE_IMAGENES.jpg
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 29 KB
29 KB 19ms
17ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/TIRA_DE_IMAGENES.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9b28402ee51f0bfcf086c317bc6df8bfb5449d0af4adde98e386065014bfb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30163
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 PILETAS_tiny.png
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 3 KB
4 KB 18ms
16ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/PILETAS_tiny.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ec21628a4087c564348213f68f4c7dea33cbfdd549c505cfc3b3b336d3050a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3582
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 DISTRIBUI_tiny.png
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 2 KB
2 KB 17ms
16ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/DISTRIBUI_tiny.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6a1f96aed7dd32cc2b539e667c43ee9a431ce36fccfd260f305d1759e41a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2114
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 FONDO_BACHA.jpg
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 13 KB
13 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/FONDO_BACHA.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6d6ac5b6f37dbb26665c216a38ded1a92a40b3d08ae00a6006bd1204d410b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13063
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 MAT_ELEC_ILUMI.jpg
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 4 KB
4 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/MAT_ELEC_ILUMI.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c50a227a18766e318bdfc89b128ffb96427c25aa5942c39e90cc24c3b21ea231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3672
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H3 200 tucat_sin_fondo_celeste_y_naranja_72__1_.png
s0.2mdn.net/dfp/1950554/4878102656/1598907652484/ Frame BF8A 3 KB
3 KB 16ms
15ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/tucat_sin_fondo_celeste_y_naranja_72__1_.png

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743110f608a92a41b2d2544ba3de156fd4dba2e7c0e5bed1220df8e9c41aa3a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/4878102656/1598907652484/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:53:26 GMT
x-content-type-options: nosniff
age: 48718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3016
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:00:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 02:53:26 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame B950
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=51270700093060604444554012163022&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=51270700093060604444554012163022&actionid=981741&produktid=&dt_url=

0
199 B

58ms
22ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=51270700093060604444554012163022&actionid=981741&produktid=&dt_url=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 16:25:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 04 Dec 2022 05:25:24 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Sun, 04 Dec 2022 16:25:24 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=51270700093060604444554012163022&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 515F0527:A066_91EFC182:01BB_638CC9F4_3C8D3D7:4678

GET
H2 200 / Show response
adv.office-partner.de/ Frame C542 930 B
931 B 203ms
46ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 04 Dec 2022 16:25:24 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 11 Dec 2022 16:25:24 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame AEBE 2 KB
2 KB 167ms
73ms Script
text/html 13.41.118.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=51270700093060604444554012163022&nw=1
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.118.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-118-175.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 2e030c6d70f22c3fe0bd59bad1b7d4522eeecd3e5b4dd1ed969023c6d4191286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
last-modified: Sun, 04 Dec 2022 16:25:24 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 04 Dec 2022 16:26:24 GMT

GET
H3

200

activityi;dc_pre=CLn44KSw4PsCFcx-wQodJVUOHQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075 Show response
5994599.fls.doubleclick.net/ Frame 74FA
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLn44KSw4PsCFcx-wQodJVUOHQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075?

392 B
242 B

139ms
116ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLn44KSw4PsCFcx-wQodJVUOHQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075?

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

2e3ceef15769b76cc9cabf69855237dcc81dc9fa2e3a6c7962e04ab54f79bc49

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 219
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:24 GMT
expires: Sun, 04 Dec 2022 16:25:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLn44KSw4PsCFcx-wQodJVUOHQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900022.redintelligence.net/ Frame 1689 7 KB
2 KB 20ms
7ms Document
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request_content.php?s=51270700093060604444554012163022&a=f9b77028
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 0fa96b0fa6b885d8f219b63b4966aacb0c7387d2609489badbd79471e417c744

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2007
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 16:25:24 GMT
Expires: Sun, 04 Dec 2022 16:25:24 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame AEBE
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=51270700093060604444554012163022
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=51270700093060604444554012163022
https://ad-server.eu/wm/pb/native.png

68 B
312 B

165ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:28:47 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 515F0527:A066_91EFC182:01BB_638CC9F4_3C8D3E1:4678
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AEBE 43 B
702 B 98ms
63ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=51270700093060604444554012163022&pv=1

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E934 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 10:44:06 GMT
etag: 48472445140208031
expires: Mon, 05 Dec 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AEBE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0ba1231feb24671084d29459a4cbcfe8003eccdee6e680bf1bfba2bc983b67e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 banner3.jpg
s0.2mdn.net/dfp/1950554/5048003917/1651682367598/ Frame 0B71 64 KB
64 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/banner3.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e115eaa319b4e0bdb4ace08e4b53e27b498dbac129447bc6b49bec834769bab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 15:54:41 GMT
x-content-type-options: nosniff
age: 1843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65833
x-xss-protection: 0
last-modified: Wed, 04 May 2022 16:39:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 15:54:41 GMT

POST
H2 200 stats Show response
gw.geoedge.be/api/ Frame 090E 0
95 B 97ms
96ms XHR
text/plain 54.85.147.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/stats
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.147.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-147-115.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:24 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 090E 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2P923XRrFO-ExcyRf7TBUKGn8dAHtrA_ZPDZD7PuLPHdj1EoOpRILTrfk1bnlRvu8YNelGx5ncO_VrA20BQy4Z9di58lWtNfLzOTNuddfglMziAQZAAZN6DHh2AUiqZzaxPEkLA9qEkc6NL-NBuxryD06HZnQWk8463eOMy2e6WIeAWXDrKX4Q2qsBJBObQVOni0hEYVqbMgRUd5hofGfYLvcu4LBluqHS9chCVjZy9aDCdBsPnBFuBYLQhX2hED9pmDYljcHJTVar5nd65Ut_rScfsnpTTITr_iLFH5Udekl-iiQI68hX4Ff9GbDrVgz9CPvSA&sai=AMfl-YRNnSRXJYg6jkgOdo52uz_5_Y21R73WjdaV7lWzcDrnmOqEJRLdhwtSLoy_Dw1mTmiuU7Kyz-nfXr1zr2bDRy9KXs02ZwMlgaz2sq4rX-r5ZY87tlOI1V7eACPq-2LiCg&sig=Cg0ArKJSzOVdkCUkYbM3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:24 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1689 4 KB
651 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=51270700093060604444554012163022&a=f9b77028

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Dec 2022 16:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 14:57:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Dec 2022 16:25:24 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1689 16 KB
16 KB 28ms
9ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=51270700093060604444554012163022&a=f9b77028
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Baden-Baden, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 0581bb65dad4cd48ad9940fe615279c488bc11ceb4a22b33b24b892e6b036d5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16269
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1689 16 KB
16 KB 26ms
10ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=51270700093060604444554012163022&a=f9b77028
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Baden-Baden, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 0082652799ea3fa2c52ab3f0fe29d161877e470272bf63d95b3293fb41d50cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16548
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1689 11 KB
11 KB 27ms
8ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=51270700093060604444554012163022&a=f9b77028
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Baden-Baden, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 3265fc3daab40786bd1e99425f3695412cc61d13cc077ccd3ee3e99519fa0027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10956
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 21A9 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIQeQ9A0bwgnn24ndHzNEkUiTpo-RiCX1VV4eYiYfQPZLLT1NlUXRM-7PFhWcihjcMoCgXDZtzYfky0U577BXEGIVBAqIPurIolJIGmIdTUNLhieqv_BgFj91rLB7fouS6PP6H9RhAAUMdTs1gdrAcU0v2fvW5eUFvdFwOgXVUarZKFSQbUHYHn7VslsQIGtaalSvnb4FVidA4gSonkHIophhITCSEg2LDaYDTRPLGz9zVqfrLomySd-hmj3KbaWGdwI7SciK4dU97kViHAx730jl308YUW39o-lWJizqoWSdWK8fHkuInOZsysx5UX2iPzaI6ug&sai=AMfl-YSEeb6H5lkHr0VxKoV5PdDipjdqWmCH1O38IhC4h_mIedlkpouJrk_UN-vvyITEviyQqs_qFsnvSKHmxCPmMphgfKiNja-CqIWDvzqTFwa08z2hxFks5iK-P6eXviJ_ig&sig=Cg0ArKJSzFIj3aNAFqd9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Dec 2022 16:25:24 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D412 0
20 B 162ms
162ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BT8tw88mMY4bzK5H13wOFkKLADwAAAAA4AeAEAg&bg=!iIuli8_NAAbvMpMzzzI7ACkAdvg8WlF42tf_PyK12vvFwVR4qgbjkAMCBtW7BehlRs0gInCNDM08AwIAAADGUgAAAAJoAQeZAvGEC6Ewgn8FcghMMc4BRdzdeVGmpNrBAc92CCvB8IkCh1znKbKJop_nuLAwA8G-9rCQ96_Z5q_6Iej6DLdmOPtM8tmx8f8m7xYEY3iSmhciQ2J1EOe1niIVM1oR9TI1qiQ4JGoPwfaTaZ_hRYGy8pW19Ncx3vOyCDoH16gcSGzLgQBWJ3gbnodaeTulQLGcSfqaqaXhS-27cyMtOeNd3zaENnFXawHVwV3Ssu_v9Tycucn4TayLJl_oowysk2TDDFJXS3y9poPxyG5yk0YZq2vlnR8QQn9y1ccLqHyPJHJ9ptE1eyR9TQmswwrEGIpav6LxwE-5akuR0KBfXj_NqVAvLSXUrq1gYifHXv2vuvKE0fHbuzGZqFCuzmiUDdmcxxJCjhQbDNsovOAEuY-ihJlLoFl3zGv_UrDth9Akbft5LaAZSHom4lHWKRVafdeQ_anCKRXEa6_WzZ6Z9548amBw47Jx_vGYe36G6KQFEaewzh4bLpJ1RUL95ieTjiMMlcFYPZU23YaEqKSHkBbouNq08HXFVz-cs69wf40WC99KmyNSw1Ezsz4G0icHNEyEWWP4fYVXTppRQ6lNEJlLBE2BItMGM5fodEvOQ5rrOYQskmcKgKevE9nyzxu0bK_WXwrXifTvSZB8blTZe4c2Vzp1LfAhZgmoc4MmNEo8UhWGOIYL_JOk-zm04oaXXey0a_dw-FkGReoQrHQVzYt2GQJ0LWZL-qw8lCIdo2pyzRyxVpkxc1FUVJBOMSVrKf3soTCzsbXtpCSxJkNOGc2cs5vv9glK3WGBft8mnBXVdfYUAhj6636F4lyP7zCx2Gfdb8HwFFrm18Em6h4_N1xa8jfQZyw478Y3KBz-kiSWC_Cn1xmqdc5UWigsWeK8TANNDIQ5ZG5Y2oT892QYf2px-TXaplj3-bC4BbVPCNH4r-FCFP94kQb0albTIF53DpX_HTP6niF4JDBY8A7W-AFo2nPptuFVhtQjY6Iqud9M0-SwXBI

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 banner4.jpg
s0.2mdn.net/dfp/1950554/5048003917/1651682367598/ Frame 0B71 47 KB
47 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/banner4.jpg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

690a10bf11bbd061a6b52003504f7f2f90d2fc1e034a90813ccffd3580e90b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/1950554/5048003917/1651682367598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 15:54:44 GMT
x-content-type-options: nosniff
age: 1840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47715
x-xss-protection: 0
last-modified: Wed, 04 May 2022 16:39:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 15:54:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E934
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGZlZRaDwKBYDzQZz12ao7w&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGZlZRaDwKBYDzQZz12ao7w&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SlNIOHJCdWkxUDFSTlc1&google_gid=CAESEGZlZRaDwKBYDzQZz12ao7w&google_cver=1&google_push=ASkJ3FYZYhpWS1e8A6MXhXrrGGLtQ2u-xF4EKQmO05p1zYS...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SlNIOHJCdWkxUDFSTlc1&google_gid=CAESEGZlZRaDwKBYDzQZz12ao7w&google_cver=1&google_push=ASkJ3FYZYhpWS1e8A6MXhXrrGGLtQ2u-xF4EKQmO05p1zYSFQ-_9UdwarTqaTU21Lfh7JkO16EClQ8p8tJyTRuZCW_tkFah8iw

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:23 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-00370ec4fddf661ef@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SlNIOHJCdWkxUDFSTlc1&google_gid=CAESEGZlZRaDwKBYDzQZz12ao7w&google_cver=1&google_push=ASkJ3FYZYhpWS1e8A6MXhXrrGGLtQ2u-xF4EKQmO05p1zYSFQ-_9UdwarTqaTU21Lfh7JkO16EClQ8p8tJyTRuZCW_tkFah8iw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E934
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEA8F8bydos-VkYB8awpw5ms&google_cver=1&google_push=ASkJ3Fb_cIZimWiq7G7q-FHB6XvlQ27bzeLoF6eIgVLOh1n_HCsCPZCWl1p8ZwvAWAS_jOVBHe4HVRFeoLug9jlxIeL8QXMDVpE&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA8F8bydos-VkYB8awpw5ms&google_cver=1&google_push=ASkJ3Fb_cIZimWiq7G7q-FHB6XvlQ27bzeLoF6eIgVLOh1n_HCsCPZCWl1p8ZwvAWAS_jOVBHe4HVRFeoLug9jlxIeL8QXMDVpE...

43 B
448 B

201ms
181ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA8F8bydos-VkYB8awpw5ms&google_cver=1&google_push=ASkJ3Fb_cIZimWiq7G7q-FHB6XvlQ27bzeLoF6eIgVLOh1n_HCsCPZCWl1p8ZwvAWAS_jOVBHe4HVRFeoLug9jlxIeL8QXMDVpE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb_cIZimWiq7G7q-FHB6XvlQ27bzeLoF6eIgVLOh1n_HCsCPZCWl1p8ZwvAWAS_jOVBHe4HVRFeoLug9jlxIeL8QXMDVpE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:25 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7745e5db0c819226-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3120
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA8F8bydos-VkYB8awpw5ms&google_cver=1&google_push=ASkJ3Fb_cIZimWiq7G7q-FHB6XvlQ27bzeLoF6eIgVLOh1n_HCsCPZCWl1p8ZwvAWAS_jOVBHe4HVRFeoLug9jlxIeL8QXMDVpE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb_cIZimWiq7G7q-FHB6XvlQ27bzeLoF6eIgVLOh1n_HCsCPZCWl1p8ZwvAWAS_jOVBHe4HVRFeoLug9jlxIeL8QXMDVpE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7745e5d9a9e69226-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E934
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECNMHdyMs1CxiJqUtcvotNk&google_push=ASkJ3FYXxmoH_yJ2pspHkkDXKr4AZpiwUCiLFScQHEomUSEowJyZvW9l2y...

170 B
188 B

20ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECNMHdyMs1CxiJqUtcvotNk&google_push=ASkJ3FYXxmoH_yJ2pspHkkDXKr4AZpiwUCiLFScQHEomUSEowJyZvW9l2yzpr46lz8Kzi2kIC6jqzudLjjq1HCIRctgr4_vHohY

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn4033-HHN
pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1670171125.573913,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECNMHdyMs1CxiJqUtcvotNk&google_push=ASkJ3FYXxmoH_yJ2pspHkkDXKr4AZpiwUCiLFScQHEomUSEowJyZvW9l2yzpr46lz8Kzi2kIC6jqzudLjjq1HCIRctgr4_vHohY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E934
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEAqhCRRw1U58IAbuGMyRjEA&google_cver=1&google_push=ASkJ3FY2uSzTQ8pHDBgj-aZ6ml8-kC2l_sE5UCpJrxoLtCXClc73Kv2dHHmR1UBb1RgYHp2yw9NXbuUFuUwhqGeZlGLzXdo...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAqhCRRw1U58IAbuGMyRjEA&google_cver=1&google_push=ASkJ3FY2uSzTQ8pHDBgj-aZ6ml8-kC2l_sE5UCpJrxoLtCXClc73Kv2dHHmR1UBb1RgYHp2yw9NXbuUFuUwhqGeZlGLzX...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FY2uSzTQ8pHDBgj-aZ6ml8-kC2l_sE5UCpJrxoLtCXClc73Kv2dHHmR1UBb1RgYHp2yw9NXbuUFuUwhqGeZlGLzXdoYuPg

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FY2uSzTQ8pHDBgj-aZ6ml8-kC2l_sE5UCpJrxoLtCXClc73Kv2dHHmR1UBb1RgYHp2yw9NXbuUFuUwhqGeZlGLzXdoYuPg

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FY2uSzTQ8pHDBgj-aZ6ml8-kC2l_sE5UCpJrxoLtCXClc73Kv2dHHmR1UBb1RgYHp2yw9NXbuUFuUwhqGeZlGLzXdoYuPg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E934
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDCsBzC3pB3xlv3RmlLFicA&google_cver=1&google_push=ASkJ3FaV--Si-xP6PRLb1YOBAFgEPJxhiofzYCAefQkn134DrcSn_esV8MrzuNZFaYY2XdcAvhrFQDO8...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDCsBzC3pB3xlv3RmlLFicA&google_cver=1&google_push=ASkJ3FaV--Si-xP6PRLb1YOBAFgEPJxhiofzYCAefQkn134DrcSn_esV8MrzuNZFaYY2XdcAvhr...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI3NDk5NTgzMjIyNDA3MTI5NQ&google_push=ASkJ3FaV--Si-xP6PRLb1YOBAFgEPJxhiofzYCAefQkn134DrcSn_esV8MrzuNZFaYY2XdcAvhrFQD...

170 B
188 B

21ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI3NDk5NTgzMjIyNDA3MTI5NQ&google_push=ASkJ3FaV--Si-xP6PRLb1YOBAFgEPJxhiofzYCAefQkn134DrcSn_esV8MrzuNZFaYY2XdcAvhrFQDO8dWA-KfEI-aG9MrLZAzw

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI3NDk5NTgzMjIyNDA3MTI5NQ&google_push=ASkJ3FaV--Si-xP6PRLb1YOBAFgEPJxhiofzYCAefQkn134DrcSn_esV8MrzuNZFaYY2XdcAvhrFQDO8dWA-KfEI-aG9MrLZAzw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E934
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFbGz3GaKx2EkLOqrh_zMDM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFbGz3GaKx2EkLOqrh_zMDM&google_hm=Y4zJ8_BRLT7Djnrl7SL-ugAAFCYAAAIB&google_nid=index&google_push=ASkJ3FYRcIgHq3qs6AfDNlVbJX0LSzveQVUXL...

170 B
188 B

22ms
22ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFbGz3GaKx2EkLOqrh_zMDM&google_hm=Y4zJ8_BRLT7Djnrl7SL-ugAAFCYAAAIB&google_nid=index&google_push=ASkJ3FYRcIgHq3qs6AfDNlVbJX0LSzveQVUXL3glXXdiKr-jukRSvqylrDdhiD8I9gQg6Ks24VVxcRaKsidTk2UCjaLHvAcXJns

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mx3WSLiOKBmlLc7ouFDad9sXy2HSbkpszlShsQKF0v64G9794nPOtkhm2dh%2Fep%2BVo0PHqG5N2q4MUHyuJYUvaGzDTuoJInPU%2BmFUQb7U5%2B0AmRwW3b5oCEw7qnULV9N9oWigM7Qz8LeP0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFbGz3GaKx2EkLOqrh_zMDM&google_hm=Y4zJ8_BRLT7Djnrl7SL-ugAAFCYAAAIB&google_nid=index&google_push=ASkJ3FYRcIgHq3qs6AfDNlVbJX0LSzveQVUXL3glXXdiKr-jukRSvqylrDdhiD8I9gQg6Ks24VVxcRaKsidTk2UCjaLHvAcXJns
cache-control: no-cache
cf-ray: 7745e5d85983163e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame E934 0
45 B 151ms
25ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEA4ygWD9Qq_uuA67kTJ5jpU&google_cver=1&google_push=ASkJ3FbXZ7GC3yGuvulPkLLcfPowTuDMFXLdLnR0HEM7P4De-5WOJr4slwxLdzfVrarMwRC1WjpnDzK2IyZAN4ekuYbtvcqV3_0
Requested by: Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E934 0
12 B 20ms
18ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L78nnE4MPvvWr3zhFVDzlTx89dzfks1OFfjDBZNhU2WKyN7z6_vx4bFd5TpnJFIPyfw-P0

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35A8 0
20 B 161ms
160ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNiCx88mMY-P9Lf2GjuwPiKaIiAkAAAAAOAHgBAI&bg=!5-Sl5KDNAAbvMpMzzzI7ACkAdvg8WvqdJl0kMh5PU0P1f7_WXicQmKFsDZ9apADY8zrIXwQVRoQGnwIAAADTUgAAAAJoAQeZAu3HuA5R62XU3iRzW0ltAUqHEKXOdRh_mdXCM7PUrNMLUe1ukvia-kmHBCL9ejGwCtsHpKUUfLfGBSp9J0TKuXM2ulN5LDE8Y2X2P_ZP9lPaj7J8kuolY-xton1OugIvnz_qHRv--w-A4XBUyGWgvs48OYDxQfqXLRCJXiVuSu9ZPnuZo_SEGNYqQvK1a-PDh6IyQ5bgW9r_fLUhEDhfJWy6thKHonrYcX-TAZ4b6jkAxU7K77Snffg5MdmP0af8taYYOti5bhBMPHB11erXCY8ne7-KjenNh3e6bNxaMwok-FVilM6g3U8ZMfpmoepp4UZT-Dy8lAZ7fva-5K5-gzPaX3_5a7s9ydbI7ZJ0FOXYzIcYLO-r0SznEck7_RCVL9lA0iphPEOKW4CTeyOzraOlAlilwy1P1rKDdrZkY2Y71oQG29NxHQ3Rclmhiaap3iVyR1sZbgbDUidB4WFjUymMyHMQi9Ox7sE156IwDD_0F7LhqRfAikceUTGqnhCloeQkRgEBzZRcr0f8ffZ3646dGq0BvXN7PD8Smf3UVkWxgR5heoKManKbL4W-34NxNWwABk_1YY_38HPoAaaGtGC3ebQhN0zSwJanDw7Mq8V9OOMUohWsbtcGYq7Qg9Cgcx__jdRmEuxB4jDwrPbKXOr9Lln1KbqMC8P1lluczv_BSmMPJqZUVKmznvmYNPFGetZyA8_aShBeZy-sEh_43SZapcmZBu2WOHn0kCxyM_PcwgdnivUdG0soX_7JYWcKv7goYGAFUlPALxdfJWEExc6lWRAHAZQI-78hvv7w5wilN4kXzjfJHw-d084Vw-omhO4P1IChJISsjtdDdoo2Xncz2Ntbc4wdgj2PB0DgSTC8hi5DD2ccGrgYBTNUN1M_YjmAUAoUT2EBZgE7pkAGaUfABd6nkQmdEGKDLNL5czJov7hKNwjqP9YGlN7h11vLzGKrXVFAbDhXs9YGXdvyhTTNFs68QsYuA6g5mKAVkQ

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame 1689 0
150 B 28ms
12ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=51270700093060604444554012163022&a=408d80bb&vb=m
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=51270700093060604444554012163022&a=f9b77028
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=51270700093060604444554012163022&a=f9b77028
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1689 13 KB
13 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 09:39:30 GMT
x-content-type-options: nosniff
age: 110754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:39:30 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1689 13 KB
13 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 17:43:57 GMT
x-content-type-options: nosniff
age: 513687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 17:43:57 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 27ms
25ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1784
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7745e5d8292f5bf1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 16:25:24 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 8940
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=75104700093626104444990012163015&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75104700093626104444990012163015&actionid=981741&produktid=&dt_url=

0
627 B

16ms
15ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75104700093626104444990012163015&actionid=981741&produktid=&dt_url=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 16:25:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 04 Dec 2022 05:25:24 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Sun, 04 Dec 2022 16:25:24 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75104700093626104444990012163015&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 515F0527:A084_91EFC182:01BB_638CC9F4_EF873D2:491C

GET
H2 200 / Show response
adv.office-partner.de/ Frame 1E2B 930 B
930 B 64ms
46ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 04 Dec 2022 16:25:24 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 11 Dec 2022 16:25:24 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 9F9D 43 B
703 B 78ms
77ms Document
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2329635&v=16160&q=356171&r=296283&pref1=75104700093626104444990012163015&pv=1

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Dec 2022 16:25:24 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7B6D 2 KB
2 KB 68ms
68ms Script
text/html 13.41.118.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=75104700093626104444990012163015&nw=1
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.118.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-118-175.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 375e7cd4e35d00549a589806cd9d4e55c6fe765b84a7b63d69de4433b88b959c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
last-modified: Sun, 04 Dec 2022 16:25:24 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 04 Dec 2022 16:26:24 GMT

GET
H3

200

activityi;dc_pre=COPB46Sw4PsCFU-CywEdB70NYA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732 Show response
5994599.fls.doubleclick.net/ Frame 25CA
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732?
https://5994599.fls.doubleclick.net/activityi;dc_pre=COPB46Sw4PsCFU-CywEdB70NYA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732?

391 B
238 B

120ms
118ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=COPB46Sw4PsCFU-CywEdB70NYA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732?

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

979f3e8af3004db2b9cde330958be0477e06fb4dbec09417e583b747a9514288

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:24 GMT
expires: Sun, 04 Dec 2022 16:25:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=COPB46Sw4PsCFU-CywEdB70NYA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900015.redintelligence.net/ Frame 61C2 7 KB
3 KB 20ms
7ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request_content.php?s=75104700093626104444990012163015&a=fb64a097
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 Bingen am Rhein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ed1668cac7cde6e1de711599c9004aa020d10765deb1468d811dcb305dd4a399

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2213
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 16:25:24 GMT
Expires: Sun, 04 Dec 2022 16:25:24 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 7B6D
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75104700093626104444990012163015
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75104700093626104444990012163015
https://ad-server.eu/wm/pb/native.png

68 B
312 B

138ms
27ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:28:47 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 515F0527:A092_91EFC182:01BB_638CC9F4_3C8655D:4673
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7B6D 43 B
702 B 81ms
65ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=75104700093626104444990012163015&pv=1

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6A27 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 10:44:06 GMT
etag: 48472445140208031
expires: Mon, 05 Dec 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7B6D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04027318e0f91b5843c40a9439fce0d0176bece4977779fe950c56135f91cf11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 61C2 4 KB
651 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=75104700093626104444990012163015&a=fb64a097

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Dec 2022 16:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 14:33:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Dec 2022 16:25:24 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 61C2 66 KB
66 KB 25ms
8ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=75104700093626104444990012163015&a=fb64a097
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Baden-Baden, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 2ada7d3e2c53fb3c36229e238bac259320f2352480441f7ddf7f5f7302d0250a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 61C2 57 KB
57 KB 26ms
10ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=75104700093626104444990012163015&a=fb64a097
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Baden-Baden, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 5fe8a66503018e8da17e7edd6a206c996857eb870b6db0729a1ec89b45813a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 57940
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 61C2 37 KB
37 KB 25ms
10ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=75104700093626104444990012163015&a=fb64a097
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Baden-Baden, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: cfe1a912214063de2242d4fbf667b90179dabe5975791c4eb9eb7be715ff3c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 37469
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 61C2 49 KB
49 KB 24ms
9ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/49107/creativesup/forever_young_strunz_reachgroup_1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=75104700093626104444990012163015&a=fb64a097
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Baden-Baden, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 2d3a1095a45c0880ba0ffc43b3fa7575c99f5408bfe65607a82565c86463dcaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 49934
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6A27 0
191 B 100ms
22ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBhjneYGia8cPVJ3o1YS5eU&google_cver=1&google_push=ASkJ3FYWH_1vQKOzmBruuzQ16A1N4jDdUiV0ub3airoY3FS7mkOqL6lIMr4--aY14U3UvVkVVDowlIBIIgNb33IsgHq6AWNDjiks
Requested by: Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A27
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPYDQ8vrdBw6IbnyhMjYNrM&google_cver=1&google_push=ASkJ3FbTldo37E_5HxngSehwOq6iRk0roGYfCN6peKOXxwU7Ws1YimJxFjiUJrQ-B76lodOnHvsy0olzGVT...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbTldo37E_5HxngSehwOq6iRk0roGYfCN6peKOXxwU7Ws1YimJxFjiUJrQ-B76lodOnHvsy0olzGVTqEPHz7dWiAfu-KFfU&google_hm=7zgh4FAJSo6jnVjFNvRUdSc

170 B
188 B

19ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbTldo37E_5HxngSehwOq6iRk0roGYfCN6peKOXxwU7Ws1YimJxFjiUJrQ-B76lodOnHvsy0olzGVTqEPHz7dWiAfu-KFfU&google_hm=7zgh4FAJSo6jnVjFNvRUdSc

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbTldo37E_5HxngSehwOq6iRk0roGYfCN6peKOXxwU7Ws1YimJxFjiUJrQ-B76lodOnHvsy0olzGVTqEPHz7dWiAfu-KFfU&google_hm=7zgh4FAJSo6jnVjFNvRUdSc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A27
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBW5O5DG2_BYUyIx-WNMuAg&google_cver=1&google_push=ASkJ3FbKKtM0nDlrgxUp0czJzgtVqmgvpF0EV7NupYwgY4nuK4K7sQOrfeZW0Jhhwm6zu-I5TPnQUEvtO9ylnV...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MzMzMDM1NjMyODcyNDYyOQ%3D%3D&google_push=ASkJ3FbKKtM0nDlrgxUp0czJzgtVqmgvpF0EV7NupYwgY4nuK4K7sQOrfeZW0Jhhwm6zu-I5TPnQUEvtO9ylnVFHUx...

170 B
188 B

21ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MzMzMDM1NjMyODcyNDYyOQ%3D%3D&google_push=ASkJ3FbKKtM0nDlrgxUp0czJzgtVqmgvpF0EV7NupYwgY4nuK4K7sQOrfeZW0Jhhwm6zu-I5TPnQUEvtO9ylnVFHUxl1etx0iQA

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MzMzMDM1NjMyODcyNDYyOQ%3D%3D&google_push=ASkJ3FbKKtM0nDlrgxUp0czJzgtVqmgvpF0EV7NupYwgY4nuK4K7sQOrfeZW0Jhhwm6zu-I5TPnQUEvtO9ylnVFHUxl1etx0iQA
Date: Sun, 04 Dec 2022 16:25:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A27
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEGEG2Xil3zeM_6JHD91FFms&google_cver=1&google_push=ASkJ3FamaFbAFm8VBiuOkH8l00MHjoI6C5xj8HRhNzioWoFtdZcPUe6GP5uP-i9Msl2EoQrIYg11rJOEv7K6WcL6yz4_3W...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGEG2Xil3zeM_6JHD91FFms&google_cver=1&google_push=ASkJ3FamaFbAFm8VBiuOkH8l00MHjoI6C5xj8HRhNzioWoFtdZcPUe6GP5uP-i9Msl2EoQrIYg11rJOEv7K6WcL6...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=zgKyjrIuQeKhzpkIpvld-A&google_push=ASkJ3FamaFbAFm8VBiuOkH8l00MHjoI6C5xj8HRhNzioWoFtdZcPUe6GP5uP-i9Msl2EoQrIYg11rJOEv7K6WcL...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=zgKyjrIuQeKhzpkIpvld-A&google_push=ASkJ3FamaFbAFm8VBiuOkH8l00MHjoI6C5xj8HRhNzioWoFtdZcPUe6GP5uP-i9Msl2EoQrIYg11rJOEv7K6WcL6yz4_3WsCo0sf

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=zgKyjrIuQeKhzpkIpvld-A&google_push=ASkJ3FamaFbAFm8VBiuOkH8l00MHjoI6C5xj8HRhNzioWoFtdZcPUe6GP5uP-i9Msl2EoQrIYg11rJOEv7K6WcL6yz4_3WsCo0sf
access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:24 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 6A27 0
44 B 24ms
21ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEA4ygWD9Qq_uuA67kTJ5jpU&google_cver=1&google_push=ASkJ3FZ3jQviPRWLuDu61lfFrda-YaA9eQk3cctqlQhrKenUUMXLcxBTxD67IguEvsiBRXLWcTslje2GlvtJbgM9bZ-6M3YyELU
Requested by: Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:23 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A27
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBVl7hrov5aVQZaEcR-kvjA&google_cver=1&google_push=ASkJ3FacdpFL9BLgBaMxTod3e3CVS0YMvIBuIrwu9nU78R9lIbMWHBDbVh4ol0F9IHP_761s7Y...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBVl7hrov5aVQZaEcR-kvjA&google_cver=1&google_push=ASkJ3FacdpFL9BLgBaMxTod3e3CVS0YMvIBuIrwu9nU78R9lIbMWHBDbVh4ol0F9IHP_761s7Y...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14djFhVkJWRTJ1RzROSEFvNHI0Z0o4WjQ3R3BLZEtsRn5B&google_push=ASkJ3FacdpFL9BLgBaMxTod3e3CVS0YMvIBuIrwu9nU78R9lIbMWHBDbV...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14djFhVkJWRTJ1RzROSEFvNHI0Z0o4WjQ3R3BLZEtsRn5B&google_push=ASkJ3FacdpFL9BLgBaMxTod3e3CVS0YMvIBuIrwu9nU78R9lIbMWHBDbVh4ol0F9IHP_761s7YeL8tczNBfr-kHT5JAfThRcStB3HA

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14djFhVkJWRTJ1RzROSEFvNHI0Z0o4WjQ3R3BLZEtsRn5B&google_push=ASkJ3FacdpFL9BLgBaMxTod3e3CVS0YMvIBuIrwu9nU78R9lIbMWHBDbVh4ol0F9IHP_761s7YeL8tczNBfr-kHT5JAfThRcStB3HA
date: Sun, 04 Dec 2022 16:25:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A27
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAS1sVKZQ...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAS...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c4f2266c-a01e-4d90-89e9-5985102f6621&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c4f2266c-a01e-4d90-89e9-5985102f6621&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c4f2266c-a01e-4d90-89e9-5985102f6621&%%GOOGLE_PUSH_PAIR%%
date: Sun, 04 Dec 2022 16:25:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6A27 0
12 B 40ms
38ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JjSOTMM9i-1C00qmZkmafuimncKmQZk3UjrquLTkoThe8-PuSDHwzx1z3wydQBtifSfA91tZw

Requested by

Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame AEBE 85 KB
31 KB 58ms
8ms Script
application/javascript 65.9.95.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-48.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:21:54 GMT
content-encoding: gzip
via: 1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 72211
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7lsajqUOi0xwmAY3kvEF_B6JHd2E3ATMUCFUoYdSBXXIPLZWw8h84w==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame AEBE 3 KB
3 KB 85ms
21ms Image
image/png 13.225.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1670171424&Signature=keaDjjEGnLQ2syhR6Dn8mSJTpjHXCCr4LC1CKAfeVjyRyFbHJ6cZYBe0zpiP1fWJMExNU~PxgkTZuOXrR1scFcPSnT69wmotLlnPyIj0Uk-3iXK5kR9ttgGjmvMFkdwpyzFt0yBjeq~OsZBa-q~eDmNpXdfFrP~Akt5MQQBdQLkQkGMU90zU8EOw8X1h-3UPEFYOo5EvrcAsV1yBCv9DKzu2nlkE6C0xuX9gtGA8S~7ZkFuNHuYujeFMWTUqhvamSu5y-AiE-wjKHtmwD7U2GiatZPD5TGxhSKblXFSGmAEVStOLf~GGkwk7iyDUXJpTVjSdOPNhKBjFLyPv594D~Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.239.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-239-15.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 04 Dec 2022 05:24:33 GMT
via: 1.1 583308eb4f461d4428530a34ba6d1e04.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-C1
age: 39758
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: VbQDA29HuVbZX2tWKrmRfjB4TIpDYkkcdxupw-COzlc5DiDAY2xcpA==

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/ac339ff8-99a8-42ff-ab79-18576e0f887f/ 138 B
592 B 84ms
62ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/ac339ff8-99a8-42ff-ab79-18576e0f887f/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da4fea487c652fb38cdea9d8a5e7115b9ebe7c286e2e3fc28b2e2cff5c3fac49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
status: 200 OK
x-envoy-upstream-service-time: 21
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5d8ecf0f-4a41-4e1b-8297-e0ba3675cad4
x-runtime: 0.018053
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"da4fea487c652fb38cdea9d8a5e7115b"
x-download-options: noopen
vary: Accept, Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 7745e5d90f259040-FRA
access-control-allow-headers: SDK-Version

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame C542 102 KB
39 KB 38ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

376107ac58e14803e7c31c0578212d90da430fbfc90091a8e2fc4ec19a5afd59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40299
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Dec 2022 16:25:24 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 1E2B 102 KB
39 KB 47ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ec1d9b7e9940e7a3b717f4e7de04da8714fc94bc6524f00043c10403d462099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40302
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Dec 2022 16:25:24 GMT

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame 61C2 0
150 B 23ms
7ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=75104700093626104444990012163015&a=522dd523&vb=m
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=75104700093626104444990012163015&a=fb64a097
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 Bingen am Rhein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/request_content.php?s=75104700093626104444990012163015&a=fb64a097
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 16:25:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D468 42 B
64 B 169ms
151ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUDgbBFa5tDVTiXrk6KJGfDqkbV7gK9SlsL6-6gOfhIR5qMk0Xl3bQBz4zByiuhK8G6xZbHcpdsDnqyXZo28eLWl67FjzTgfvPbDSSZeAOVqIfiQPd&sig=Cg0ArKJSzGsfSCyX-oJDEAE&id=lidar2&mcvt=1003&p=428,1308,1028,1558&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221130&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2105569026&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670171122872&rpt=763&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB3D 42 B
64 B 168ms
151ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6DxDDuPqw73t6Y0MyTezg92XTEzwNMdoVzzGzGj_nMMia1reAOFvUaD-TiHo_2eVGUAwIyiDWDtLU8JRXFJ9eQ0-tAoZ9_NUvuVBV1YRFBap9E1qI&sig=Cg0ArKJSzNhI5lauJarOEAE&id=lidar2&mcvt=1005&p=568,195,658,1165&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221130&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3152355748&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670171122879&rpt=738&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7711 42 B
64 B 167ms
151ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunV2Fc441I-NprHqKVrKVi0USBhQhahNr4R6sm5DeAbjoS83k4Jyc2Y3AGB41kLpg39t7TY8zF5zUajNrTT24T2vjgKcqebMeGfdC_wICTcZ00l8M0&sig=Cg0ArKJSzBksjtqZVEGQEAE&id=lidar2&mcvt=1006&p=1115,315,1205,1285&mtos=0,1006,1006,1006,1006&tos=0,1006,0,0,0&v=20221130&bin=7&avms=nio&bs=1600,1200&mc=0.94&vu=1&app=0&itpl=3&adk=974443919&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670171122898&rpt=693&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7B6D 85 KB
31 KB 21ms
8ms Script
application/javascript 65.9.95.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-48.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:21:54 GMT
content-encoding: gzip
via: 1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 72211
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: zPGE6hkUEuQbXRlITrpKYepCNEyOGVhNz9gphmNEgD_SgooZOxjlMw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 7B6D 85 B
437 B 51ms
23ms Image
image/gif 13.225.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1670171424&Signature=a8aj0IvM7enH8QBH7qqUtybUPCpqArvMalUdIJhWQDL669kwadEBs0XktrfQDiwWNJo4pFMtx7dUAv9Jd9hO2ffRjQj5G7cpaYRn5LWYNyUNDM6pRp9KMsfNYoK4a1oPK5yNN6SGMzfWj-m6xPk2nwizYE-A84R9iCRxFrep~5ps7OflA0o6eUmLIG9TXWtK1NTiIBkqG2iQF8KEJchyr6tBy8IFBTUDxD7mELEo6QL3NJIqs2t4pTR3woeUbFtrw2VsG4OXx-oMjib8~4O342cv6Sox4JgotI5EGiP2QZHDlIVgwmegdJe~cZ1awEXQ0~XYnFRvoDWUg72DcI~vUg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
URL: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.239.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-239-15.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 04 Dec 2022 05:01:39 GMT
via: 1.1 583308eb4f461d4428530a34ba6d1e04.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-C1
age: 41026
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: u1Ukb5y8iCMVsVmGtd5bg045r5I53CkOJJHT5Dl0tiLgS4QFbJlVVQ==

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 61C2 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900015.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 09:39:30 GMT
x-content-type-options: nosniff
age: 110754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:39:30 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 61C2 13 KB
13 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900015.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 17:43:57 GMT
x-content-type-options: nosniff
age: 513687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 17:43:57 GMT

GET
H2 200 logo_lb24_not.png
www.labrujula24.com/img/ 22 KB
22 KB 25ms
25ms Image
image/png 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.labrujula24.com/img/logo_lb24_not.png
Requested by: Host: www.labrujula24.com
URL: https://www.labrujula24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c1bb719690e5a54a5c74a3441dc3dce1d22d184f5c083656d66353a15b24340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 382
cf-polished: origSize=26082
content-length: 22517
cf-bgj: imgq:100,h2pri
last-modified: Sat, 08 Oct 2016 14:26:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OohCswSJ1Vf46%2BA0nK2AsAsb7CpLghVgO8AzNXM022BZaWfPeuCfrRFxj98SScofiCVF%2BBALCPiwdyCl9klcgPHdkh0b6EKeAS6uVZuUv8mKgXZ%2BdWfGL7qcDn9p5Yf8Hy6%2FmLxFfaMe9r3WRBlzgTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7745e5d9982abb41-FRA
expires: Sun, 11 Dec 2022 15:24:55 GMT

GET
H3 200 dc_pre=CLn44KSw4PsCFcx-wQodJVUOHQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075
adservice.google.com/ddm/fls/z/ Frame 74FA 42 B
63 B 130ms
113ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLn44KSw4PsCFcx-wQodJVUOHQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLn44KSw4PsCFcx-wQodJVUOHQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313435213902.4075?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=COPB46Sw4PsCFU-CywEdB70NYA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732
adservice.google.com/ddm/fls/z/ Frame 25CA 42 B
63 B 112ms
112ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COPB46Sw4PsCFU-CywEdB70NYA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COPB46Sw4PsCFU-CywEdB70NYA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9380033445657.732?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 56ms
56ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57cbbfc541e30d734642321cc6b449b25118c483ce1f37ff6859b90daa43f237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11215
x-xss-protection: 0

POST
H2 204 rum Show response
www.labrujula24.com/cdn-cgi/ 0
58 B 28ms
28ms XHR
text/plain 2606:4700:20::681a:e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.labrujula24.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.labrujula24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type: application/json

Response headers

date: Sun, 04 Dec 2022 16:25:24 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.labrujula24.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7745e5dadad3bb41-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:25:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A28F 13 KB
5 KB 9ms
9ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:13:12 GMT
expires: Mon, 04 Dec 2023 16:13:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1FA9 783 B
536 B 17ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cda6349b831a89aae81b39da52afc4cd4b9d395d12f88d3aa9ed66445430d89e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nlpKtkIV4kF6QA0hxmUCPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.labrujula24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-nlpKtkIV4kF6QA0hxmUCPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:25:25 GMT
expires: Sun, 04 Dec 2022 16:25:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1FA9 0
0 150ms
150ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2516472175970245&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame A28F 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 13:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 13:54:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D650 42 B
64 B 150ms
150ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssy4OheIckRr-imR9MNpZXY0BJSvmgNbm0EAYFr9nchMbc8zgiiwLOC9KLxOeT9ebmZpy8oM0HsBdEGIQMGo6B12J2X8tei4PEL_8nXflDp3Y4Ozvc8&sig=Cg0ArKJSzITjbWMVbY30EAE&id=lidar2&mcvt=1000&p=300,400,900,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2546185889&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670171122896&rpt=1174&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AEBE 16 B
232 B 73ms
73ms Fetch
application/json 3.11.196.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.196.201 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-196-201.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Dec 2022 16:25:25 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 127ms
23ms Preflight 3.11.196.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.196.201 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-196-201.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:25 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7B6D 16 B
232 B 69ms
68ms Fetch
application/json 3.11.196.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/6f126d6d-579b-4299-ace5-c2f40381f048/grumi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.196.201 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-196-201.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Dec 2022 16:25:25 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 115ms
23ms Preflight 3.11.196.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.196.201 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-196-201.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 04 Dec 2022 16:25:25 GMT
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A28F 0
12 B 8ms
7ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Rcjeng
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1

200
OK

cksync.php
cs.media.net/
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=JSH8rBui1P1RNW5

45 B
623 B

141ms
80ms

Image
image/gif

23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=JSH8rBui1P1RNW5
Protocol: HTTP/1.1
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:26 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 45
X-MNET-HL2: E
Expires: Sun, 04 Dec 2022 16:25:26 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:25 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-00370ec4fddf661ef@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=JSH8rBui1P1RNW5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 12ms
8ms Image
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H2

204

sync
x.bidswitch.net/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=909998&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?ssp=index&gdpr=0
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=dcc08ae0-1c0b-4416-9d58-cba9ade4feec&ssp=index

0
71 B

1180ms
1180ms

Image
text/plain

35.158.203.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=dcc08ae0-1c0b-4416-9d58-cba9ade4feec&ssp=index
Protocol: H2
Server: 35.158.203.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-203-161.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:27 GMT
cache-control: no-cache, no-store, must-revalidate

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=dcc08ae0-1c0b-4416-9d58-cba9ade4feec&ssp=index
Date: Sun, 04 Dec 2022 16:25:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=6274995832224071295

0
516 B

8ms
8ms

Image
text/plain

3.123.150.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=6274995832224071295
Protocol: H2
Server: 3.123.150.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-150-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

location: https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=&uid=6274995832224071295
date: Sun, 04 Dec 2022 16:25:25 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK cksync.php
cs.media.net/ 44 B
410 B 107ms
45ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:26 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 44
X-MNET-HL2: E
Expires: Sun, 04 Dec 2022 16:25:26 GMT

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dc4f2266c-a01e-4d90-89e9-5985102f66...
https://x.bidswitch.net/sync?dsp_id=80&user_id=889c638c-c9f6-4300-8c38-56af160877b9&expires=30&ssp=medianet&bsw_param=c4f2266c-a01e-4d90-89e9-5985102f6621&gdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CON...
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c4f2266c-a01e-4d90-89e9-5985102f6621&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=

45 B
464 B

100ms
100ms

Image
image/gif

23.3.108.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c4f2266c-a01e-4d90-89e9-5985102f6621&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=

Protocol

Server

23.3.108.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-108-25.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 04 Dec 2022 16:25:27 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Sun, 04 Dec 2022 16:25:27 GMT

Redirect headers

location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c4f2266c-a01e-4d90-89e9-5985102f6621&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=
date: Sun, 04 Dec 2022 16:25:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=%3Cvsid%3E
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=%3Cvsid%3E
https://contextual.media.net/cksync.php?type=mf&ovsid=2f63d66a-6013-4718-8f59-c62d100b7672&cs=1

45 B
465 B

109ms
108ms

Image
image/gif

23.3.108.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=2f63d66a-6013-4718-8f59-c62d100b7672&cs=1

Protocol

Server

23.3.108.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-108-25.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 04 Dec 2022 16:25:26 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Sun, 04 Dec 2022 16:25:26 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=2f63d66a-6013-4718-8f59-c62d100b7672&cs=1
Date: Sun, 04 Dec 2022 16:25:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ 0
191 B 32ms
30ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 04 Dec 2022 16:25:25 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=c4f2266c-a01e-4d90-89e9-5985102f6621&google_hm=YzRmMjI2NmMtYTAxZS00ZDkwLTg5ZTktNTk4NTEwMmY2NjIx
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDOgekBhPD2fp9SV4bsrC5w&google_cver=1&ssp=vidoomy&bsw_param=c4f2266c-a01e-4d90-89e9-5985102f6621
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c4f2266c-a01e-4d90-89e9-5985102f6621

43 B
356 B

82ms
8ms

Image
image/gif

3.123.150.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c4f2266c-a01e-4d90-89e9-5985102f6621
Protocol: H2
Server: 3.123.150.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-150-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:25:26 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c4f2266c-a01e-4d90-89e9-5985102f6621
date: Sun, 04 Dec 2022 16:25:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4401010c-8d0d-482e-9da0-ed0feab333ca

45 B
614 B

122ms
86ms

Image
image/gif

23.3.108.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4401010c-8d0d-482e-9da0-ed0feab333ca

Protocol

Server

23.3.108.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-108-25.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 04 Dec 2022 16:25:26 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Sun, 04 Dec 2022 16:25:26 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4401010c-8d0d-482e-9da0-ed0feab333ca
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1733793
content-length: 0
expires: Sun, 04 Dec 2022 00:00:00 GMT

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8311594621530781768

0
427 B

15ms
9ms

Image
text/plain

3.123.150.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8311594621530781768
Protocol: H2
Server: 3.123.150.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-150-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 16:25:25 GMT
AN-X-Request-Uuid: e43252d8-5914-4a69-8c46-d5f8bcfd7cc8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8311594621530781768
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-bvYo7Z5E2uEo4DVC.hvCa5zNBA0JQBDPxHyrtYY-~A&gdpr=0&gdpr_consent=

0
458 B

10ms
8ms

Image
text/plain

3.123.150.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-bvYo7Z5E2uEo4DVC.hvCa5zNBA0JQBDPxHyrtYY-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 3.123.150.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-150-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 16:25:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

location: https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-bvYo7Z5E2uEo4DVC.hvCa5zNBA0JQBDPxHyrtYY-~A&gdpr=0&gdpr_consent=
date: Sun, 04 Dec 2022 16:25:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 156ms
156ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2516472175970245&bg=!CQqlCk7NAAbvMpMzzzI7ACkAdvg8Wr2xnRATSaZhruxkU75aAGeXD5O8ohKaIMItGzSSMW0izT6D0AIAAABrUgAAAANoAQeZArOq_mzjw-_Ujcd5IbcDHnu8aupJI-NM2ji2PgfmqWutp-MVMXdwA0N1Ex8x1Mavg88J-xmwDkl-ySzzmhVUiAIalvBcB2_YUf5ReohBuDDVYaF9Uuq_O_ZbNNdjT4hABbSXEqJuMwDeTP3Th9KJtC7s2ZdIPiZEr28_QsZFdZf7mId5GovA9e6EKUbRGL2GybHqByQdmw89NEI9Gr2oIO-asPEzbDNWLG0sSWTRAS1irs0g5_rtp_aEvIR6Pd4TePmK4aWqVm7W9IeIvg0ibtoyjiaUa6AOvr158l2z0-IiVrAE4CBX4W_fKsXlLLuXk6rwJRNlrOXfkM1uD6gcI8si-LZLoMj2CiBuS9rzFV7b_u60EyzCiRZa6ZXGmytXS4-NBWuUtHLdh7BQ4OndYTCWMIgL28x2MRLPTf8bLjequ3INjte0vpvkVcvYhXtKxlKik9bZbmk75bSUfoXYWE05X1O-6p8a5J2YNAXzeCfJhbT26pznlyKdgnwlUxcDdo-9o1EX69O4-hkzPEmFIgbyLBpiIGJ0UDp79yPORpP4XOk0u6BWuwYFO-m_IvtvFwoVajp3BIWuJZeyb2Ue0mcG4ilCJKQ4iq-0tgPdU5HD96zfgVvE9xWrBAnABoRB9kS_3A7WZWAAdDTiMXFodVKQhwB8Bh-Y7IDiME_4ugSbfYNja68Xmvr1ebpaq-6ydonbGAzyNE_aw-YIMES8Yvpfxb7MC8jQLcuTUIi15-Mq4yn1Uf2M_-A2QNJltB_PY_efzvrc_UU-SlUVCaOi3DwEu6TY-gdGWSdcn_p5CzRIBiCGokwJRaBPgtnLQZhJzrwQrlQ4cWhNcedBx3LwBIo5Hctv0SetCBxReg2tRUFsIWIaOTWajdb846clMqWf0BVH2RH2biyQ4Kr_Sh9E4wCYNHoN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.labrujula24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.labrujula24.com/	1970-01-20 17:32:11	Name: _ga_34XRXKZ5DK Value: GS1.1.1670171120.1.0.1670171120.0.0.0
.labrujula24.com/	1970-01-20 17:32:11	Name: _ga Value: GA1.1.579929824.1670171120
www.labrujula24.com/	1970-01-20 08:39:23	Name: _pbjs_userid_consent_data Value: 3524755945110770
.labrujula24.com/	1970-01-20 16:41:47	Name: _pubcid Value: ba778d19-b4a7-4f86-927e-4fde3eb83c1a
www.labrujula24.com/	1970-01-20 17:26:25	Name: __atuvc Value: 1%7C49
www.labrujula24.com/	1970-01-20 07:56:12	Name: __atuvs Value: 638cc9f05e6e5f9d000
.doubleclick.net/	1970-01-20 17:17:47	Name: IDE Value: AHWqTUnllpegdk0bnJHpFpCQFUjSVhtsGHgN9AM7xTGGhov3T1Vg1_Wvf7ncfMoYrrk
.rubiconproject.com/	1970-01-20 16:41:47	Name: khaos Value: LB9KRHFB-26-ID05
.rubiconproject.com/	1970-01-20 16:41:47	Name: audit Value: 1\|naVuGyos1qrnIP9iSnmssV4C1LCtWBX9mfsNIvv6Qtrw0zLiRRUt4Y6u+5xOZ9FVDwlzXMh7+SHLOeL+CSMwcsBQn6AvuCLF2V04GeKICvAbsm1clVNMrQ==
.addthis.com/	1970-01-20 17:26:25	Name: uvc Value: 1%7C49
.labrujula24.com/	1970-01-20 17:17:47	Name: cto_bundle Value: dKDx6l90bGY3eDg4d0pyemZmWXo1eDglMkZOVEFDR25TV242RXpxcmZkcEUlMkY1bUxWJTJCdGV4OHZocDJXSW12ak0lMkJCdUFBZUQxWlZMWDdlUk1UNWdVWlJsTDJRbUhuUXhubDFQVUVZT1ZLNWNmWmo0R3VCQlRBVm9xeUdGaUJpZHlUJTJCRTBCYm8
.labrujula24.com/	1970-01-20 17:17:47	Name: cto_bidid Value: 3qMV719uV0FtUDdYaE93TlMzMWpQTEFPZzhZZVVCWFhhalg3NW9XWDVnUmNtcWhCZ0wycnJVdlJ0ZVpsMkJGME1SY0huZ1VOSUhWWGpsWkloeW9WWnRaaTJuZyUzRCUzRA
.labrujula24.com/	1970-01-20 17:17:47	Name: __gads Value: ID=d57fa4c327b6e980:T=1670171121:S=ALNI_MZSYTZjHQkey51DViKNbOl8r-NjaA
.labrujula24.com/	1970-01-20 17:17:47	Name: __gpi Value: UID=00000b8d82bb11ca:T=1670171121:RT=1670171121:S=ALNI_MaBKOxt_IkodLnUNvr3RDzMKOpnAg
www.labrujula24.com/	1970-01-20 08:39:23	Name: clever-last-tracker-56138 Value: 1
www.labrujula24.com/	1970-01-20 07:56:54	Name: clever-counter-56138 Value: 0-1
.addthis.com/	1970-01-20 17:26:25	Name: loc Value: MDAwMDBFVURFTlcyMzEyMTg3MTAwMjAwMDBDSA==
.casalemedia.com/	1970-01-20 16:41:47	Name: CMID Value: Y4zJ8-BRLT7Djnrl7SL.ugAA
.casalemedia.com/	1970-01-20 10:05:47	Name: CMPS Value: 5158
.casalemedia.com/	1970-01-20 10:05:47	Name: CMPRO Value: 5158
.adnxs.com/	1970-01-20 10:05:47	Name: uuid2 Value: 8311594621530781768
.adnxs.com/	1970-01-20 10:05:47	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il_v9Q+*!]tbPl1M>e)ZlrFUfJ+tGXxp)[NRuTHJGfocT03FTyE8R@K7xGaaSUVW-1#M3If)y3KL9D3I?+LV53O>
.bet365.de/	1970-01-20 09:00:59	Name: Affiliates Value: Code=365_01163674&prd=Sports
members.bet365.de/	1969-12-31 23:59:59	Name: session Value: processform=0
.bet365.de/	1969-12-31 23:59:59	Name: pstk Value: 4CA20A47AECE4852A063C0C4CE8433E7000003
.bet365.de/	1970-01-20 07:56:12	Name: __cf_bm Value: c9njvr7p1T97I3tH3d6gjskTChwZiegrJCPrCprgnfc-1670171124-0-ASIYwd6ekfLIrlGuc+d1dCk08+KvgTSnOVq8EHRQSpxAr5tmh6+dyXd2uuvpWeojiPqyx1nhjzoaueK4JO80dpA=
.redintelligence.net/	1970-01-20 10:05:47	Name: 8lcfmzhxc8d6_uid Value: f0730786e28e25bf
.w55c.net/	1970-01-20 17:26:25	Name: wfivefivec Value: JSH8rBui1P1RNW5
.w55c.net/	1970-01-20 08:39:23	Name: matchgoogle Value: 5
.de17a.com/	1970-01-20 16:34:35	Name: guid Value: 1.5791677917585337496
.adform.net/	1970-01-20 08:40:49	Name: C Value: 1
.awin1.com/	1970-01-20 07:59:03	Name: awpv16160 Value: 296283\|1670171124\|417782d0-73f0-11ed-bfbc-22342ff4a6f7
.adform.net/	1970-01-20 09:22:35	Name: uid Value: 6274995832224071295
.awin1.com/	1970-01-20 07:57:37	Name: awpv11601 Value: 113440\|1670171124\|4179a5b0-73f0-11ed-89a3-223851067267
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.ctnsnet.com/	1970-01-20 16:41:47	Name: cid_ef3821e050094a8ea39d58c536f45475 Value: 1
.ctnsnet.com/	1970-01-20 16:41:47	Name: gid_CAESEPYDQ8vrdBw6IbnyhMjYNrM Value: 1
.everesttech.net/	1970-01-20 16:41:47	Name: everest_g_v2 Value: g_surferid~Y4zJ9AABdpoZ1AAZ
.adfarm1.adition.com/	1970-01-20 10:05:47	Name: UserID1 Value: 7173330356328724629
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hn5morvuac5ccplxt4d15j23
pb.media01.eu/	1970-01-20 17:32:11	Name: DTU Value: A1C23022803408B6665BCD0C4C2557E8
.yahoo.com/	1970-01-20 16:42:08	Name: A3 Value: d=AQABBPTJjGMCEKlHOc5gYhWb7Nj5L7xRG-EFEgEBAQEbjmOWYwAAAAAA_eMAAA&S=AQAAAqZYCQYbGJARRRWv5Wc0YVM
.office-partner.de/	1970-01-20 17:32:11	Name: source Value: {"webgains_webgains":{"timestamp":1670171124734,"clickCookie":false}}
.bidswitch.net/	1970-01-20 16:41:47	Name: tuuid Value: c4f2266c-a01e-4d90-89e9-5985102f6621
.bidswitch.net/	1970-01-20 16:41:47	Name: c Value: 1670171124
.bidswitch.net/	1970-01-20 16:41:47	Name: tuuid_lu Value: 1670171124
.360yield.com/	1970-01-20 10:05:47	Name: tuuid Value: ce02b28e-b22e-41e2-a1ce-9908a6f95df8
.360yield.com/	1970-01-20 10:05:47	Name: tuuid_lu Value: 1670171124
.tribalfusion.com/	1970-01-20 10:05:47	Name: ANON_ID Value: asntmIxZduB7RApTrruFdBVPZbM1FxQdL9vHcSWUjHOthLbR5VXl6Wbe271yOZaZcM5SwZcRD6c1Wfg3TaG51fZc5gTNER
.w55c.net/	1970-01-20 08:39:23	Name: matchmedianet Value: 5
.analytics.yahoo.com/	1970-01-20 16:41:47	Name: IDSYNC Value: "18yx~28ns:195v~28ns"
a-prebid.vidoomy.com/	1970-01-20 10:05:47	Name: SSCookie Value: 1
.vidoomy.com/	1970-01-20 10:05:47	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGYiOnsidWlkIjoiNjI3NDk5NTgzMjIyNDA3MTI5NSIsImV4cGlyZXMiOiIyMDIyLTEyLTE4VDE2OjI1OjI2LjAyMTAxMjE4OFoifSwiYWRueHMiOnsidWlkIjoiODMxMTU5NDYyMTUzMDc4MTc2OCIsImV4cGlyZXMiOiIyMDIyLTEyLTE4VDE2OjI1OjI1LjkzOTI4NzgyNloifX0sImJkYXkiOiIyMDIyLTEyLTA0VDE2OjI1OjI1LjkzOTI4NDAyMVoifQ==
.casalemedia.com/	1970-01-20 10:05:47	Name: CMTS Value: 1207
a.vidoomy.com/	1970-01-20 16:41:47	Name: SSCookie Value: 1
.media.net/	1970-01-20 16:40:20	Name: data-xu Value: JSH8rBui1P1RNW5~~8
.criteo.com/	1970-01-20 17:17:47	Name: uid Value: 4401010c-8d0d-482e-9da0-ed0feab333ca
.media.net/	1970-01-20 08:39:23	Name: data-c Value: 4401010c-8d0d-482e-9da0-ed0feab333ca~~1
.media.net/	1970-01-20 08:39:23	Name: data-c-ts Value: 1670171126
.scoota.co/	1970-01-20 17:32:11	Name: tuuid Value: dcc08ae0-1c0b-4416-9d58-cba9ade4feec
.scoota.co/	1970-01-20 17:32:11	Name: c Value: 1670171126
.scoota.co/	1970-01-20 17:32:11	Name: tuuid_lu Value: 1670171126
.mfadsrvr.com/	1970-01-20 17:32:11	Name: tuuid Value: 2f63d66a-6013-4718-8f59-c62d100b7672
.mfadsrvr.com/	1970-01-20 17:32:11	Name: c Value: 1670171126
.mfadsrvr.com/	1970-01-20 17:32:11	Name: tuuid_lu Value: 1670171126
.mfadsrvr.com/	1970-01-20 17:32:11	Name: ssh Value: !medianet,1670171126
.media.net/	1970-01-20 16:41:47	Name: data-mf Value: 2f63d66a-6013-4718-8f59-c62d100b7672~~1
.mathtag.com/	1970-01-20 17:22:06	Name: uuid Value: 889c638c-c9f6-4300-8c38-56af160877b9
.media.net/	1970-01-20 16:40:20	Name: data-bs Value: c4f2266c-a01e-4d90-89e9-5985102f6621~~1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://servicios.labrujula24.com/cotizaciones/js/dist/iframeResizer.min.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://servicios.labrujula24.com') does not match the recipient window's origin ('https://www.labrujula24.com').
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3pl.bidsolo.io
5994599.fls.doubleclick.net
a-prebid.vidoomy.com
a.tribalfusion.com
a.vidoomy.com
ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
c1.adform.net
call.cleverwebserver.com
cdn.ampproject.org
cdn.onesignal.com
cdn.track.production.webgains.team
cm.adform.net
cm.g.doubleclick.net
code.createjs.com
contextual.media.net
cs.media.net
d.vidoomy.com
d5p.de17a.com
dd2989a017637e68f9fef1decb3e0612.safeframe.googlesyndication.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gum.criteo.com
gw.geoedge.be
hal9000.redintelligence.net
hal900015.redintelligence.net
hal900022.redintelligence.net
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
intothebid.com
labrujula24.com
lb.eu-1-id5-sync.com
lp.cleverwebserver.com
m.addthis.com
match.360yield.com
medialead.de
members.bet365.de
mp.4dex.io
mug.criteo.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel-sync.sitescout.com
pm.w55c.net
prebid.media.net
pv.medialead.de
r.scoota.co
region1.google-analytics.com
rtb.mfadsrvr.com
rumcdn.geoedge.be
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
script.4dex.io
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
sender.clevernt.com
servicios.labrujula24.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
track.webgains.com
ui.cleverwebserver.com
ups.analytics.yahoo.com
v1.addthisedge.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.labrujula24.com
www.wunderground.com
x.bidswitch.net
z.moatads.com
s7.addthis.com
103.229.206.241
104.111.239.217
104.18.33.19
104.75.88.126
13.225.239.15
13.41.118.175
136.243.149.243
138.201.135.164
141.95.33.111
142.250.185.230
142.250.186.162
144.76.104.53
145.239.193.130
148.69.64.76
151.101.194.49
162.19.138.116
172.64.154.237
178.250.2.146
178.250.2.151
185.80.39.216
185.86.139.101
2001:4860:4802:32::36
213.155.156.184
216.52.2.39
23.3.108.25
23.35.228.23
2600:9000:206f:1000:4:b37b:9440:93a1
2602:803:c003:200::41
2606:4700:20::681a:138
2606:4700:20::681a:9a9
2606:4700:20::681a:e92
2606:4700:20::ac43:48db
2606:4700:20::ac43:4ade
2606:4700::6810:3865
2606:4700::6812:19ad
2606:4700::6812:19f6
2606:4700::6812:272
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:2638::1c
2a02:26f0:3500:11::215:14dc
2a02:26f0:3500:593::2e03
2a0b:4d07:101::1
3.11.196.201
3.123.150.125
3.124.32.217
3.126.56.137
34.107.148.139
35.158.203.161
35.186.193.173
37.157.5.142
37.157.6.254
37.252.172.123
5.226.179.19
51.89.9.253
52.57.83.94
54.74.128.162
54.76.176.197
54.85.147.115
65.9.95.48
66.155.71.150
85.114.159.93
88.198.250.30
88.221.169.143
94.23.99.218
99.81.44.108
007276382e4e3f77c660fb7488fec524a21f7893a736db96dca415012a25075e
0073d9c3676100d4472436b2ab3e9f3f8cbbe744eb2a4be227fbd54d0b119f17
0082652799ea3fa2c52ab3f0fe29d161877e470272bf63d95b3293fb41d50cfc
011411877b0cd55a1c763cc70b9db1ccac1a50219f9314d2721bae875126afba
017e84c828e13d620bd504940eca41510f251ba207ccad8087437dabd9b3d335
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04027318e0f91b5843c40a9439fce0d0176bece4977779fe950c56135f91cf11
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0581bb65dad4cd48ad9940fe615279c488bc11ceb4a22b33b24b892e6b036d5a
05aa52b1f4f05d13d32d5a97df851a4ccc045c6a0ee422846a8f27557a0ee529
0645e9a26c93b4356b8bab4118e44c7a23607ee02fc98b5059faa80292ea8b8a
080167517b95b372af435c48b04b5b78171a4130864199a6901028d6ccd13ae0
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0a33d781d880a29e1a110bfc2c3ad799b848a46cafdf8e87f973dc55a64a7948
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3c3dbc4db72844d4774ec2a77f4cf42fa6dc8a279df1739fe4807c01ec8201
0c9bd1abe1d2aa2df1e9f258c7c45adb8e2c222e20ed5d4678c40fffa136003d
0d1f62ccc66595ef17514586f32f092c3275fa255b69bdcc95285be3c979c0cf
0dbdaba4d5365bfc364f02b9299f0e259780a323cf7790eac4033b55f4897766
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fa96b0fa6b885d8f219b63b4966aacb0c7387d2609489badbd79471e417c744
107aea484294fcf7910b357a47de12133f4559d6e67c19aba8821c66c06528de
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
1682e20b56b5c356e3bccb831e0e417b5c2771d1c509d228499de8782fbd708c
18b90d2fe51478ecb084ffb0bfe27fdd05f08beeb7352db113a0a0373a45c510
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
1a7149ba9a80966cb6790ba4c536609cf7ad307eac7cd2eed36a009867464c7c
1ac28f7a5c85b823a2cf91d617208afe02770fe21fe18d5e83373d43740bc805
1b00a3eb9bf3f95aeee1159ea43999db85c98afd79e4cdc4bdac1e649bb98d23
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1b5d9ce8c1c3267902470f977199851b6192fb31b3940dc941288e62c8e16c82
1bb8956adcaa7af1454c66ac60ef9b80eb981f92ee8a44ec12fabd9159fd1455
1c6c9d8548d627e7686b7181eefb0e8939df4aa139f5d9cebecbf0ba8f0ccb36
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
26b15da8aef80564cf6d85e12c7b222dc815d730da801ebf7192c28cb56b27db
2aae1e3f431e578c71db076c0ac1cd58132a139caf16417de4b8fb7461815192
2ada7d3e2c53fb3c36229e238bac259320f2352480441f7ddf7f5f7302d0250a
2af9221418b138d3b5fd8626f6f9818c3e6be143df3fac912dda975ff4b361a4
2afd4502e3c4edeac9e8b1157ef7faacbbfdeb12202eff24d6a6bfca9fa6adbb
2b0a02f6a41ac18881d46b3c65e97a161d160f4fa7e6bed3d6640babe5181ab3
2c1bb719690e5a54a5c74a3441dc3dce1d22d184f5c083656d66353a15b24340
2d3a1095a45c0880ba0ffc43b3fa7575c99f5408bfe65607a82565c86463dcaa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e030c6d70f22c3fe0bd59bad1b7d4522eeecd3e5b4dd1ed969023c6d4191286
2e3ceef15769b76cc9cabf69855237dcc81dc9fa2e3a6c7962e04ab54f79bc49
2ec1d9b7e9940e7a3b717f4e7de04da8714fc94bc6524f00043c10403d462099
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
30737a07e3c8780aa453f71ee18a470028dbef22f14c26e1dc1f34d603a246c4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3265fc3daab40786bd1e99425f3695412cc61d13cc077ccd3ee3e99519fa0027
33001e490c916b28ffb3dcc743f171ef5eaa3075f15825880a65817d10bd3db9
3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d
33ad731b148b34df9613ac3a9258c25f47c72416a0d9b45fa136375ea9de5472
342339879789344900892bcb1e9d4fbebcd9051b0185ca1963295b64ff91204e
346a91d068b03cde508f8e00d1bc1f79e884e0c53e3aaa91db8f16e379d4eede
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
353b6d30d4ddd577f0cb1716c131cf08e31e61d8b883c078e49b357aa3ca9e11
358ce3fdefc7321ac9b191a09dc5402c4fbf65c6c83b1e021f18efd5b75166e1
370260a1859b491f42c6340ea6cc58486eac8889b9a8ebaf78c15236fd640a7c
375e7cd4e35d00549a589806cd9d4e55c6fe765b84a7b63d69de4433b88b959c
376107ac58e14803e7c31c0578212d90da430fbfc90091a8e2fc4ec19a5afd59
37d1f662fffdff87adebe974d191787f67330e85b0195ea17ae579b225a33bcb
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3aa6066328b9df5da9ed6e9a4a1394b93a702b39b2decf9351b278b24f495fc4
3aaf33514ac3c58fb0ef06256ae5eaed1cd6c3bbeeb47c99daa1c90905f93fc9
3d6e2d352945483ee41d7c08963c0ea4882a8aaadd50a6d0084599f3f65d2019
3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5
3e532d515993bc3b860f480b9a487c25ab101f576a2cee71351613bbf74619b7
3f97f671c74df06d2401109e9a7efdde3d83a245b5cb6d8dad5d62d40257388a
406e955a989c925bcd1d8e8a702bd5e737487d76370dc3e19780a7f34dd0cde4
41c584b7b0c44ff76fc4a87b3fb65261ad613073b5d16d8a107bdab417ddc77f
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
458893380bf0a272e9a6f6ac01b719fe971aaeb68a057545b42038c9b5d6f448
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46cfc723402afdc45112aa9e5d0af662b19680e2e5d8475f5f97cb981d95a493
46ff6c057fa688cb77b7f021aa8c7f42a005c88f0a4650ef15633434b76e34b3
4a8cce8f6baaf0ab55b6081a02cb32c0ab08088ab028d5c551794e4f33d3e7fc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7f2d4878b7f6f454c989d2bd18e80caab06b54f1d24f0753a7261ae8567eb6
4c5819d879f32724816c9fb61413a4df117c49fabbf9ed152db1ec6cf20ccacf
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550a072b8f659dcdefb885328180c705271b372449f0341e2add1a743b82b455
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0
56e7927e9cb1281bf706c2fbe7e325133c7835492c3c26cfc1a621c72e028932
57867970db92f0ea2de63c77a9b8ef6e8e46fbdaeb7acea81d26f74a859ce919
57cbbfc541e30d734642321cc6b449b25118c483ce1f37ff6859b90daa43f237
57e4f09712f9ca05fdc60d34ef9308ffc80a592d3fb4035decd71080fa23d1b2
57ef7a72dff767da73cc41b0483aac92b80ee4d7028bf750cc66e365420242cd
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b4591a1b52d125d97258e597a4cdf1b7ca20b6f5532346bd861a2d264df2c3b
5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d
5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7
5dc46386fa3bfbf4760bbf1286d2d971e6c91475eb56cc7835f56c5f617809bf
5f0320a2d40ff5310891622b85610a3b5d935ee745f33c85c1d20f25b0e152d4
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
5fe75d0fb01c62e14b75d418f8e5bb6e413e49610f564e90248669d7e3513403
5fe8a66503018e8da17e7edd6a206c996857eb870b6db0729a1ec89b45813a1a
5ff12349882cc4d7c060aaeeaea2531c2c31b04187423a032c544f2b0e80c0cf
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ffd63484940044d03d955729df16dd425449d11d07cee7826412edea33435c
62addc8d8c87a0faf096bbb36e726463633c22110b04ce9ad6b492adde70e0f4
62f34dceefc90f0f9621eb56da5715f59a13c948436cd2a4c8fcd4626d176618
63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
680d7a85642baaca400b6e65283333e7036610603b30084399cd3773ecbce7c0
689cd339b9de5d18314f13848a05a7ede4548ae9e30673035d1302da6d139ba1
68d28ec4ac528eca008741b318c4a66df24c956e53dbde9773d77a92be7da47c
68ff93d8ab6c2f66a1bcbae1cd8358e4cb0e494a737f17bb18f2e2089c579327
690a10bf11bbd061a6b52003504f7f2f90d2fc1e034a90813ccffd3580e90b53
69615f85a7e09ef1d3373e6090eea9e918c7a53de34e94cfd59e18d2a0e22742
69cb050dbe8ff0d49666e8fb460a2a0c59846b1c4dc461aac991218b5677fc30
6b8f31189fd5669897a743bb8152ce8dde9b72838ab88672d529840777c90386
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6ec21628a4087c564348213f68f4c7dea33cbfdd549c505cfc3b3b336d3050a9
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
70473c8ac1784e732b6f939aacf1b7c7247968e94408fb7d0dbba9fab15a11cc
73c17a8bc1ab83f49d4bb223ba00eaa3c48e52e3695fbf8bcb4b4b0b3bee4389
743110f608a92a41b2d2544ba3de156fd4dba2e7c0e5bed1220df8e9c41aa3a8
7442a3d4a0fbcf0c77cd7cd60457b1c30fda153378e9e021da6c056b2df7aabb
74fe5fb0193174b7c51798ccf76c5f996551dae89e8d1ebb0699badd12781ab4
757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df
7583ea122dcd3ad0fa81078acd63f91052d378c1d6468a81449631c8b795c1eb
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
77d7a6fb60cc657d75c18e592577eab4557abef145245c9d638e32a558e0f530
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79afb092e04dace1fef9df22acaa2e86cfc41cb58cca46bad33b1acf8011cf1a
7ad787c5b12c627342078c5820231f55b1da252368359dcc5ac70c1d811ce537
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e0568e035a9e8d224ea44edb81eef494102317eaf0497a7432865a784133a65
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
7ee8734c823f01daa032be4e8f4c0d6fb4232fb53c492933fa8eed8d3d93beb0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80786622b6b1e3dc6434fa76fe99c1ca6f6829ee9220a970d1f09a8745c21527
82557ddb638e3b2b827da40ff62ccddc6911c107f06929997800b7fad64b0a00
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8461b10de0cfca8daa88a22ff34674893a0a58facdb70edacd6895415b1a5ac0
84ff1fb6573156edfb72e08b10071ec269ce12545208ca2273e106a754698f47
852a87733fc394f64bdb72130138f0dba946e346f9369cf1d67d3fd32b780540
85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36
869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33
86cebff13be08b4f86f217045fbc1818145cffe81f1665f2e72ebb3187943282
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87ecdc754328736bdf8c2db0703fd31598204d84e9df5f6d7755beecc9b9b457
88377b24a65b90c63b5242d1f6845cd81a087ad254977af7403a696d93cee7c4
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8ba9cc2f959cfa9fbf4f2eee543d9c6be04d7d68461bc777d76273871378e432
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8f6d6ac5b6f37dbb26665c216a38ded1a92a40b3d08ae00a6006bd1204d410b0
91ef6cd171c90486a96628f25f105ef757d9795f6a9631fff6419d20f342d692
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9428f8198e9f6f9e29828b1ea9514a4127327897b38c8db30f2541ec29ad7d14
9556490177c5174f9a068f7c217b78df5b3b0c44bf479ae26e6ba68d02fa6273
96c4b1cc7fef14f9d4a4bbb998dda460414f62e64e6f518ec41cfb9aeff005f3
97615dc21d0ee6e53a4540adea59feb5b8b155d0992f7ce6c7e1e95f831f7f27
979f3e8af3004db2b9cde330958be0477e06fb4dbec09417e583b747a9514288
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
984f3b9f7e4d0a979ff9bd2cfb7f3c1f1312495444b025be942cf01cdf1a68b6
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e8a7d090d8bba6dbd500fb9438c2f3efbb23da3545dc3ca973503f2ab0e73b3
9ec4d275a51dcae4a76bf245cb95aa3075fa401298186f501908c53784edcb91
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00d62a52a31925b70639011f9ead9a67f832c75abe105b816514de212945637
a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a1185e128a6060c5fdebd56898885b796c95b2b681bca3ecb9edc654eb405201
a443003189fef795443415e1e6ffa982051411367387ece6313ced1f5a8d56c1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af276085f69dfa8ede3d5a363976ac179311ade4a08c02eecf8c2300e8048ee7
af640d92477458b84d4cb9265c1976af8d38e247afa482f17c7a7c456ba62fdd
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b05703c21009c4b75a5d64c1000c265047fb4ae93fcfbdc9ea8b98225b8beb9d
b091fb04aeb43da4cec3392a4de451d0f6b97a91235e0dc68560bc271c2b83c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cb4a25c57934c4c328981a39a97a6035a6313a85b8d2a087cb72ca9bf0391f
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b8157b33abb37aff74b7cd5104136439d526b1dc79538ff2205b2a2ae2c9e373
b8985712bdea4412148deb6c288ca5a72004b18dca652fb19eb35d98031547fb
b8b3666cf5826cbae55cf0ccb8a326c4c3f975d2d706cd916b2691c961eafab5
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
b974efc12bade95169a0adae14e5052e0a0689034ef0b17e73b1935876ae32ca
b9b28402ee51f0bfcf086c317bc6df8bfb5449d0af4adde98e386065014bfb6e
bb73633f1cee75d4647a4bca2be901f2cd7ee479434264a963f761b9cfe3ba4f
bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdb431b26a33e5c082aac8fa0bf7538e6a49407e7a7cb51f84c3b5a8f7758d68
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1b929312bd47af29752f987857e15627fbd36abf0c78266a2a9e1fc07b541fb
c1ba83e61b3bb05800b406fa4e6d7ddc40d475de922b55ce2148301cad172871
c1f3ac675e1c4e41a1775ff6d536e299f60707e4f7e74f2b9528b9d2f44f6e47
c39d0965199df797698112751f87e2ad92d60e897143d1028fea5329299191c6
c3b67ec1b48befcb446a701d41e607cd94abfc97e25a5da7ab163f368dd14c51
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c50a227a18766e318bdfc89b128ffb96427c25aa5942c39e90cc24c3b21ea231
c526a7c1849df42e5b8fd7d481e5fa542d9d14e9de6aa360ebe2faf15758e0f7
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c7d8ce4658cbf0831a244a21546d292db1e7fce29dcd2df8051b8125a07c5cee
c8cd3a5514fa9ec4387914a6da304af226e3406178c018e3cd2f7392a56ef117
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca6dd4173940471619b68c86d64e18b2d937a9e764cfde471d9e281dbfb94c14
cb449f2971d7ae65e54808e5ae4d842b7c33f796e739a5018afdc9d52969b1d2
cb6a1f96aed7dd32cc2b539e667c43ee9a431ce36fccfd260f305d1759e41a2f
cb6d935c5494a7d6121e463f319ac4882f805d38989d6dac70ec84a29a203d2e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd3047f46336f201e734af4d631a97bda3365800f6c0c79469b69075992b348d
cda6349b831a89aae81b39da52afc4cd4b9d395d12f88d3aa9ed66445430d89e
cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406
cdb0296c482753056176aa4e56d0dedeb82074dcaa83d54cb202e5755b679cd8
cfe1a912214063de2242d4fbf667b90179dabe5975791c4eb9eb7be715ff3c27
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d21246556bd6e5a19755dabb0bd7270e688874bc205ed2db8e47dca09bc81639
d2c48553124433c8b0db05669f7c9726a22c3214cabe2b5a6d13e2aab34e14f3
d51b61eebeacd84c1ef0c381d74d76aea4fccd2736a99d3a5a9f1c69795d28a8
d52d392a6a06f04f082d30c5c1ef88b25c028a9a68c5bd0c8814937db2c27177
d68a0493de4a9c208ce231a1d85f3e707e53082e5e35d105df5f6e2e455ca1fc
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8ef22d7fa4cf37a1fb485b1d3913dc02e66a31608977747fabc7345774806d0
da01470fa976ce99059f0fc48cce38b79b137d04eb79658b757a3305679ade3a
da4fea487c652fb38cdea9d8a5e7115b9ebe7c286e2e3fc28b2e2cff5c3fac49
da7b47872772af36993f4267860fc09dac311d3298296eafa6a5f90beaaca518
da7fefc086a2cd026189fa4d0000eb6a8a6327df8a5784f5d68672f7e467abc0
daa876c31b72b7fd4c6261ece66f62c774bec258bee8e42e8828007140005eb1
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcb9bc1bc78d90f71123333c57089c68c1d8133c8762ddf3cca8684f9a04c9d0
df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470
dfa08db03641a67cbb347c3c0b04de1888de3a1ec4f3b9cbe39558e98c338ff4
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e115eaa319b4e0bdb4ace08e4b53e27b498dbac129447bc6b49bec834769bab7
e15df485a3c008b7a8871a65dd9ae1d113862b146e93ee9696d24db92c01c8ab
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4d8026aa06817962da17cc13faabd698bdc10fe7366e24dc948c3ec7831d566
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea05cc8ab1b71e68ecfc0c9cd64cf800181f4d8c4589650b2f285ec153341e62
eb835cbef42441def4ca4ea4d1a9d92f50072e65c8bbbb0a8b727325b4ead408
ec43c737ec58e089e9cf7e4f04f8cbe4353e0a1c7aa98d64a911684faf2909bf
ed1668cac7cde6e1de711599c9004aa020d10765deb1468d811dcb305dd4a399
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e40a494171d0336443cf07e6bd045fbdea5466a7097ea1c8f56d241c3e14e
f05faa60c17641d50de6c2fe48f9519788fcce1ccd78b5caee06ab7678f7ea33
f0ba1231feb24671084d29459a4cbcfe8003eccdee6e680bf1bfba2bc983b67e
f1b648afd8964c553d1f8bcc7ba1faf50a0622cdbbdf69b7fe4659ceb40d7e29
f1bf59483476c93ef0df8a95b5d7c574e3249f63e64eda20fee1bc9b1d1c67d5
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f2cf09305561b3108bcd21968bcd4f0ca805c2180eecb138d612618d7250c132
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f324a5c16f39113f5e9a304f836572377784710629ee6f3d0fc7902d3521d4f0
f39bc8d6a5dbcbe8725d21c2cee12069d3f757714aa3748d41298e7f1058fe67
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f64d3df5be069e6229fbfbcb32ca2eb35a57a46322317a27bcbf2e406db98d5e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6883f78d4dc10042145ee34532a4f3d1880324f34ea841f12ba68b1e308c9ac
f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b
f836c3616ac2faced9cf9e6c3b18fc661228323e4d709b9853dceece3b5b7ba2
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fd17f83593fd29b4cf3ffa0530321c093d4d40da9e48c3b5d0b4590ff39d5ed9
fd8d978d21282f99c5f2483125e420849175373ab7bfc24421210d9235b323d3
fde0d5a578eb6673d38d66dff152e36b610384b19954f0723e07f4302305592f
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff19bba8316157b5e4eb3ff89962d93a9aea12c5663c9d58d2093a787b961823
ff497dadf51b214f1453dfd8c44821e83cbf9cf67c3c4a073f53393adeb602a1
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.labrujula24.com Open in urlscan Pro 2606:4700:20::681a:e92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

488 Requests

93 %HTTPS

39 %IPv6

61 Domains

91 Subdomains

62 IPs

13 Countries

8521 kBTransfer

19170 kBSize

69 Cookies

20 Outgoing links

Page URL History

Redirected requests

488 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.labrujula24.com Open in urlscan Pro
2606:4700:20::681a:e92 Public Scan

Screenshot
Live screenshot

Full Image

488
Requests

93 %
HTTPS

39 %
IPv6

61
Domains

91
Subdomains

62
IPs

13
Countries

8521 kB
Transfer

19170 kB
Size

69
Cookies

488 HTTP transactions
15 data transactions