sedentarioswow.es.tl Open in urlscan Pro
193.238.27.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sedentarioswow.es.tl/
Effective URL:
https://sedentarioswow.es.tl/
Submission: On January 19 via api (January 19th 2024, 7:53:23 pm UTC) from US — Scanned from ES

Summary HTTP 37 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 16 domains to perform 37 HTTP transactions. The main IP is 193.238.27.26, located in Germany and belongs to IPX-AS15598, DE. The main domain is sedentarioswow.es.tl.
TLS certificate: Issued by R3 on October 30th 2023. Valid for: 3 months.

This is the only time sedentarioswow.es.tl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	193.238.27.26 193.238.27.26	15598 (IPX-AS15598) (IPX-AS15598)
6	178.162.223.113 178.162.223.113	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	178.162.223.114 178.162.223.114	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	37.187.129.45 37.187.129.45	16276 (OVH) (OVH)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	185.5.82.77 185.5.82.77	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	185.172.148.132 185.172.148.132	44239 (PROINITY ...) (PROINITY PROINITY)
1	176.9.183.55 176.9.183.55	24940 (HETZNER-AS) (HETZNER-AS)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
3	3.75.56.58 3.75.56.58	16509 (AMAZON-02) (AMAZON-02)
1 3	52.28.146.218 52.28.146.218	16509 (AMAZON-02) (AMAZON-02)
1 2	54.93.142.178 54.93.142.178	16509 (AMAZON-02) (AMAZON-02)
1 2	172.67.73.145 172.67.73.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	18

2 193.238.27.26 (Germany) 1 redirects

ASN15598 (IPX-AS15598, DE)
PTR: es.tl

sedentarioswow.es.tl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.162.223.113 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com

theme.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.223.114 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com

img.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.187.129.45 (France)

ASN16276 (OVH, FR)
PTR: ns316269.ip-37-187-129.eu

counter2.contadorvisitasgratis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

asrv205.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.5.82.77 (Germany) 2 redirects

ASN20546 (SOPRADO-ANY, DE)
PTR: xb905524d.host.myracloud.com

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.172.148.132 (Germany)

ASN44239 (PROINITY PROINITY, CH)

nextlevel-f353.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de

fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

fwd.fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com

visifeed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.146.218 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-146-218.eu-central-1.compute.amazonaws.com

api.yieldads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.142.178 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-142-178.eu-central-1.compute.amazonaws.com

qimp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.73.145 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.secprf2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	webme.com theme.webme.com img.webme.com — Cisco Umbrella Rank: 414033	124 KB
4	adcell.com 2 redirects t.adcell.com — Cisco Umbrella Rank: 57836	5 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com Failed	200 KB
3	yieldads.net 1 redirects api.yieldads.net — Cisco Umbrella Rank: 120597	15 KB
3	visifeed.org visifeed.org — Cisco Umbrella Rank: 119580	2 KB
3	fwdtrk.com fwdtrk.com fwd.fwdtrk.com	177 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	7 KB
2	secprf2.com 1 redirects r.secprf2.com — Cisco Umbrella Rank: 151656	2 KB
2	qimp.net 1 redirects qimp.net — Cisco Umbrella Rank: 329709	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
2	es.tl 1 redirects sedentarioswow.es.tl	8 KB
1	kxcdn.com nextlevel-f353.kxcdn.com — Cisco Umbrella Rank: 447568	73 KB
1	asrv205.com asrv205.com	1 KB
1	contadorvisitasgratis.com counter2.contadorvisitasgratis.com	3 KB
0	facebook.com Failed www.facebook.com Failed
37	16

	Domain	Requested by
6	theme.webme.com	sedentarioswow.es.tl theme.webme.com
4	t.adcell.com	2 redirects asrv205.com r.secprf2.com t.adcell.com
4	pagead2.googlesyndication.com	sedentarioswow.es.tl pagead2.googlesyndication.com
3	api.yieldads.net	1 redirects visifeed.org api.yieldads.net
3	visifeed.org	fwdtrk.com visifeed.org
3	cdnjs.cloudflare.com	sedentarioswow.es.tl cdnjs.cloudflare.com
2	r.secprf2.com	1 redirects qimp.net
2	qimp.net	1 redirects api.yieldads.net
2	fwd.fwdtrk.com	fwdtrk.com fwd.fwdtrk.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	sedentarioswow.es.tl connect.facebook.net
2	sedentarioswow.es.tl	1 redirects
1	fwdtrk.com	asrv205.com
1	nextlevel-f353.kxcdn.com	asrv205.com
1	asrv205.com	sedentarioswow.es.tl
1	counter2.contadorvisitasgratis.com	sedentarioswow.es.tl
1	img.webme.com	sedentarioswow.es.tl
0	tpc.googlesyndication.com Failed	pagead2.googlesyndication.com
0	www.facebook.com Failed	connect.facebook.net
37	19

This site contains links to these domains. Also see Links.

Domain
paginawebgratis.es
silktide.com
www.sedentarioswow.es.tl
www.facebook.com
www.paginawebgratis.es

Subject Issuer	Validity	Valid
es.tl R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
misc.webme.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
img.webme.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
counter2.idealpes.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-29` - `2024-01-27`	3 months	crt.sh
asrv205.com GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
fwdtrk.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
fwd.fwdtrk.com GTS CA 1D4	`2023-12-13` - `2024-03-12`	3 months	crt.sh
visifeed.org R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
api.yieldads.net Amazon RSA 2048 M01	`2023-10-04` - `2024-11-02`	a year	crt.sh
qimp.net Amazon RSA 2048 M03	`2023-10-23` - `2024-11-19`	a year	crt.sh
secprf2.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://sedentarioswow.es.tl/
Frame ID: 92E636265459766FCE06648DE5478CFF
Requests: 19 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: 85B2B3585567E4F5B362C777C5FACEEB
Requests: 2 HTTP requests in this frame

Frame: https://t.adcell.com/p/view?promoId=320700&slotId=105746&pv=1
Frame ID: CD4B30A0F55F413CCBC9CC8583BD6BB7
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjAsImNyZWF0aXZlX2lkIjozMCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRVMiLCJ0cyI6MTcwNTY5Mzk5OX0%3D
Frame ID: 8E1BACBA58AB8616A91E189BDF063F43
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: B1EBD7E00E97991B2CA31947EC5DB078
Requests: 1 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411adbf&ci=yCZp5Sp%3E&its=9F%5Bt%2ALp5d%3DbB%7BQD%3BziPWbTW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: A6B20471BF64329061F5F1C73AD0F811
Requests: 2 HTTP requests in this frame

Frame: https://t.adcell.com/p/click?promoId=316276&slotId=47322&param0=https%3A%2F%2Fserviettenshop.de&subId=v030400010428d07582cccd384796a52d98f7ba8836fd&referer=https%3A%2F%2Fr.secprf2.com%2F&fp=e464a356c3b064ff41a0d8daeb93ff8a
Frame ID: D31D30B02D51F249506A0FBF0CF70DB1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4528858822558136&output=html&adk=1812271804&adf=3025194257&lmt=1705694000&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fsedentarioswow.es.tl%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705693999418&bpp=2&bdt=1389&idt=802&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5978388703552&frm=20&pv=2&ga_vid=866204615.1705694000&ga_sid=1705694000&ga_hid=566436230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31079965%2C95320888%2C95321627%2C95321861%2C95322166&oid=2&pvsid=628072679593787&tmod=2057088363&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=820
Frame ID: 9E4AC2F4FD34E51EE72829B03345C860
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=339062219495910&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df127b81dc4842ec%26domain%3Dsedentarioswow.es.tl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsedentarioswow.es.tl%252Ff352890be373d34%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fsedentarioswow.es.tl%2Fhttp%253A%252F%252Fsedentarioswow.es.tl&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=120
Frame ID: AFAD86D7ABF1D7AA1015765782A4FCB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sedentarioswow - Homé

Page URL History Show full URLs

http://sedentarioswow.es.tl/ HTTP 301
https://sedentarioswow.es.tl/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Page Statistics

37
Requests

89 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

18
IPs

5
Countries

708 kB
Transfer

1619 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://paginawebgratis.es/es/Politica-de-Privacidad.php
Title: Mas detalles

Search URL Search Domain Scan URL

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: http://www.sedentarioswow.es.tl/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/sedentarios
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.paginawebgratis.es/?c=4000&utm_source=selfpromotion&utm_campaign=overlay&utm_medium=footer
Title: Este sitio web fue creado de forma gratuita con PaginaWebGratis.es. ¿Quieres también tu sitio web propio? Registrarse gratis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sedentarioswow.es.tl/ HTTP 301
https://sedentarioswow.es.tl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://t.adcell.com/p/image?promoId=296418&slotId=105746 HTTP 302
https://nextlevel-f353.kxcdn.com/Kr%C3%A4he%20WORKWEAR%20/Retargeting/Kr%C3%A4he_Retargeting_static_300x250.jpg

Request Chain 27

https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411ad00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjI0IFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
https://qimp.net/de/y?t=serviettenshop.de&cid=00af4da3fecf189bdc7f50ffeaa6e77ae3898551f0fddca27c9e904eedfba91a&identifier=ee61b3854943fe24 HTTP 302
https://qimp.net/de/search/serviettenshop.de

Request Chain 28

https://r.secprf2.com/v1/redirect?url=https://serviettenshop.de&api_key=5fc853a9b93bc17c44714a505d0d3e2a&site_id=bfdae93fb69c4687bf1058fec464ef33&type=url&source=https://qimp.net/de/search/serviettenshop.de&yk_tag=00af4da3fecf189bdc7f50ffeaa6e77ae3898551f0fddca27c9e904eedfba91a HTTP 302
https://r.secprf2.com/v2/go?t=dt6p8%3Aa%2F7.8dde5l6c7m8pdcci2k5p0o8o4d1306473%26vldtbds4e3.2opsremt%3Ditrps%252AF2%25%253Fsetvhe0tanah%26p2d7%26%3DuIIo%3Ds0602010%3D0I2mdr7%3F8cclc%2F3%2F4o9.al2c9aftb%2F8s3tfh&e=1&ai=cad2058df00847f79f7e244e3f8412ae&sct=0&ct=1705694002253&cu=d07582cccd384796a52d98f7ba8836fd&ykuid=9b0ebbaadd3d4f0c8e0fa6c5ba6d148f&sc=1&cs=28d7149e374df60f688cde56f9acb91b

Request Chain 32

https://t.adcell.com/p/click?promoId=316276&slotId=47322&param0=https%3A%2F%2Fserviettenshop.de&subId=v030400010428d07582cccd384796a52d98f7ba8836fd HTTP 302
https://t.adcell.com/forward?promoId=316276&slotId=47322&param0=https%3A%2F%2Fserviettenshop.de&subId=v030400010428d07582cccd384796a52d98f7ba8836fd&referer=https%3A%2F%2Fr.secprf2.com%2F

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
sedentarioswow.es.tl/
Redirect Chain

http://sedentarioswow.es.tl/
https://sedentarioswow.es.tl/

26 KB
8 KB

1196ms
162ms

Document
text/html

193.238.27.26
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL: https://sedentarioswow.es.tl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.238.27.26 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS: es.tl
Software: nginx /
Resource Hash: 75ddfdbfce84ace004a4e93e1273b697c935bda5083b04cd6c0f4dfb7e143ca5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=ISO-8859-15
Date: Fri, 19 Jan 2024 19:53:17 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Via: 1.1 varnish-v4
X-Varnish: 734817968
X-wm-1: 64ef455219bf45ba236b8d390f06c9ce
X-wm-VIP: 193.238.27.26
X-wm-req.backend: SitesGET
X-wm-req.backend.healthy: true
X-wm-req.restarts: 0

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 19 Jan 2024 19:53:16 GMT
Location: https://sedentarioswow.es.tl/
Server: Varnish
X-Varnish: 747229851

GET
H/1.1 200
OK default3.css
theme.webme.com/designs/clean/css/ 14 KB
5 KB 514ms
103ms Stylesheet
text/css 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.webme.com/designs/clean/css/default3.css
Requested by: Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 15159ad14680afbe33ec45b75bb87961049e76aa8020f3f1a25033604a59abb3

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:53:18 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Content-Encoding: gzip
Last-Modified: Wed, 03 Aug 2022 09:01:32 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 28443
Vary: Accept-Encoding
Content-Type: text/css
X-Varnish: 692858484, 331442118 328710083
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4558
Expires: Fri, 01 Mar 2024 11:59:15 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 4 KB
2 KB 511ms
62ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Requested by

Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:53:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 621003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1618
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-11d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Wy%2FZ%2FgiA%2ByhMYSc5hSyoQ%2FWHxU%2FMvCs0%2BjjsdrX9at4QS6jWNU1jOcfher9KDl6KLy26LTKNCaT%2FzMCKGUDdW1KY2uCqYMc4zAN3Td5iRoCtn9it66JEFRxxFFy%2FYimjSoKXR5P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84819f82aa853150-MAD
expires: Wed, 08 Jan 2025 19:53:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 800ms
141ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4528858822558136&host=ca-host-pub-1483906849246906

Requested by

Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c33f07a0466078a8f40ec37e5edabab3453224752be1a11b65d7b81196d5771e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sedentarioswow.es.tl/
Origin: https://sedentarioswow.es.tl
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51121
x-xss-protection: 0
server: cafe
etag: 349273926260473141
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 19 Jan 2024 19:53:19 GMT

GET
H/1.1 200
OK cfcfcfdrtfgyh1.jpg
img.webme.com/pic/s/sedentarioswow/ 16 KB
17 KB 576ms
166ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/s/sedentarioswow/cfcfcfdrtfgyh1.jpg
Requested by: Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: c3a0d40263c74f05cb938f878b67f1ed728fde9e1e60a2e56cd7086469394a2f

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:53:18 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Mon, 12 Jan 2015 08:03:38 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 54
ETag: "54b37fda-419c"
X-Varnish: 742299487, 331109108 331441423
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16796

GET
H/1.1 200
OK contadorvisitasgratis.php
counter2.contadorvisitasgratis.com/private/ 3 KB
3 KB 489ms
150ms Image
image/png 37.187.129.45
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter2.contadorvisitasgratis.com/private/contadorvisitasgratis.php?c=a071c8b828269d61d4fda11a55983e32
Requested by: Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.129.45 , France, ASN16276 (OVH, FR),
Reverse DNS: ns316269.ip-37-187-129.eu
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/5.4.16
Resource Hash: 2d687e9c94ab5917d6f042ec34bed9cd0905bcbae5755fe75e93874fb38242ed

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:53:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Connection: close
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 765ms
112ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

009caeca0916c153da02a8de79d3eb3e1e1eb500247893b2216e8bfd22a7ab64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sedentarioswow.es.tl/
Origin: https://sedentarioswow.es.tl
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jan 2024 19:53:19 GMT
content-md5: JNgYUJ3b0qf5JrNrkQSWUw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: g0ITsBFM5b0fquAlCWymqqmduQ3bQKc9cErcT1UeMENahqTjWMOySzLQu2Ce0rRfz5QBcFedE8IirVMvnGByOg==
x-fb-content-md5: 5f7aedf3e2499ec1816dc49d538d537a
cross-origin-opener-policy: same-origin-allow-popups
etag: "54209a486831f706e31928e21e4cfae4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 19 Jan 2024 20:12:25 GMT

GET
H2 200 eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0= Show response
asrv205.com/adframe/ Frame 85B2 2 KB
1 KB 801ms
150ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by: Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6df15591ff8f5cfd7e6891a57757f083b93ea071454d25099b5a98ea543327

Request headers

Referer: https://sedentarioswow.es.tl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84819f872db36611-MAD
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 19:53:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9twLzR1zyQeE1mHbC8oY%2Bm52VLP6NF1Lw8FT4ApH2pTxlW%2BMuXQttQMiBgiefjiGUiRX%2Fig7KUj%2FwNxHvIbpR7pAO7LUDVpQj8gKYuwUHfZvF%2FUhKOMQh2xWttBVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK gray.jpg
theme.webme.com/designs/globals/background/ 66 KB
67 KB 139ms
137ms Image
image/jpeg 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/globals/background/gray.jpg
Requested by: Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 5bb065ab48fca3f909e70d970bccb91816005914c2d2f4733f5d4a45fd0f3461

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:53:18 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Wed, 23 Sep 2015 10:37:14 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 87570
Content-Type: image/jpeg
X-Varnish: 586579258, 331442128 316987000
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67986
Expires: Thu, 29 Feb 2024 19:33:47 GMT

GET
H/1.1 200
OK claim_bg.png
theme.webme.com/designs/clean/img/ 8 KB
9 KB 491ms
272ms Image
image/png 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/clean/img/claim_bg.png
Requested by: Host: theme.webme.com
URL: https://theme.webme.com/designs/clean/css/default3.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: b946c7539c042b2ce2ac3950e99707b449aaeeb985f74d5cef1418dad4e179bb

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://theme.webme.com/designs/clean/css/default3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:53:18 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:44 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 28049
Content-Type: image/png
X-Varnish: 689738186, 332379877 327272864
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8551
Expires: Fri, 01 Mar 2024 12:05:49 GMT

GET
H/1.1 200
OK storm.jpg
theme.webme.com/designs/globals/header/1000x300/ 22 KB
22 KB 503ms
280ms Image
image/jpeg 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/globals/header/1000x300/storm.jpg
Requested by: Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 76352e8e49254ffd23fc52aecec9b7382aa3128fa4c4b30d306161816db4591c

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:53:18 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Mon, 14 Dec 2015 11:30:06 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 12622
Content-Type: image/jpeg
X-Varnish: 723561665, 332379887 329959353
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22332
Expires: Fri, 01 Mar 2024 16:22:56 GMT

GET
H/1.1 200
OK menu_bg.png
theme.webme.com/designs/clean/img/ 3 KB
3 KB 494ms
271ms Image
image/png 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/clean/img/menu_bg.png
Requested by: Host: theme.webme.com
URL: https://theme.webme.com/designs/clean/css/default3.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 933e70c93771650d9068665b0f216a1f190c82856366069f0bfed308954801e3

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://theme.webme.com/designs/clean/css/default3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:53:18 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:44 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 26422
Content-Type: image/png
X-Varnish: 699990686, 331442170 327776092
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2789
Expires: Fri, 01 Mar 2024 12:32:56 GMT

GET
H/1.1 200
OK red.png
theme.webme.com/designs/clean/arrows/ 1 KB
2 KB 494ms
272ms Image
image/png 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/clean/arrows/red.png
Requested by: Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: c342ea4223727227830cce6760a5e76f654d6d2077e4c63cdf563b9926dd1147

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:53:18 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:44 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 26346
Content-Type: image/png
X-Varnish: 697470689, 331442172 329221420
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1289
Expires: Fri, 01 Mar 2024 12:34:12 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 113ms
112ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=78c2baa432542c2da227df13c7c5dbe4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

b54a3584181224f1d913cb3d363554213b062a2d48735827dd0b500181e8e3a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sedentarioswow.es.tl/
Origin: https://sedentarioswow.es.tl
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jan 2024 19:53:19 GMT
content-md5: NTZGGZU2uMS4jBqwpC08tg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86940
reporting-endpoints
x-fb-debug: MqUEDyD0QGV+n772UBnVTzwbRtTgB1eaR7L9CoK0ivP8omNwpEgJLiBrMr223mOWJAr8IvqJ/2Bo9xlN8Kc1Dg==
x-fb-content-md5: 989e7f82998f54bbbfbf0e3ca4c6bc52
cross-origin-opener-policy: same-origin-allow-popups
etag: "8d57d296b0e4602cb4b2ac3eddf8e512"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 18 Jan 2025 16:50:16 GMT

GET
H2

200

Kr%C3%A4he_Retargeting_static_300x250.jpg
nextlevel-f353.kxcdn.com/Kr%C3%A4he%20WORKWEAR%20/Retargeting/ Frame 85B2
Redirect Chain

https://t.adcell.com/p/image?promoId=296418&slotId=105746
https://nextlevel-f353.kxcdn.com/Kr%C3%A4he%20WORKWEAR%20/Retargeting/Kr%C3%A4he_Retargeting_static_300x250.jpg

73 KB
73 KB

931ms
116ms

Image
image/jpeg

185.172.148.132
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextlevel-f353.kxcdn.com/Kr%C3%A4he%20WORKWEAR%20/Retargeting/Kr%C3%A4he_Retargeting_static_300x250.jpg
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: H2
Server: 185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: ec17626aae54efa48dd2d2efa8982cb9eb146de7766bf54a5a34dea5d34921f2

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://asrv205.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:53:20 GMT
last-modified: Tue, 15 Feb 2022 07:35:37 GMT
server: keycdn
x-edge-location: defr
etag: "123a7-5d809943ec440"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
link: <https://media.imocash.com/Kr%C3%A4he%20WORKWEAR%20/Retargeting/Kr%C3%A4he_Retargeting_static_300x250.jpg>; rel="canonical"
content-length: 74663
expires: Fri, 19 Jan 2024 20:53:20 GMT

Redirect headers

date: Fri, 19 Jan 2024 19:53:19 GMT
strict-transport-security: max-age=15768000
server: myracloud
content-type: text/html
location: https://nextlevel-f353.kxcdn.com/KrÃ¤he WORKWEAR /Retargeting/KrÃ¤he_Retargeting_static_300x250.jpg
cache-control: max-age=0
content-length: 0
expires: Fri, 19 Jan 2024 19:53:19 GMT

GET
H2 200 view Show response
t.adcell.com/p/ Frame CD4B 42 B
420 B 646ms
166ms Document
image/gif 185.5.82.77
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/p/view?promoId=320700&slotId=105746&pv=1

Requested by

Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.5.82.77 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

xb905524d.host.myracloud.com

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
content-type: image/gif
date: Fri, 19 Jan 2024 19:53:19 GMT
expires: Sat, 11 Jan 2003 12:59:00 GMT
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
pragma: no-cache
server: myracloud
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK eyJjYW1wYWlnbl9pZCI6MjAsImNyZWF0aXZlX2lkIjozMCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN... Show response
fwdtrk.com/track/ Frame 8E1B 1 KB
2 KB 394ms
173ms Document
text/html 176.9.183.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjAsImNyZWF0aXZlX2lkIjozMCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRVMiLCJ0cyI6MTcwNTY5Mzk5OX0%3D
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.183.9.176.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Jan 2024 19:53:19 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 402 KB
137 KB 664ms
168ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4528858822558136&plah=sedentarioswow.es.tl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4528858822558136&host=ca-host-pub-1483906849246906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

23e9010c54f2b5c26dc0bc3ad9d2f556e8ab475d70606cb0b7a8524eba5c61e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139629
x-xss-protection: 0
server: cafe
etag: 10412298622096122192
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 19:53:19 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame B1EB 9 KB
4 KB 603ms
115ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4528858822558136&host=ca-host-pub-1483906849246906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sedentarioswow.es.tl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 70102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 00:24:58 GMT
etag: 9219409622527106327
expires: Fri, 02 Feb 2024 00:24:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 track Show response
fwd.fwdtrk.com/ Frame 8E1B 184 KB
74 KB 232ms
97ms Script
application/javascript 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fwd.fwdtrk.com/track?id=

Requested by

Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjAsImNyZWF0aXZlX2lkIjozMCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRVMiLCJ0cyI6MTcwNTY5Mzk5OX0%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2615.1e100.net

Software

Google Tag Manager /

Resource Hash

10656fac2a4e51b94937dc94a8309ef315fdcdcbea044a1201ff853c32a07f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fwdtrk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 18:00:00 GMT
server: Google Tag Manager
via: 1.1 google
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
x-xss-protection: 0

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame A6B2 403 B
738 B 301ms
132ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjAsImNyZWF0aXZlX2lkIjozMCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRVMiLCJ0cyI6MTcwNTY5Mzk5OX0%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: ba1ce92a386ee7acf559a4f4a87aa79232497b764fdd5a7f18bcffe78dd3ded7

Request headers

Referer: https://fwdtrk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Jan 2024 19:53:20 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2 200 js Show response
fwd.fwdtrk.com/gtag/ Frame 8E1B 263 KB
101 KB 145ms
144ms Script
application/javascript 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fwd.fwdtrk.com/gtag/js?id=G-B6LHGYT55G&l=dataLayer&cx=c
Requested by: Host: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/track?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: /
Resource Hash: 8382dc357dd5451da91d270ef6758f1f6eef3b46198e256af64c3a46f3e10e9c

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fwdtrk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: application/javascript; charset=UTF-8
date: Fri, 19 Jan 2024 19:53:20 GMT
cache-control: private, max-age=900
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
expires: Fri, 19 Jan 2024 20:08:06 GMT

GET
H/1.1 200
OK i Show response
visifeed.org/ Frame A6B2 408 B
735 B 86ms
85ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411adbf&ci=yCZp5Sp%3E&its=9F%5Bt%2ALp5d%3DbB%7BQD%3BziPWbTW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: af293f67d0063ea2264246658ce41acfeeece783a96e359b4ee9a6a09c02dd77

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Jan 2024 19:53:20 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame D31D 347 B
672 B 303ms
303ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411ad00&ci=yCZp5Sp%3E&its=9F%5Bt%2ALp5d%3DbB%7BQD%3BziPWbTW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411adbf&ci=yCZp5Sp%3E&its=9F%5Bt%2ALp5d%3DbB%7BQD%3BziPWbTW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: e23a2d9f39e708ae539ffdbb9007635edd1dfcf3d77f163978cfc54969254328

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Jan 2024 19:53:20 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E4A 603 B
245 B 454ms
453ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4528858822558136&output=html&adk=1812271804&adf=3025194257&lmt=1705694000&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fsedentarioswow.es.tl%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705693999418&bpp=2&bdt=1389&idt=802&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5978388703552&frm=20&pv=2&ga_vid=866204615.1705694000&ga_sid=1705694000&ga_hid=566436230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31079965%2C95320888%2C95321627%2C95321861%2C95322166&oid=2&pvsid=628072679593787&tmod=2057088363&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=820

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4528858822558136&plah=sedentarioswow.es.tl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sedentarioswow.es.tl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 19:53:20 GMT
expires: Fri, 19 Jan 2024 19:53:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 296ms
296ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: sedentarioswow.es.tl
URL: https://sedentarioswow.es.tl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 redirect Show response
api.yieldads.net/ Frame D31D 2 KB
2 KB 355ms
127ms Document
text/html 52.28.146.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411ad00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411ad00&ci=yCZp5Sp%3E&its=9F%5Bt%2ALp5d%3DbB%7BQD%3BziPWbTW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.146.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-146-218.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/8.2.14
Resource Hash: 315d50fe088ddd21a7a04dcab8bf421f0e6a9bcacc8f54bad7433dd9caca30fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 19:53:20 GMT
server: nginx
x-powered-by: PHP/8.2.14

GET
H2 200 fp.min.js Show response
api.yieldads.net/js/ Frame D31D 34 KB
12 KB 83ms
81ms Script
application/javascript 52.28.146.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldads.net/js/fp.min.js
Requested by: Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411ad00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.146.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-146-218.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411ad00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:53:20 GMT
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 10:12:10 GMT
server: nginx
etag: W/"65a6567a-864c"
content-type: application/javascript

GET
H2

200

serviettenshop.de Show response
qimp.net/de/search/ Frame D31D
Redirect Chain

https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411ad00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c...
https://qimp.net/de/y?t=serviettenshop.de&cid=00af4da3fecf189bdc7f50ffeaa6e77ae3898551f0fddca27c9e904eedfba91a&identifier=ee61b3854943fe24
https://qimp.net/de/search/serviettenshop.de

536 B
1 KB

125ms
124ms

Document
text/html

54.93.142.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qimp.net/de/search/serviettenshop.de
Requested by: Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411ad00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.142.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-142-178.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/7.1.33
Resource Hash: 934f6c13cd39cd7f826e1213ff5367a6256cd1701d5214d33894573f4d129073

Request headers

Referer: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=69f40bef7730c10b6842e2230931a5d44cd060844af3f7ba5375fd0a0411ad00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 19:53:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 19:53:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://qimp.net/de/search/serviettenshop.de
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

GET
H2

200

go Show response
r.secprf2.com/v2/ Frame D31D
Redirect Chain

https://r.secprf2.com/v1/redirect?url=https://serviettenshop.de&api_key=5fc853a9b93bc17c44714a505d0d3e2a&site_id=bfdae93fb69c4687bf1058fec464ef33&type=url&source=https://qimp.net/de/search/serviett...
https://r.secprf2.com/v2/go?t=dt6p8%3Aa%2F7.8dde5l6c7m8pdcci2k5p0o8o4d1306473%26vldtbds4e3.2opsremt%3Ditrps%252AF2%25%253Fsetvhe0tanah%26p2d7%26%3DuIIo%3Ds0602010%3D0I2mdr7%3F8cclc%2F3%2F4o9.al2c9a...

1 KB
833 B

143ms
142ms

Document
text/html

172.67.73.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.secprf2.com/v2/go?t=dt6p8%3Aa%2F7.8dde5l6c7m8pdcci2k5p0o8o4d1306473%26vldtbds4e3.2opsremt%3Ditrps%252AF2%25%253Fsetvhe0tanah%26p2d7%26%3DuIIo%3Ds0602010%3D0I2mdr7%3F8cclc%2F3%2F4o9.al2c9aftb%2F8s3tfh&e=1&ai=cad2058df00847f79f7e244e3f8412ae&sct=0&ct=1705694002253&cu=d07582cccd384796a52d98f7ba8836fd&ykuid=9b0ebbaadd3d4f0c8e0fa6c5ba6d148f&sc=1&cs=28d7149e374df60f688cde56f9acb91b
Requested by: Host: qimp.net
URL: https://qimp.net/de/search/serviettenshop.de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be815c4aaaa7ace95457ebe4bdf60640fe447688e1d29fcd6d3ac094c066d4ba

Request headers

Referer: https://qimp.net/de/search/serviettenshop.de
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 84819f9acb2d215a-MAD
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 19 Jan 2024 19:53:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOwesrgHqafwRfoecoUkwk%2BkcDQ1cejyTDiOL9CPs%2FLSgeUafL5xEa4U8NN3cHsaeWKpUqegwojDQbsDTqtIL2OhK0NOq%2FwVxGlCFw%2FxAadyWmcRxcRqQbST5xXWM0w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 84819f99c930215a-MAD
content-length: 0
date: Fri, 19 Jan 2024 19:53:22 GMT
location: /v2/go?t=dt6p8%3Aa%2F7.8dde5l6c7m8pdcci2k5p0o8o4d1306473%26vldtbds4e3.2opsremt%3Ditrps%252AF2%25%253Fsetvhe0tanah%26p2d7%26%3DuIIo%3Ds0602010%3D0I2mdr7%3F8cclc%2F3%2F4o9.al2c9aftb%2F8s3tfh&e=1&ai=cad2058df00847f79f7e244e3f8412ae&sct=0&ct=1705694002253&cu=d07582cccd384796a52d98f7ba8836fd&ykuid=9b0ebbaadd3d4f0c8e0fa6c5ba6d148f&sc=1&cs=28d7149e374df60f688cde56f9acb91b
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO PSA OUR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lo%2FyPWKwTihvEbNmXNLBqi7fdjW64AR7OIPyYQ9RYgObeDsiIpYVc6V7ePzSBYAFTGwxH%2Bi87LpIS%2BAjE%2BNmGxD7erXMth4P%2FUK3EGjgFLN3z7ecy5nrjIKFbk78Y7g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 dark-floating.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
1 KB 106ms
105ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-floating.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c221f3541cb3e9513392969f4dbdc0080da7f66332076e22aeb530828ef46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4537816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 734
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-c8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SC8PhcD%2FKJpy154xUXJdV1CR4NJ9GuLfVAl8fenO5aDrbFuvxiy4a97N6eOho6yGjR3f0uGI%2FVj1rIseHhCWHWlwKaqPloRJkRGvM%2BcM%2BTqVb8aanKuL5ACp9ly1eaCTyQYIok5Q"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84819f9b795e3150-MAD
expires: Wed, 08 Jan 2025 19:53:22 GMT

GET like.php
www.facebook.com/v11.0/plugins/ Frame AFAD 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 118ms
117ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

809292dce3ebc64280a56d13821570654cd0cba89be2b37feff3e1d28cf7b28a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://sedentarioswow.es.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12319
x-xss-protection: 0

GET
H2

200

forward Show response
t.adcell.com/ Frame D31D
Redirect Chain

https://t.adcell.com/p/click?promoId=316276&slotId=47322&param0=https%3A%2F%2Fserviettenshop.de&subId=v030400010428d07582cccd384796a52d98f7ba8836fd
https://t.adcell.com/forward?promoId=316276&slotId=47322&param0=https%3A%2F%2Fserviettenshop.de&subId=v030400010428d07582cccd384796a52d98f7ba8836fd&referer=https%3A%2F%2Fr.secprf2.com%2F

12 KB
4 KB

325ms
324ms

Document
text/html

185.5.82.77
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/forward?promoId=316276&slotId=47322&param0=https%3A%2F%2Fserviettenshop.de&subId=v030400010428d07582cccd384796a52d98f7ba8836fd&referer=https%3A%2F%2Fr.secprf2.com%2F

Requested by

Host: r.secprf2.com
URL: https://r.secprf2.com/v2/go?t=dt6p8%3Aa%2F7.8dde5l6c7m8pdcci2k5p0o8o4d1306473%26vldtbds4e3.2opsremt%3Ditrps%252AF2%25%253Fsetvhe0tanah%26p2d7%26%3DuIIo%3Ds0602010%3D0I2mdr7%3F8cclc%2F3%2F4o9.al2c9aftb%2F8s3tfh&e=1&ai=cad2058df00847f79f7e244e3f8412ae&sct=0&ct=1705694002253&cu=d07582cccd384796a52d98f7ba8836fd&ykuid=9b0ebbaadd3d4f0c8e0fa6c5ba6d148f&sc=1&cs=28d7149e374df60f688cde56f9acb91b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.5.82.77 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

xb905524d.host.myracloud.com

Software

myracloud /

Resource Hash

2cdac5977d08af6009a50b383db2691bc3d10e1eb845d0415c6d5c03a5ce22e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://r.secprf2.com/v2/go?t=dt6p8%3Aa%2F7.8dde5l6c7m8pdcci2k5p0o8o4d1306473%26vldtbds4e3.2opsremt%3Ditrps%252AF2%25%253Fsetvhe0tanah%26p2d7%26%3DuIIo%3Ds0602010%3D0I2mdr7%3F8cclc%2F3%2F4o9.al2c9aftb%2F8s3tfh&e=1&ai=cad2058df00847f79f7e244e3f8412ae&sct=0&ct=1705694002253&cu=d07582cccd384796a52d98f7ba8836fd&ykuid=9b0ebbaadd3d4f0c8e0fa6c5ba6d148f&sc=1&cs=28d7149e374df60f688cde56f9acb91b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 3826
content-type: text/html; charset=utf-8
date: Fri, 19 Jan 2024 19:53:22 GMT
etag: "myra-4ee92ade"
expires: Fri, 19 Jan 2024 19:53:22 GMT
server: myracloud
strict-transport-security: max-age=15768000
vary: accept-encoding

Redirect headers

cache-control: max-age=0
content-length: 0
content-type: text/html
date: Fri, 19 Jan 2024 19:53:22 GMT
expires: Fri, 19 Jan 2024 19:53:22 GMT
location: https://t.adcell.com/forward?promoId=316276&slotId=47322&param0=https%3A%2F%2Fserviettenshop.de&subId=v030400010428d07582cccd384796a52d98f7ba8836fd&referer=https%3A%2F%2Fr.secprf2.com%2F
server: myracloud
strict-transport-security: max-age=15768000

GET
H2 200 logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
3 KB 65ms
64ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/logo.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-floating.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-floating.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3087
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-c0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZYW6JhkFbfM8m2FoSm6%2FV%2FklvG299iulwHEIi3FYdlZCy0V6GrWsUSy8ge64eIBaicMWmnA7f1leZiq12YBEmCPHjyc%2B7vc1XpNZ7Qpjlptac8xRDwEeOYtLoOPXQ9z3YthuJWo"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84819f9c3aac3150-MAD
expires: Wed, 08 Jan 2025 19:53:22 GMT

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

GET click
t.adcell.com/p/ Frame D31D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/v11.0/plugins/like.php?action=like&app_id=339062219495910&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df127b81dc4842ec%26domain%3Dsedentarioswow.es.tl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsedentarioswow.es.tl%252Ff352890be373d34%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fsedentarioswow.es.tl%2Fhttp%253A%252F%252Fsedentarioswow.es.tl&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=120

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: t.adcell.com
URL: https://t.adcell.com/p/click?promoId=316276&slotId=47322&param0=https%3A%2F%2Fserviettenshop.de&subId=v030400010428d07582cccd384796a52d98f7ba8836fd&referer=https%3A%2F%2Fr.secprf2.com%2F&fp=e464a356c3b064ff41a0d8daeb93ff8a

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sedentarioswow.es.tl/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6ae9745b6d497e0d9b9fb3e72e22db01
t.adcell.com/	1970-01-20 17:49:40	Name: ADCELLvpid10420 Value: 320700-105746-%23%23%23%23https%3A%2F%2Fasrv205.com%2F%40%40%40%401705693999
.doubleclick.net/	1970-01-20 17:48:14	Name: test_cookie Value: CheckForPermission
api.yieldads.net/	1970-01-20 17:58:18	Name: AWSALBTGCORS Value: y1GHpWNgOeL507dW7k31Fus5LmxoZNh4jOGeZ0Y9tqFOO+5whfmIHbQYp96N5Uzz9pQ2zbAe51IhpXF7vCascnn503dqjp5aE94s3w/qcwDLVDlXvkWf7nzGyensX9y1ZF0udgflygduJCCYGh3D6rpCRB8SY9xiIUA4IY6dOlPw4yrHoF0=
api.yieldads.net/	1970-01-20 17:58:18	Name: AWSALBCORS Value: UtQ3dkU7GStVKzRAWtkUfnavvdpsYENSoly335q2J2U2Tyzx2023Edm6eL4UtRh1GoN9oIOMtqpaY9yW1KGh7E03cZDyINquJflbPXW3IysGlOD6MUTH5c1plLVx
qimp.net/	1970-01-20 17:58:18	Name: AWSALBCORS Value: yEO+ltPDsuMYdiAdbVomxOJW9zyuUKVqBuhwMFSRwxYHsKEoBDqBMQYsjxcTWwqAhjg63ZmO/IJCkkPfuBN3L752V5USPbh+9h5ob473oC85B2DUOF+2u0o60FTV

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://sedentarioswow.es.tl/ Message: Mixed Content: The page at 'https://sedentarioswow.es.tl/' was loaded over HTTPS, but requested an insecure element 'http://counter2.contadorvisitasgratis.com/private/contadorvisitasgratis.php?c=a071c8b828269d61d4fda11a55983e32'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sedentarioswow.es.tl/(Line 169) Message: Mixed Content: The page at 'https://sedentarioswow.es.tl/' was loaded over HTTPS, but requested an insecure element 'http://counter2.contadorvisitasgratis.com/private/contadorvisitasgratis.php?c=a071c8b828269d61d4fda11a55983e32'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.yieldads.net
asrv205.com
cdnjs.cloudflare.com
connect.facebook.net
counter2.contadorvisitasgratis.com
fwd.fwdtrk.com
fwdtrk.com
googleads.g.doubleclick.net
img.webme.com
nextlevel-f353.kxcdn.com
pagead2.googlesyndication.com
qimp.net
r.secprf2.com
sedentarioswow.es.tl
t.adcell.com
theme.webme.com
tpc.googlesyndication.com
visifeed.org
www.facebook.com
t.adcell.com
tpc.googlesyndication.com
www.facebook.com
104.17.24.14
142.250.185.226
142.250.186.34
157.240.251.9
172.67.73.145
176.9.183.55
178.162.223.113
178.162.223.114
185.172.148.132
185.5.82.77
188.114.96.3
193.238.27.26
216.239.38.21
3.75.56.58
37.187.129.45
52.28.146.218
54.93.142.178
009caeca0916c153da02a8de79d3eb3e1e1eb500247893b2216e8bfd22a7ab64
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
10656fac2a4e51b94937dc94a8309ef315fdcdcbea044a1201ff853c32a07f96
15159ad14680afbe33ec45b75bb87961049e76aa8020f3f1a25033604a59abb3
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
23e9010c54f2b5c26dc0bc3ad9d2f556e8ab475d70606cb0b7a8524eba5c61e7
2b6df15591ff8f5cfd7e6891a57757f083b93ea071454d25099b5a98ea543327
2cdac5977d08af6009a50b383db2691bc3d10e1eb845d0415c6d5c03a5ce22e2
2d687e9c94ab5917d6f042ec34bed9cd0905bcbae5755fe75e93874fb38242ed
315d50fe088ddd21a7a04dcab8bf421f0e6a9bcacc8f54bad7433dd9caca30fe
34c221f3541cb3e9513392969f4dbdc0080da7f66332076e22aeb530828ef46a
5bb065ab48fca3f909e70d970bccb91816005914c2d2f4733f5d4a45fd0f3461
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
75ddfdbfce84ace004a4e93e1273b697c935bda5083b04cd6c0f4dfb7e143ca5
76352e8e49254ffd23fc52aecec9b7382aa3128fa4c4b30d306161816db4591c
809292dce3ebc64280a56d13821570654cd0cba89be2b37feff3e1d28cf7b28a
8382dc357dd5451da91d270ef6758f1f6eef3b46198e256af64c3a46f3e10e9c
933e70c93771650d9068665b0f216a1f190c82856366069f0bfed308954801e3
934f6c13cd39cd7f826e1213ff5367a6256cd1701d5214d33894573f4d129073
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
af293f67d0063ea2264246658ce41acfeeece783a96e359b4ee9a6a09c02dd77
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b54a3584181224f1d913cb3d363554213b062a2d48735827dd0b500181e8e3a1
b946c7539c042b2ce2ac3950e99707b449aaeeb985f74d5cef1418dad4e179bb
ba1ce92a386ee7acf559a4f4a87aa79232497b764fdd5a7f18bcffe78dd3ded7
be815c4aaaa7ace95457ebe4bdf60640fe447688e1d29fcd6d3ac094c066d4ba
c33f07a0466078a8f40ec37e5edabab3453224752be1a11b65d7b81196d5771e
c342ea4223727227830cce6760a5e76f654d6d2077e4c63cdf563b9926dd1147
c3a0d40263c74f05cb938f878b67f1ed728fde9e1e60a2e56cd7086469394a2f
e23a2d9f39e708ae539ffdbb9007635edd1dfcf3d77f163978cfc54969254328
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ec17626aae54efa48dd2d2efa8982cb9eb146de7766bf54a5a34dea5d34921f2

sedentarioswow.es.tl Open in urlscan Pro 193.238.27.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

89 %HTTPS

0 %IPv6

16 Domains

19 Subdomains

18 IPs

5 Countries

708 kBTransfer

1619 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sedentarioswow.es.tl Open in urlscan Pro
193.238.27.26 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

89 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

18
IPs

5
Countries

708 kB
Transfer

1619 kB
Size

6
Cookies

37 HTTP transactions
0 data transactions