andacredito.mx Open in urlscan Pro
35.235.93.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://clnk.si/137CI
Effective URL:
https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl...
Submission: On September 12 via manual (September 12th 2023, 6:39:17 am UTC) from CO — Scanned from NL

Summary HTTP 149 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 30 IPs in 10 countries across 33 domains to perform 149 HTTP transactions. The main IP is 35.235.93.22, located in Los Angeles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is andacredito.mx.
TLS certificate: Issued by R3 on August 6th 2023. Valid for: 3 months.

This is the only time andacredito.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.241.222.91 35.241.222.91	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.90.63.227 34.90.63.227	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.235.93.22 35.235.93.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
15	35.201.76.189 35.201.76.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	34.77.94.206 34.77.94.206	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	34.107.249.96 34.107.249.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.240.92.105 35.240.92.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 22	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	52.28.40.145 52.28.40.145	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:ad5e:1111:f66a:1a0c	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	3.120.226.29 3.120.226.29	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	18.197.117.175 18.197.117.175	16509 (AMAZON-02) (AMAZON-02)
149	30

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clnk.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clnk.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.222.91 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.222.241.35.bc.googleusercontent.com

sl.crezu.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sl.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.63.227 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.63.90.34.bc.googleusercontent.com

track.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.235.93.22 (Los Angeles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.93.235.35.bc.googleusercontent.com

andacredito.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.201.76.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.76.201.35.bc.googleusercontent.com

cdn.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.77.94.206 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.94.77.34.bc.googleusercontent.com

workers.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.249.96 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.249.107.34.bc.googleusercontent.com

cdn.morecashpls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.240.92.105 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.92.240.35.bc.googleusercontent.com

events.crezu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.158.49 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.40.145 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-40-145.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:ad5e:1111:f66a:1a0c (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.233 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.226.29 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-226-29.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.117.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-117-175.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	907 KB
38	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 259	141 KB
20	crezu.net 1 redirects track.crezu.net cdn.crezu.net — Cisco Umbrella Rank: 901617 workers.crezu.net sl.crezu.net events.crezu.net — Cisco Umbrella Rank: 963533	2 MB
11	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2541 www.google.com — Cisco Umbrella Rank: 2	1 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1180 www.googleadservices.com — Cisco Umbrella Rank: 156	330 B
8	gstatic.com www.gstatic.com fonts.gstatic.com	100 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 660	3 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 991 r.turn.com — Cisco Umbrella Rank: 4368	2 KB
4	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 962 s.tribalfusion.com — Cisco Umbrella Rank: 2311	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	227 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	4 KB
4	morecashpls.com cdn.morecashpls.com	24 KB
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 935	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	213 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1052	2 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1452	452 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5086	650 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 633	725 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 933	793 B
2	google.nl www.google.nl — Cisco Umbrella Rank: 8681	562 B
2	andacredito.mx andacredito.mx	2 KB
2	clnk.si 2 redirects clnk.si	1 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 369	146 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1767	586 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3462	104 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7482	554 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2238	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 41280	611 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	265 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 799	339 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 771	733 B
1	crezu.mx 1 redirects sl.crezu.mx	641 B
149	33

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net andacredito.mx pagead2.googlesyndication.com tpc.googlesyndication.com
22	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net andacredito.mx tpc.googlesyndication.com www.googletagservices.com
15	googleads.g.doubleclick.net	4 redirects www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net
15	cdn.crezu.net	andacredito.mx cdn.crezu.net
8	www.googleadservices.com	googleads.g.doubleclick.net
8	www.google.com	2 redirects andacredito.mx googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	cdn.morecashpls.com	cdn.crezu.net andacredito.mx
3	um.simpli.fi	3 redirects
3	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
3	region1.analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	andacredito.mx www.googletagmanager.com
2	pm.w55c.net	2 redirects
2	sync.teads.tv	1 redirects
2	d5p.de17a.com	2 redirects
2	r.turn.com	googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	dis.criteo.com	googleads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	events.crezu.net	cdn.crezu.net
2	www.google.nl	andacredito.mx
2	andacredito.mx	andacredito.mx
2	clnk.si	2 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	d.agkn.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sl.crezu.net	cdn.crezu.net
1	workers.crezu.net	cdn.crezu.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	track.crezu.net	1 redirects
1	sl.crezu.mx	1 redirects
149	45

This site contains links to these domains. Also see Links.

Domain
track.crezu.net

Subject Issuer	Validity	Valid
andacredito.mx R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cdn.crezu.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-29` - `2023-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
workers.crezu.net R3	`2023-08-18` - `2023-11-16`	3 months	crt.sh
sl.crezu.net R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
cdn.morecashpls.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-04` - `2024-02-04`	a year	crt.sh
events.crezu.net R3	`2023-08-27` - `2023-11-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Frame ID: 54F0F1A06F4BDE2C4BBC93B4A5F88BEC
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html
Frame ID: 8C539935E475322F3ADCC7A44250C654
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&adk=1812271804&adf=3025194257&lmt=1673874971&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694500752650&bpp=3&bdt=434&idt=273&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=977048336617&frm=20&pv=2&ga_vid=1518035038.1694500752&ga_sid=1694500753&ga_hid=1567402473&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077699%2C44795921%2C31076994&oid=2&pvsid=3775051539506680&tmod=124000083&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=293
Frame ID: 72596AB4F884FCE817DFBCBF774CBAD8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=7429060818&adk=1462056812&adf=3069310087&pi=t.ma~as.7429060818&w=910&fwrn=4&fwrnh=100&lmt=1673874971&rafmt=1&format=910x280&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694500752734&bpp=2&bdt=518&idt=213&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=977048336617&frm=20&pv=1&ga_vid=1518035038.1694500752&ga_sid=1694500753&ga_hid=1567402473&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077699%2C44795921%2C31076994&oid=2&pvsid=3775051539506680&tmod=124000083&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=osZwwL0XxG&p=https%3A//andacredito.mx&dtd=221
Frame ID: 6C480B97795365A0C594407E32436D81
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B46F3277428D11203E4D9537FBEFD568
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7C70140C9BC2CDF3D9FA65B002B38219
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9179CB3E2ACC2B54A7540E2AED7146D0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: 262F8AFE585D36291181F8C2041DD51C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BF7AA873037649DE24892B80891F618E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 89E6B78BC933A8793C9E94D3203DAE7A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 643E6B977493816E26D470D8F782D0B9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E0A36109E3B6F78CE7AFDA471BF25BDB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EFC96AD9DE856ADB0572BC97A7B84345
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js
Frame ID: E32AF4CFB887B4C978AB0CFB099D160D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js
Frame ID: 831967EF718E5699CA77886BDF8F989B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js
Frame ID: 9DF7EFE7797972262616A9AC4D3789CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js
Frame ID: EFE8A267733585B6912C794D52E334FB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9B409298DF0982359D94BD349C0B48FA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E372979773192BB3CD09FB2587B0D1AF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ofertas de préstamos rápidos | AndaCrédito

Page URL History Show full URLs

http://clnk.si/137CI HTTP 301
https://clnk.si/137CI HTTP 302
https://sl.crezu.mx/crm?sub2=mx-sms-welcome-click-trigger-3&lead_id=4dc65fd250fc4736a409f5dda0fd... HTTP 302
https://track.crezu.net/click?offer_id=216&sub1=4dc65fd250fc4736a409f5dda0fd6f36&pid=2&sub2=mx-sms-w... HTTP 302
https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-cli... Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

149
Requests

85 %
HTTPS

45 %
IPv6

33
Domains

45
Subdomains

30
IPs

10
Countries

3286 kB
Transfer

5854 kB
Size

38
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://track.crezu.net/click?offer_id=52&pid=2&sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3-landing-offers&sub4=0&sub3=sl-crm&sub6=14&r=743
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=593&pid=2&sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3-landing-offers&sub4=1&sub3=sl-crm&sub6=14&r=343
Title: Contrata ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=297&pid=2&sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3-landing-offers&sub4=2&sub3=sl-crm&sub6=14&r=731
Title: Quiero mi tarjeta

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=53&pid=2&sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3-landing-offers&sub4=3&sub3=sl-crm&sub6=14&r=770
Title: Solicítalo ahora

Search URL Search Domain Scan URL

URL: https://track.crezu.net/click?offer_id=103&pid=2&sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3-landing-offers&sub4=4&sub3=sl-crm&sub6=14&r=227
Title: Solicítalo ahora

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://clnk.si/137CI HTTP 301
https://clnk.si/137CI HTTP 302
https://sl.crezu.mx/crm?sub2=mx-sms-welcome-click-trigger-3&lead_id=4dc65fd250fc4736a409f5dda0fd6f36&landing=offers HTTP 302
https://track.crezu.net/click?offer_id=216&sub1=4dc65fd250fc4736a409f5dda0fd6f36&pid=2&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub6=14&sub4=0 HTTP 302
https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf0gqkAcAZYyePNGi7gPT_bG4AeDXzL5x0K6bju4QZBABIM_DmXNgkQSgAfPXoe8CyAEJqQKm6BvHAgiyPqgDAcgDywSqBPACT9CYeUUfONsF9uN3qJG1RCXpRsEVzlR3CJCdpUE2XmDkZqd1zVeZvOPnD3Ml1QIldMKDtFjbqvnpfeAJgAqGXZ4nRENkD3YwPn74xjLsOz_DSdvuHp8DLOM2He28st-lRT0AW3J-NU0cPrEohoyagtWw2dUNKpLm5_ozRD2kM7BC0FRN7iPWci38t1beFcLBVof7BSQeZ1cw4js09nW2adJsQCnBA_JMAPsX_s3q__eJxuOwAD8x-R76UqGyCaIbIJkox12A5E0zmtHjIRH-uxGmC19p5NA-8lk0LaVxFOujuzwKkUurtZ14Pwm-YyQoxyKredrQejHlp6CfDvJ3sHbvzLL4eoMpJmAf0TTlm8G7blz5gamQ6G3B2YaMlqrim8r2uMWCaHXcawoLIT995GTlG-pi0Rrtocw6Tfnnm5BHHRoIknP8iTBRS7bnB0qjcJouX6kAwm_30qsKWpt_xKRTGwPeeWGvZmFnhOY-Cu7ABKGj9vSfBIgF9bXByUmSBQQIBBgBkgUECAUYBKAGLoAH9afekAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCJrULSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgnVAWh0dHBzOi8vd3d3LmJydWdtYW4ubmwvY29udGFjdC9tYWFrLWVlbi1hZnNwcmFhay8_dXRtX3NvdXJjZT1ydF9nb2FfMTk3NDk5NTIyNDVfMTQ2MDA1NjYwMDY1JnV0bV9tZWRpdW09ZGlzJnV0bV9jYW1wYWlnbj1ibW5fb25nX2xlYWRnZW5fMjAyM185X2Fmc3ByYWFrcGVyZm9ybWFuY2UmdXRtX2NvbnRlbnQ9NjQ5OTUxNDc4Nzc4JnV0bV90ZXJtPV9hbmRhY3JlZGl0by5teIAKAcgLAaIMDCoKCgjktLEC7rWxArgT5APYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItNjM3MzcwNTkzNjkwNzI3NBgA&sigh=keqEZORYDL0&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWWAxb3cSmDkRRQ5n3SPl212lsO0zhuyuKOPSY00gSEE_oDF_4GAE&template_id=484&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221723302580911595855%22,%22debug_reporting%22:true,%22destination%22:%22https://brugman.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22770206707%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218114675874530397921%22}&andc=true

Request Chain 59

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEwp-mjiLFVWIgHHKFn_hHs&google_cver=1&google_push=AXcoOmSpRdM-GpRojkddrbr92oLVepyGZtIVV3T761nftNORPeDgf5qRT8Oc8KC3pXa3KojPlUajLSj3XrLaj1MMA61NPEDyHOq6Zcw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSpRdM-GpRojkddrbr92oLVepyGZtIVV3T761nftNORPeDgf5qRT8Oc8KC3pXa3KojPlUajLSj3XrLaj1MMA61NPEDyHOq6Zcw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEwp-mjiLFVWIgHHKFn_hHs&google_cver=1&google_push=AXcoOmSpRdM-GpRojkddrbr92oLVepyGZtIVV3T761nftNORPeDgf5qRT8Oc8KC3pXa3KojPlUajLSj3XrLaj1MMA61NPEDyHOq6Zcw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSpRdM-GpRojkddrbr92oLVepyGZtIVV3T761nftNORPeDgf5qRT8Oc8KC3pXa3KojPlUajLSj3XrLaj1MMA61NPEDyHOq6Zcw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 60

https://um.simpli.fi/gp_match?google_gid=CAESEGFDFK_ABqOUJjYwOocuWKQ&google_cver=1&google_push=AXcoOmTedPRJB97UPL9kpdp_5EpD0yuo0f4XBItDA4t7OiJITDlHuJrXGgk9ko14fpskUWU7ITaUf9kx_LSsfPhPW8fyLgVoLZR2HA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmTedPRJB97UPL9kpdp_5EpD0yuo0f4XBItDA4t7OiJITDlHuJrXGgk9ko14fpskUWU7ITaUf9kx_LSsfPhPW8fyLgVoLZR2HA

Request Chain 61

https://d.agkn.com/pixel/2175/?google_gid=CAESENKC9hmWl4KweE7IMNPxEZA&google_cver=1&google_push=AXcoOmQdMTyZqGrOvzFIXVwbgTKaMhrggaFAIjWVnI4jUZ0710QYUro8GcTTN98UiX2r5KR7lHs5Wk5H9J5HQIXQsVmfhfeEBrcGRQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQdMTyZqGrOvzFIXVwbgTKaMhrggaFAIjWVnI4jUZ0710QYUro8GcTTN98UiX2r5KR7lHs5Wk5H9J5HQIXQsVmfhfeEBrcGRQ&google_hm=Q0FFU0VOS0M5aG1XbDRLd2VFN0lNTlB4RVpB

Request Chain 62

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKiZQWcZecytNjHS7gZ0pgk&google_cver=1&google_push=AXcoOmQdXgjXfwXlVXWhymkQKSGcN_iFMiWcRV_UdU9PMFderwg9BsRD-aONNQ186X-UV-wXiEIjewCc9FObnZ3Ph3WhuKFhEpKeKe0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQdXgjXfwXlVXWhymkQKSGcN_iFMiWcRV_UdU9PMFderwg9BsRD-aONNQ186X-UV-wXiEIjewCc9FObnZ3Ph3WhuKFhEpKeKe0&google_hm=eS1ZVHBxc09oRTJwR09KOXB0SWd0d09UaWVMVmhCN0pBUX5B

Request Chain 64

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHOvggY49AKnQokfQUA7Xs8&google_cver=1&google_push=AXcoOmRb3808TDhAdW1PZPi7cSZkbtSnDSy9PYgA5Csew7qv2HZXIhjJFNw6YBk-HhFSAMgu6lZTAXbmXdRSQAxoHye1J57NvmJkMyw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRb3808TDhAdW1PZPi7cSZkbtSnDSy9PYgA5Csew7qv2HZXIhjJFNw6YBk-HhFSAMgu6lZTAXbmXdRSQAxoHye1J57NvmJkMyw

Request Chain 98

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEV2GHgxKKeQ14ClKF84HTI&google_cver=1&google_push=AXcoOmTMWoHLJdxZEQIU7BiBSPfbecFlNr3otc9DZEnnS7neLJ6xl2m6qEzGu7jY5ELM8P8NDqHCuyCjJLXvV3sYVQdukNjMQvJVJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk1OTYxMDkwNjk2NDUyNDA2MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFNQqDxP8dGaQ2IgVAZHMsI&google_cver=1

Request Chain 101

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPmmMp8J-igI9T0bMRDTtaw&google_cver=1&google_push=AXcoOmQR5OtCA_t5hRfVGRiDs5o8WzAVO_lDKS6-tP7ZjgSnX1w32jhWF5H1R1k-IBZbc_a3Zp1XV1BGB0MBQZtgv_vRqVVz6-lVoIo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQR5OtCA_t5hRfVGRiDs5o8WzAVO_lDKS6-tP7ZjgSnX1w32jhWF5H1R1k-IBZbc_a3Zp1XV1BGB0MBQZtgv_vRqVVz6-lVoIo&google_hm=oTaLQcBESzqAgqDb5I2z9JI

Request Chain 103

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGCUluQpX3k8h7_PoBKAZyw&google_cver=1&google_push=AXcoOmRmc7rFp7PXcDLeohi_ak1EksLIcvMBFc_TJCkPCTHkRkIEHG5alUQuM6sxrc2aweQdIGXKBDehFI0UU9XwvN92M6sZ3aqIalI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmc7rFp7PXcDLeohi_ak1EksLIcvMBFc_TJCkPCTHkRkIEHG5alUQuM6sxrc2aweQdIGXKBDehFI0UU9XwvN92M6sZ3aqIalI&google_hm=eS1ZVHBxc09oRTJwR09KOXB0SWd0d09UaWVMVmhCN0pBUX5B

Request Chain 104

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECviBzPbYOT-ouFATG9i4lQ&google_cver=1&google_push=AXcoOmR0XjFpaU8KBMEV3FtI_3NAMt0mq9avnGGHLZTM49KvghKjrDuVSzSc3HdGs_-vQs04_FSR2U2xaCP7IKPQheZbcaSA8Oz0410 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECviBzPbYOT-ouFATG9i4lQ&google_cver=1&google_push=AXcoOmR0XjFpaU8KBMEV3FtI_3NAMt0mq9avnGGHLZTM49KvghKjrDuVSzSc3HdGs_-vQs04_FSR2U2xaCP7IKPQheZbcaSA8Oz0410 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcyMTAyNzkxMTg3NzQ1NTg1MA&google_push=AXcoOmR0XjFpaU8KBMEV3FtI_3NAMt0mq9avnGGHLZTM49KvghKjrDuVSzSc3HdGs_-vQs04_FSR2U2xaCP7IKPQheZbcaSA8Oz0410

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 109

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBoTOZwTr03v3bwLbK9w4f0&google_cver=1&google_push=AXcoOmQktErNp-bM7ixZmMFd9wwJGndLHH2udXHnCj7I11gQxLVsKt6XV4P5PiUcLMIV_7k6GmqoTtaVjWnyCTBHn8-FwmcJMPN2 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQktErNp-bM7ixZmMFd9wwJGndLHH2udXHnCj7I11gQxLVsKt6XV4P5PiUcLMIV_7k6GmqoTtaVjWnyCTBHn8-FwmcJMPN2&google_hm=GFYl33AntQwADoE8G26mwg

Request Chain 110

https://um.simpli.fi/gp_match?google_gid=CAESEFBXkaS3qfg91LqncdC_iv0&google_cver=1&google_push=AXcoOmRoEQ7-IgPmXIgGc2vKFqxPyJF-rYF53psTH4nvdIFJO_GzR90mIqdHkeJiFaFeDmF9aRRM_to1p4FSLb9uxyXDhXrTqyAP8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmRoEQ7-IgPmXIgGc2vKFqxPyJF-rYF53psTH4nvdIFJO_GzR90mIqdHkeJiFaFeDmF9aRRM_to1p4FSLb9uxyXDhXrTqyAP8w

Request Chain 111

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOBGDYX8fxhbU33FIPXsyKk&google_cver=1&google_push=AXcoOmT5R05dqUDO4y-FzB5p22YIVFOFBweVDgZlKkuMzbxQO9q7wg8jkQqqqG6Ozjh-h0JC8dsr9R4e2loazZuJQIK9TnTy58RG HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4NOndHyuQ0eTCXOXTndcmw2&google_push=AXcoOmT5R05dqUDO4y-FzB5p22YIVFOFBweVDgZlKkuMzbxQO9q7wg8jkQqqqG6Ozjh-h0JC8dsr9R4e2loazZuJQIK9TnTy58RG

Request Chain 112

https://d5p.de17a.com/cookies/google?google_gid=CAESEEQL2u0AsZ6rkp0YBTYBAx8&google_cver=1&google_push=AXcoOmQ6orWQrLwqkg99xC0F75lRmqfzn86_oWv9ccXnyTYkjMOcmVCLQ_GYvzKGVzZK-Kyo_Uzw-UiiKptFNEx4S7q1Lq2Vz_6HQw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEQL2u0AsZ6rkp0YBTYBAx8&google_cver=1&google_push=AXcoOmQ6orWQrLwqkg99xC0F75lRmqfzn86_oWv9ccXnyTYkjMOcmVCLQ_GYvzKGVzZK-Kyo_Uzw-UiiKptFNEx4S7q1Lq2Vz_6HQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ6orWQrLwqkg99xC0F75lRmqfzn86_oWv9ccXnyTYkjMOcmVCLQ_GYvzKGVzZK-Kyo_Uzw-UiiKptFNEx4S7q1Lq2Vz_6HQw

Request Chain 114

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECviBzPbYOT-ouFATG9i4lQ&google_cver=1&google_push=AXcoOmSD9YPFCBv7uYgIUuMooIPcJx5uia5j5Q8J-B4FE4iUtU3ECo--P-bmgpApRrzjDTnPgvW1otrLtZ8bsVWYX0W3gTeTyt8vIQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECviBzPbYOT-ouFATG9i4lQ&google_cver=1&google_push=AXcoOmSD9YPFCBv7uYgIUuMooIPcJx5uia5j5Q8J-B4FE4iUtU3ECo--P-bmgpApRrzjDTnPgvW1otrLtZ8bsVWYX0W3gTeTyt8vIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDAxNDQyNDU1MjY4MjA2MDkw&google_push=AXcoOmSD9YPFCBv7uYgIUuMooIPcJx5uia5j5Q8J-B4FE4iUtU3ECo--P-bmgpApRrzjDTnPgvW1otrLtZ8bsVWYX0W3gTeTyt8vIQ

Request Chain 115

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENxqlHHASvN132Ef84tOgfI&google_cver=1&google_push=AXcoOmR2mJ9I-SYgvuNgjHAqdkhVkIUBeGUGlp8-WzsurwL3XenL4Xd9EEeSykjTUMAbuc615AG8uNZShOxs4OxbbO0HRHgwEZEJE34 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmR2mJ9I-SYgvuNgjHAqdkhVkIUBeGUGlp8-WzsurwL3XenL4Xd9EEeSykjTUMAbuc615AG8uNZShOxs4OxbbO0HRHgwEZEJE34 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 124

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEV2GHgxKKeQ14ClKF84HTI&google_cver=1&google_push=AXcoOmRtgI_fUvsmnOC8Z0KBzZWAUQ6v5wxgBKEeKQGqG1x38O2JpxYhCr0usYr66Zejwtscn571eQ3t-xDDa_jW7xlUoOhCt7efaw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk1OTYxMDkwNjk2NDUyNDA2MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFNQqDxP8dGaQ2IgVAZHMsI&google_cver=1

Request Chain 126

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELDBNAIoA6a10Bph0gs5Id0&google_cver=1&google_push=AXcoOmSZB61N_t9Bpf4vQqbTaIqpZt_1aMJsAT7sd-XsiwkHkjIveG28Vte287bJcxa28EbxBBoYHMQeIfw_HgKkeVCX3jAy7pSmcQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELDBNAIoA6a10Bph0gs5Id0&google_cver=1&google_push=AXcoOmSZB61N_t9Bpf4vQqbTaIqpZt_1aMJsAT7sd-XsiwkHkjIveG28Vte287bJcxa28EbxBBoYHMQeIfw_HgKkeVCX3jAy7pSmcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=anhjY1UxYnYxUUZYM2w1&google_gid=CAESELDBNAIoA6a10Bph0gs5Id0&google_cver=1&google_push=AXcoOmSZB61N_t9Bpf4vQqbTaIqpZt_1aMJsAT7sd-XsiwkHkjIveG28Vte287bJcxa28EbxBBoYHMQeIfw_HgKkeVCX3jAy7pSmcQ

Request Chain 128

https://um.simpli.fi/gp_match?google_gid=CAESEFBXkaS3qfg91LqncdC_iv0&google_cver=1&google_push=AXcoOmRnd-fLgcRjsd-zolPmSR9M8dA52hyavYtW_-66BCx58-hsy-KoMpVyuFoutt0JtNHue0BeDJ2hJfaLEASxY23gcMD-G9esyw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmRnd-fLgcRjsd-zolPmSR9M8dA52hyavYtW_-66BCx58-hsy-KoMpVyuFoutt0JtNHue0BeDJ2hJfaLEASxY23gcMD-G9esyw

Request Chain 129

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEK6MZnzOGuQrA2IP9_Z06HA&google_cver=1&google_push=AXcoOmRLHmkdj2aQmML4eSdaZShrh5ZH4g1g1_4OSygDb6xfzZbLFTHut8m58mMIS0qCk44lOT_FiuJu7zAU9qn_ZmueelxWJcC4jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NzgyNTMyNTc4MzY0NDMxOQ%3D%3D&google_push=AXcoOmRLHmkdj2aQmML4eSdaZShrh5ZH4g1g1_4OSygDb6xfzZbLFTHut8m58mMIS0qCk44lOT_FiuJu7zAU9qn_ZmueelxWJcC4jA

Request Chain 132

https://googleads.g.doubleclick.net/pagead/adview?ai=CXr11kAcAZef4O5iD-gaT5o2QDZqrtZhwlL_ZlfkQ07_utPA6EAEgz8OZc2CRBKABovP91QLIAQGpAqboG8cCCLI-qAMByAPLBKoEgQNP0AvqhuFBzT30vF07GtLnz7ziLy6e_56D0O9e20m8C2aDaZwLJq7xpzJJq-eqI34TliUvj7ZqMhfcp8rLrGH690c8K-mTgWlSVVN69-Elk-V-kGyo7KvCoJeZ0P1KGy8kVrzO22L4MdkQULNnB_5zLbnODkbKSNWiNn9wlhtXcQASdzHelkU1KVFFhg4d7cf12Zb7NtZpreVW3qruhI2EkbnNUSZPuRZQ9i8yh0WyN89Yo7UrY1DN3UWPv_7MxRApg-b1xbbcc8tO3FDLuQ2_6ApDtWRNKqflAEemePFQ1_iveOhQBc3xhTNW5qSpt3YLIHtukflKz025FrI8lHA1-PZWx8AZV9bg4g-jb7QmAvXHnZjG4RkeA5MOA7hQTKjsspACMut8ti-C6kS_aamo5u5vHSm_phmVKriLPr19CqvB0D2lIPAlrG0iTERsL7NDVvI_f-tAQ2qvmZNBMon-cShN7dddPUcSXc4bY2fQHYl5ft9EfnYVfZjDR9u2x5mcwATd_ODWnASIBYr0ocZKkgUECAQYAZIFBAgFGASAB8aMgqoBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpr0N0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJHmh0dHBzOi8vdGliYmFhLmNvbS9zdGFydGRpcmVjdIAKAcgLAdgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MzczNzA1OTM2OTA3Mjc0GAA&sigh=vP_DMo-FbdE&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWngWyCiEwtFmQOAZycdYYaQVXv2ApnAYH4c0WQoXlhu0X5UwgGAE&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225543343638084156351%22,%22debug_reporting%22:true,%22destination%22:%22https://tibbaa.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22717191586%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210006995333627121057%22}&andc=true

Request Chain 135

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 138

https://googleads.g.doubleclick.net/pagead/adview?ai=CLoUgkAcAZej4O5iD-gaT5o2QDYT81eBslcKUqbcR8uzS4LIBEAEgz8OZc2CRBKABzcm0zAHIAQGpAqboG8cCCLI-qAMByAPLBKoEhgNP0IJx8W8e0PQ9WKSvrqMrbBnIRgCn1Qx2BjgzzFq6mS2eDh7DyYCquQWhe1MQ7KRQFiR9VG4skXdE64Yyn_WpLDfHlUOf2Cbp_0ZkJv1ECIFJwQCipXQbzHOUeDPftr_pC310A3ZhUc17u9crw8FiaBUY611gg_njN4I9wrcJreYI5Jr6_1hTaWsjUYKEA4UfKGzXFACNGblEIOQwRzkxGGLr90Xx9UhJiTZpcvHw_uccDNLvFZpnemy_06Vpwq25yqJBAUWrzr-jrfUC6uov_BmZjDyW1vs_SRGuvKFOzoPujshOJbsxbC0Hye3sZZ2hP_GTh7MP_-yRPkusFbIN5xlBoP_eydV9-ZAgX6VlxU8p78ByeRIqxt3F_sTDw6qy1tvIuSE5bxwOYzXxhH-uHxU5mPkFMihAfod4tYq7HK0cqEnGNgdPv-8_P3YZDG_bwSmK7gZsNjVqCagqGJkog1SZOOtQ9XqJW2Nm8cpYcgWRY1BUH7LSaZT0wAUqVmZ_pvQ116bABJjGrfK4A4gFko7WgC6SBQQIBBgBkgUECAUYBIAHm7bLswKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCbiSvSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkzaHR0cHM6Ly93d3cuZXVyb3Ryb25pYy5ubC91cHMtb25kZXJob3VkLWVuLWNvbnRyb2xlgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTYzNzM3MDU5MzY5MDcyNzQYAA&sigh=8ySebXoljNA&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWngWyCiEwtFmQOAZycdYYaQVXv2ApnAYH4c0WQoXlhu0X5UwgGAE&template_id=5020&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210653435112338612719%22,%22debug_reporting%22:true,%22destination%22:%22https://eurotronic.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22428680397%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224021200017715956433%22}&andc=true

Request Chain 139

https://googleads.g.doubleclick.net/pagead/adview?ai=C9n0tkAcAZen4O5iD-gaT5o2QDcHb4upygLnQ8NgRiv2ghMMBEAEgz8OZc2CRBKAB76Tr_QPIAQmpAqboG8cCCLI-qAMByAPLBKoE9QJP0Ecim7xa9vHzimGI_ze1QxTIhBDNP5lxhdwN2kZ5w6TTj-BxiwhqmDCSxEVQxIagpIum0gLLtUoJEOOlWZZLr5V6QNccs-eutyM0lHxe2oWCH8n0PhnpiAejZ11DHWO5n5i-cUZkynwoRLT6RwBdUhpU419OnJOMAE8VuOU42yHOHnH-0E0mHYvGVeiwxqGYFAk9tTaLz02VdEAIMWF_EpNiXTfmgcMEGWAy2aJUK1aUU34oLgA7bzKT8BuRyxGqbopG6bYllLkePCscujVkMV3_5QPNQhJ0eXwFksTLLHUiRWtMeqBb7HvDYTvkXDZXTN9gXyKq4NmXf0JiUGhQ5Hw_QgZS_ZEHE6bPvpLqKRRgiTztDb63ftw4pgXVLLiDUuYBHCIqI_TpKzPzwflKx36vzzCaCXZ5KgFyOTqBl0VnlKyeg8GowVBAOtdjOyd0wYiZPbUiZ54GpMJgxw_-TC8BF1AIQHvdEPd3s1S_VJDOMIgdwAS2vNzctQSIBbj5q7lMkgUECAQYAZIFBAgFGASgBi6AB_nalAKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCc3hHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkiaHR0cHM6Ly93d3cua2Vyc3RwYWtrZXR0ZW5wbGF6YS5ubIAKAcgLAbgT5APYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItNjM3MzcwNTkzNjkwNzI3NBgA&sigh=aSBU9GwXRAk&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWngWyCiEwtFmQOAZycdYYaQVXv2ApnAYH4c0WQoXlhu0X5UwgGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216148236639414909188%22,%22debug_reporting%22:true,%22destination%22:%22https://kerstpakkettenplaza.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221069208175%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210074702575395867649%22}&andc=true

149 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request offers Show response
andacredito.mx/landing/
Redirect Chain

http://clnk.si/137CI
https://clnk.si/137CI
https://sl.crezu.mx/crm?sub2=mx-sms-welcome-click-trigger-3&lead_id=4dc65fd250fc4736a409f5dda0fd6f36&landing=offers
https://track.crezu.net/click?offer_id=216&sub1=4dc65fd250fc4736a409f5dda0fd6f36&pid=2&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub6=14&sub4=0
https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=

2 KB
1 KB

959ms
247ms

Document
text/html

35.235.93.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.235.93.22 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.93.235.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a9d019de6cb27c35845f9e26aa99dd8e2f01f04368f237c65f631578cb0dc1c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 12 Sep 2023 06:39:12 GMT
ETag: W/"63c55c2b-8a7"
Last-Modified: Mon, 16 Jan 2023 14:16:11 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Tue, 12 Sep 2023 06:39:11 GMT
location: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 145 KB
56 KB 85ms
33ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-790050544

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c02a9a923d18ca649db49834a748c054319b4366675f6c4dc069c36778f2b8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56830
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Sep 2023 06:39:12 GMT

GET
H2 200 style.css
cdn.crezu.net/offers/dist/ 60 KB
11 KB 68ms
15ms Stylesheet
text/css 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/dist/style.css
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 63425a51bc14b66579166bac9b5902793d36bf0ba63a713e0517967c81d9a313

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:18 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 11 Sep 2023 15:37:30 GMT
server: nginx/1.14.0 (Ubuntu)
age: 53754
etag: W/"64ff343a-f040"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11005
expires: Mon, 18 Sep 2023 15:43:18 GMT

GET
H/1.1 200
OK mx.js Show response
andacredito.mx/js/ 1006 B
899 B 245ms
244ms Script
application/javascript 35.235.93.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://andacredito.mx/js/mx.js
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.235.93.22 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.93.235.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8236d168322fe35d3a2e16f1786d9f37617b3a722aa109a94ca07f91cf171775

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 06:39:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Dec 2022 13:32:16 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"63a067e0-3ee"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 19 Sep 2023 06:39:12 GMT

GET
H2 200 common.js Show response
cdn.crezu.net/common/dist/ 188 KB
55 KB 69ms
17ms Script
application/javascript 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/common/dist/common.js
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 18a49454b27284f8a409abfe02ee82f6aca81c42481091e6710bc2d8aa2ade16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:41:24 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 11 Sep 2023 15:37:30 GMT
server: nginx/1.14.0 (Ubuntu)
age: 53868
etag: W/"64ff343a-2f130"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56489
expires: Mon, 18 Sep 2023 15:41:24 GMT

GET
H2 200 offers.iife.js Show response
cdn.crezu.net/offers/dist/ 199 KB
60 KB 90ms
37ms Script
application/javascript 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ec68368115e7c1e9eeececfb003c990d971d917c84c94e9798fedbcf116decfc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:42:54 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 11 Sep 2023 15:37:30 GMT
server: nginx/1.14.0 (Ubuntu)
age: 53778
etag: W/"64ff343a-31ac8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61442
expires: Mon, 18 Sep 2023 15:42:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 185 KB
66 KB 97ms
64ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M86R7TG

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

285e118e92522c8ff54924df155c47e28811c85f9e66e756ad4571da1a0e9cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67608
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Sep 2023 06:39:12 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/790050544/ 3 KB
2 KB 115ms
63ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/790050544/?random=1694500752354&cv=11&fst=1694500752354&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&hn=www.googleadservices.com&frm=0&tiba=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&auid=1727638184.1694500752&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-790050544

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da20c86e8b34fdb9c40bddee0fd35ba440bd7776e1be0de139fece28a2d3da61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1441
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 185ms
116ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M86R7TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f264931fbb1d2885a1a4f117ce8e83e47acf6495d3b78b2ff3fcff599c53fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50409
x-xss-protection: 0
server: cafe
etag: 16706649859878713776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 06:39:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EM2MYKZJLX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M86R7TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51901d4731a0b09210085c3a1e0c40319a73f2c9b9f8d77f33d76850e876b8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93196
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Sep 2023 06:39:12 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 48ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EM2MYKZJLX&gtm=45je3960&_p=1567402473&_gaz=1&cid=1518035038.1694500752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694500752&sct=1&seg=0&dl=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&dt=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EM2MYKZJLX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://andacredito.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 72ms
24ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EM2MYKZJLX&cid=1518035038.1694500752&gtm=45je3960&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EM2MYKZJLX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://andacredito.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 80ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EM2MYKZJLX&cid=1518035038.1694500752&gtm=45je3960&aip=1&z=1329533072

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/790050544/ 42 B
455 B 84ms
34ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/790050544/?random=1694500752354&cv=11&fst=1694498400000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&frm=0&tiba=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1157678849&rmt_tld=0&ipr=y

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/790050544/ 42 B
154 B 53ms
32ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/790050544/?random=1694500752354&cv=11&fst=1694498400000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&frm=0&tiba=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1157678849&rmt_tld=1&ipr=y

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
workers.crezu.net/geoip/ 57 B
525 B 126ms
22ms Fetch
application/json 34.77.94.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://workers.crezu.net/geoip/
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.77.94.206 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.94.77.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fb5d224c0d6133efc6727f46d8b9120582df1b550370f4e6181e4d09334d0e57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 06:39:12 GMT
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
Content-Length: 57

GET
H/1.1 200
OK sl-feed Show response
sl.crezu.net/ 30 B
513 B 128ms
54ms XHR
application/json 35.241.222.91
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sl.crezu.net/sl-feed?lead_id=4dc65fd250fc4736a409f5dda0fd6f36&page=landing-offers&direction=swap
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.222.91 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 91.222.241.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 83266e6622f2a756514aa79371b77429d60037875178227cc7cebe4957376317

Request headers

Accept: application/json, text/plain, */*
Referer: https://andacredito.mx/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 06:39:12 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, x-requested-with
Content-Length: 30

GET
H3 200 Montserrat-Bold.ttf
cdn.crezu.net/offers/src/assets/fonts/montserrat/ 313 KB
313 KB 51ms
21ms Font
application/octet-stream 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/src/assets/fonts/montserrat/Montserrat-Bold.ttf
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3353dbadebb12047d42fe8bf09b3f2650eb1c7e8f8aa42befcff6c78ef1974dc

Request headers

Referer: https://cdn.crezu.net/offers/dist/style.css
Origin: https://andacredito.mx
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:12 GMT
via: 1.1 google
last-modified: Thu, 24 Mar 2022 10:14:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "623c4497-4e248"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320072

GET
H2 200 push-v3.css
cdn.morecashpls.com/landings/css/ 5 KB
1 KB 85ms
15ms Stylesheet
text/css 34.107.249.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.morecashpls.com/landings/css/push-v3.css
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/common/dist/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.249.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.249.107.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e99a79b67018d4f28948226a27d0aa7d3e7a2e71eefaa13993e323fe71ca0cd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 10:42:18 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 19 Jul 2022 08:15:29 GMT
server: nginx/1.14.0 (Ubuntu)
age: 244614
etag: W/"62d66821-14e0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1254
expires: Sat, 16 Sep 2023 10:42:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/ Frame 8C53 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 77630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 09:05:22 GMT
etag: 8554266389219770021
expires: Mon, 25 Sep 2023 09:05:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 379 KB
129 KB 112ms
112ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6373705936907274&plah=andacredito.mx

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44b998b905a69ea4e7f13d76797fe491e7a71dfd8b9c02b34bcb128c3bcf0a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131797
x-xss-protection: 0
server: cafe
etag: 6905629942340816422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 06:39:12 GMT

GET
H3 200 mx_feed.json Show response
cdn.crezu.net/offers_data/configs/ 78 KB
9 KB 27ms
27ms XHR
application/json 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers_data/configs/mx_feed.json
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fa503dfdadb36bfe3b366aaef36c3d4ed5ce5249923fdb979e6c530d6adcfcd3

Request headers

Accept: application/json, text/plain, */*
Referer: https://andacredito.mx/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:12 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 11 Sep 2023 23:42:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64ffa5e5-13734"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H/1.1 204
No Content event
events.crezu.net/api/ Frame 0
0 136ms
23ms Preflight
text/plain 35.240.92.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://events.crezu.net/api/event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.240.92.105 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.92.240.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://andacredito.mx
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,X-API-KEY,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 12 Sep 2023 06:39:12 GMT
Server: nginx/1.18.0 (Ubuntu)

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EM2MYKZJLX&gtm=45je3960&_p=1567402473&cid=1518035038.1694500752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1694500752&sct=1&seg=0&dl=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&dt=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EM2MYKZJLX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://andacredito.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EM2MYKZJLX&gtm=45je3960&_p=1567402473&cid=1518035038.1694500752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1694500752&sct=1&seg=0&dl=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&dt=Ofertas%20de%20pr%C3%A9stamos%20r%C3%A1pidos%20%7C%20AndaCr%C3%A9dito&en=feedSubmitted&_c=1&_et=198
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EM2MYKZJLX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://andacredito.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 201
Created event Show response
events.crezu.net/api/ 0
402 B 29ms
29ms Fetch 35.240.92.105
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://events.crezu.net/api/event
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/offers.iife.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.240.92.105 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 105.92.240.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://andacredito.mx/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 12 Sep 2023 06:39:12 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-API-KEY,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H2 200 vivus.svg
cdn.crezu.net/offers_data/images/ 3 KB
3 KB 15ms
11ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/vivus.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5e37eed5fe086f3d4b30f5918ce80d5dcd5c38473c6497c26160710addeea013

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:58 GMT
via: 1.1 google
last-modified: Mon, 31 Oct 2022 07:35:30 GMT
server: nginx/1.14.0 (Ubuntu)
age: 53714
etag: "635f7ac2-cff"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3327
expires: Mon, 18 Sep 2023 15:43:58 GMT

GET
H2 200 cards.png
cdn.crezu.net/offers/src/assets/img/ 23 KB
23 KB 29ms
25ms Image
image/png 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers/src/assets/img/cards.png
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 726308d60991c0af0e4e25515249c1a2adc3976fad41b2ca22bb8f1380ace4cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 05:58:30 GMT
via: 1.1 google
last-modified: Tue, 22 Feb 2022 09:44:23 GMT
server: nginx/1.14.0 (Ubuntu)
age: 2442
etag: "6214b077-5a97"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23191
expires: Tue, 19 Sep 2023 05:58:30 GMT

GET
H2 200 tarjetas_online_1.png
cdn.crezu.net/offers_data/images/ 43 KB
43 KB 26ms
22ms Image
image/png 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/tarjetas_online_1.png
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 56814b7d406e980f2304225a2a68993319fec77317a2fefc1b3223bf6237d855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:32 GMT
via: 1.1 google
last-modified: Wed, 03 Aug 2022 12:56:28 GMT
server: nginx/1.14.0 (Ubuntu)
age: 53740
etag: "62ea707c-aa2f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43567
expires: Mon, 18 Sep 2023 15:43:32 GMT

GET
H2 200 credilikeme.svg
cdn.crezu.net/offers_data/images/ 11 KB
11 KB 27ms
23ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/credilikeme.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e6c5c461893723c63bc895efa9b77800585897c98156560e66e6db75a10f6b0d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:45:20 GMT
via: 1.1 google
last-modified: Wed, 02 Feb 2022 09:23:50 GMT
server: nginx/1.14.0 (Ubuntu)
age: 53632
etag: "61fa4da6-2bfa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11258
expires: Mon, 18 Sep 2023 15:45:20 GMT

GET
H2 200 vexi_cards.svg
cdn.crezu.net/offers_data/images/ 502 KB
503 KB 32ms
28ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers_data/images/vexi_cards.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3fba042d66c118ce8482e7234f74b97449730bf19c62329fcbd50b99eaa254e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:42:53 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 10:05:10 GMT
server: nginx/1.14.0 (Ubuntu)
age: 53779
etag: "62bad256-7d882"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 514178
expires: Mon, 18 Sep 2023 15:42:53 GMT

GET
H2 200 i-coin.svg
cdn.crezu.net/offers/src/assets/img/ 451 B
551 B 31ms
27ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers/src/assets/img/i-coin.svg
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c50c9d76ad4e28c150f09dfa4f6d2fc6e1adb5eadf841b9b6a28ea55c3b45021

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.crezu.net/offers/dist/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:04 GMT
via: 1.1 google
last-modified: Tue, 22 Feb 2022 09:44:23 GMT
server: nginx/1.14.0 (Ubuntu)
age: 53768
etag: "6214b077-1c3"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 451
expires: Mon, 18 Sep 2023 15:43:04 GMT

GET
H2 200 chip.png
cdn.crezu.net/offers/src/assets/img/ 298 B
393 B 30ms
26ms Image
image/png 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers/src/assets/img/chip.png
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6c119d365fbfa2a92664014792d670928a767572e90434a25aa95b6af6f29671

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.crezu.net/offers/dist/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:32 GMT
via: 1.1 google
last-modified: Mon, 21 Mar 2022 13:49:59 GMT
server: nginx/1.14.0 (Ubuntu)
age: 53740
etag: "62388287-12a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
expires: Mon, 18 Sep 2023 15:43:32 GMT

GET
H2 200 i-card.svg
cdn.crezu.net/offers/src/assets/img/ 1 KB
1 KB 25ms
21ms Image
image/svg+xml 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.crezu.net/offers/src/assets/img/i-card.svg
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3524705a4e41f826d205a6a2da1cde39f5f27725fc91971e87a7a68cdeeb2821

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.crezu.net/offers/dist/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:43:14 GMT
via: 1.1 google
last-modified: Tue, 22 Aug 2023 11:12:40 GMT
server: nginx/1.14.0 (Ubuntu)
age: 53758
etag: "64e49828-437"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1079
expires: Mon, 18 Sep 2023 15:43:14 GMT

GET
H3 200 Montserrat-Regular.ttf
cdn.crezu.net/offers/src/assets/fonts/montserrat/ 314 KB
314 KB 33ms
31ms Font
application/octet-stream 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/src/assets/fonts/montserrat/Montserrat-Regular.ttf
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e422c9e7b193c43036b49343e86201a4adf09795984214ead171606cb4df86d5

Request headers

Referer: https://cdn.crezu.net/offers/dist/style.css
Origin: https://andacredito.mx
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:12 GMT
via: 1.1 google
last-modified: Thu, 24 Mar 2022 10:14:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "623c4497-4e8a0"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 321696

GET
H3 200 Montserrat-SemiBold.ttf
cdn.crezu.net/offers/src/assets/fonts/montserrat/ 312 KB
312 KB 27ms
24ms Font
application/octet-stream 35.201.76.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.crezu.net/offers/src/assets/fonts/montserrat/Montserrat-SemiBold.ttf
Requested by: Host: cdn.crezu.net
URL: https://cdn.crezu.net/offers/dist/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.76.201.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a2bfd4107782129b2db1fbeca09be2eb6e311180f7349cd53ad32b2b6be82934

Request headers

Referer: https://cdn.crezu.net/offers/dist/style.css
Origin: https://andacredito.mx
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:12 GMT
via: 1.1 google
last-modified: Thu, 24 Mar 2022 10:14:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "623c4497-4e038"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 319544

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
330 B 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=andacredito.mx&callback=_gfp_s_&client=ca-pub-6373705936907274

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6373705936907274&plah=andacredito.mx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cab64a5ebd216dbc8d1090c4a4acb0aeb5978535c9e8c570c23c5a0a12393b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7259 456 KB
79 KB 1610ms
1607ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&adk=1812271804&adf=3025194257&lmt=1673874971&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694500752650&bpp=3&bdt=434&idt=273&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=977048336617&frm=20&pv=2&ga_vid=1518035038.1694500752&ga_sid=1694500753&ga_hid=1567402473&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077699%2C44795921%2C31076994&oid=2&pvsid=3775051539506680&tmod=124000083&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=293

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30d723a4c49276260bc6e2d943a01c4e1d398cdae58b60569cb583af78b8fee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 81015
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:39:14 GMT
expires: Tue, 12 Sep 2023 06:39:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6C48 112 KB
39 KB 1696ms
1695ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=7429060818&adk=1462056812&adf=3069310087&pi=t.ma~as.7429060818&w=910&fwrn=4&fwrnh=100&lmt=1673874971&rafmt=1&format=910x280&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694500752734&bpp=2&bdt=518&idt=213&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=977048336617&frm=20&pv=1&ga_vid=1518035038.1694500752&ga_sid=1694500753&ga_hid=1567402473&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077699%2C44795921%2C31076994&oid=2&pvsid=3775051539506680&tmod=124000083&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=osZwwL0XxG&p=https%3A//andacredito.mx&dtd=221

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dcf6eb5eda272f00fcae338d989dc5fa6b3a5b50d78b7a61ce27a38965710fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39813
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:39:14 GMT
expires: Tue, 12 Sep 2023 06:39:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 i-push-close.svg
cdn.morecashpls.com/landings/img/ 639 B
753 B 27ms
26ms Image
image/svg+xml 34.107.249.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.morecashpls.com/landings/img/i-push-close.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.249.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.249.107.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5e0440d1f014655b2a7c9a0ce23aa09e79d49d7afce588d3f7d54a89e92ceb6f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 10:14:24 GMT
via: 1.1 google
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
server: nginx/1.14.0 (Ubuntu)
age: 246289
etag: "5e4d5e4b-27f"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 639
expires: Sat, 16 Sep 2023 10:14:24 GMT

GET
H2 200 i-push-01.svg
cdn.morecashpls.com/landings/img/ 1 KB
1 KB 27ms
27ms Image
image/svg+xml 34.107.249.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.morecashpls.com/landings/img/i-push-01.svg
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.249.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.249.107.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5bacac65cd03f5724f8e242261b6cd170831f4783c2f46c5885a9c32fdf84850

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 04:35:51 GMT
via: 1.1 google
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
server: nginx/1.14.0 (Ubuntu)
age: 7402
etag: "5e4d5e4b-56f"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1391
expires: Tue, 19 Sep 2023 04:35:51 GMT

GET
H2 200 img-push-arrow.png
cdn.morecashpls.com/landings/img/ 20 KB
20 KB 17ms
16ms Image
image/png 34.107.249.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.morecashpls.com/landings/img/img-push-arrow.png
Requested by: Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.249.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.249.107.34.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 194d53b4483d0fc25f7ccf7f5431893376d633324170f6366d4de0eb102fe25e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 09:13:52 GMT
via: 1.1 google
last-modified: Wed, 19 Feb 2020 16:11:55 GMT
server: nginx/1.14.0 (Ubuntu)
age: 249921
etag: "5e4d5e4b-5088"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20616
expires: Sat, 16 Sep 2023 09:13:52 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 154 KB
52 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0080533385cb921b0179ecb02426c5ef684d6bf2189d43b3678689f6af233bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53663
x-xss-protection: 0
server: cafe
etag: 9009111560259988752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 06:39:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6C48 4 KB
1 KB 98ms
32ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=7429060818&adk=1462056812&adf=3069310087&pi=t.ma~as.7429060818&w=910&fwrn=4&fwrnh=100&lmt=1673874971&rafmt=1&format=910x280&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694500752734&bpp=2&bdt=518&idt=213&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=977048336617&frm=20&pv=1&ga_vid=1518035038.1694500752&ga_sid=1694500753&ga_hid=1567402473&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077699%2C44795921%2C31076994&oid=2&pvsid=3775051539506680&tmod=124000083&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=osZwwL0XxG&p=https%3A//andacredito.mx&dtd=221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 06:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 06:16:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 06:39:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 6C48 2 KB
945 B 89ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame 6C48 23 KB
9 KB 84ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 6C48 3 KB
1 KB 87ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:35:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 6C48 20 KB
8 KB 75ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6C48 0
0 29ms
28ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzQ5TN-K6TwH4ZzE90eW50zi0qqHnAu75w9AuK6Blo20JDogk-pnNMAwRjBuk-0XnxuQ44XSBhSiM6wKV7nc6F1hQb7Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=7429060818&adk=1462056812&adf=3069310087&pi=t.ma~as.7429060818&w=910&fwrn=4&fwrnh=100&lmt=1673874971&rafmt=1&format=910x280&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694500752734&bpp=2&bdt=518&idt=213&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=977048336617&frm=20&pv=1&ga_vid=1518035038.1694500752&ga_sid=1694500753&ga_hid=1567402473&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077699%2C44795921%2C31076994&oid=2&pvsid=3775051539506680&tmod=124000083&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=osZwwL0XxG&p=https%3A//andacredito.mx&dtd=221
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C48 181 KB
57 KB 96ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 06:39:14 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame 6C48 36 KB
15 KB 87ms
31ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 11:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 11:05:55 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6C48
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf0gqkAcAZYyePNGi7gPT_bG4AeDXzL5x0K6bju4QZBABIM_DmXNgkQSgAfPXoe8CyAEJqQKm6BvHAgiyPqgDAcgDywSqBPACT9CYeUUfONsF9uN3qJG1RCXpRsEVzlR3CJCdpUE2XmDkZqd...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221723302580911595855%22,%22debug_reporting%22:true,%22destination%22:%22https://brugman.nl%22,%22event_report_window%22:%22...

0
0

113ms
57ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221723302580911595855%22,%22debug_reporting%22:true,%22destination%22:%22https://brugman.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22770206707%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218114675874530397921%22}&andc=true

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1723302580911595855","debug_reporting":true,"destination":"https://brugman.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["770206707"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"18114675874530397921"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Sep 2023 06:39:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 06:39:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1723302580911595855","debug_reporting":true,"destination":"https://brugman.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["770206707"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"18114675874530397921"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6835746992241422937/ Frame 6C48 28 KB
28 KB 105ms
60ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6835746992241422937/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

430c5ec2c068b7c86539903b0634ed86ddfc3cb02df3ea27d6b1af6e328b650f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28713
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 13:53:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 06:39:14 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/576219828329527597/ Frame 6C48 1 KB
1 KB 81ms
36ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/576219828329527597/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf3e192cbb8650f8de6594ad2ffa61267872058742197e80e6e166db4d6fdfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 05:45:05 GMT
x-content-type-options: nosniff
age: 89649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1176
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 13:53:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 05:45:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B46F 1 KB
643 B 34ms
32ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 69915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 12 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame 7C70 10 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 62463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 13:18:11 GMT
etag: 8554266389219770021
expires: Mon, 25 Sep 2023 13:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame 9179 10 KB
4 KB 26ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 62463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 13:18:11 GMT
etag: 8554266389219770021
expires: Mon, 25 Sep 2023 13:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame 262F 10 KB
4 KB 30ms
29ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 62463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 13:18:11 GMT
etag: 8554266389219770021
expires: Mon, 25 Sep 2023 13:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 113ms
55ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 06:39:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame B46F 35 B
462 B 81ms
22ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC0BxnuTz8gvqDBN2qfqk5Y&google_cver=1&google_push=AXcoOmQV6TpNerUJ4L22b2HT4t6KBsquKVjwTySuQdPw-T6MvwGb58dyEOV8ZWs01OG5jDqC3S-j-qv6TfNLZnEM4hjUrskgdEOm6Og

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B46F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEwp-mjiLFVWIgHHKFn_hHs&google_cver=1&google_push=AXcoOmSpRdM-GpRojkddrbr92oLVepyGZtIVV3T761nftNORPeDgf5qRT8Oc8KC3pXa3KojPlUajLSj3XrLaj1MMA61NPEDyHOq6Z...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEwp-mjiLFVWIgHHKFn_hHs&google_cver=1&google_push=AXcoOmSpRdM-GpRojkddrbr92oLVepyGZtIVV3T761nftNORPeDgf5qRT8Oc8KC3pXa3KojPlUajLSj3XrLaj1MMA61NPEDyHOq...

43 B
438 B

191ms
184ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEwp-mjiLFVWIgHHKFn_hHs&google_cver=1&google_push=AXcoOmSpRdM-GpRojkddrbr92oLVepyGZtIVV3T761nftNORPeDgf5qRT8Oc8KC3pXa3KojPlUajLSj3XrLaj1MMA61NPEDyHOq6Zcw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSpRdM-GpRojkddrbr92oLVepyGZtIVV3T761nftNORPeDgf5qRT8Oc8KC3pXa3KojPlUajLSj3XrLaj1MMA61NPEDyHOq6Zcw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373705936907274&output=html&h=280&slotname=7429060818&adk=1462056812&adf=3069310087&pi=t.ma~as.7429060818&w=910&fwrn=4&fwrnh=100&lmt=1673874971&rafmt=1&format=910x280&url=https%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694500752734&bpp=2&bdt=518&idt=213&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=977048336617&frm=20&pv=1&ga_vid=1518035038.1694500752&ga_sid=1694500753&ga_hid=1567402473&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077699%2C44795921%2C31076994&oid=2&pvsid=3775051539506680&tmod=124000083&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=osZwwL0XxG&p=https%3A//andacredito.mx&dtd=221
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 805626f79a70368a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3325
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEwp-mjiLFVWIgHHKFn_hHs&google_cver=1&google_push=AXcoOmSpRdM-GpRojkddrbr92oLVepyGZtIVV3T761nftNORPeDgf5qRT8Oc8KC3pXa3KojPlUajLSj3XrLaj1MMA61NPEDyHOq6Zcw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSpRdM-GpRojkddrbr92oLVepyGZtIVV3T761nftNORPeDgf5qRT8Oc8KC3pXa3KojPlUajLSj3XrLaj1MMA61NPEDyHOq6Zcw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 805626f638ee368a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B46F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGFDFK_ABqOUJjYwOocuWKQ&google_cver=1&google_push=AXcoOmTedPRJB97UPL9kpdp_5EpD0yuo0f4XBItDA4t7OiJITDlHuJrXGgk9ko14fpskUWU7ITaUf9kx_LSsfPhPW8fyLgVoLZR2HA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmTedPRJB97UPL9kpdp_5EpD0yuo0f4XBItDA4t7OiJITDlHuJrXGgk9ko14fpskUWU7ITaUf9kx_LSsfPh...

170 B
232 B

49ms
33ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmTedPRJB97UPL9kpdp_5EpD0yuo0f4XBItDA4t7OiJITDlHuJrXGgk9ko14fpskUWU7ITaUf9kx_LSsfPhPW8fyLgVoLZR2HA

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 06:39:14 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmTedPRJB97UPL9kpdp_5EpD0yuo0f4XBItDA4t7OiJITDlHuJrXGgk9ko14fpskUWU7ITaUf9kx_LSsfPhPW8fyLgVoLZR2HA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 11 Sep 2023 06:39:14 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B46F
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESENKC9hmWl4KweE7IMNPxEZA&google_cver=1&google_push=AXcoOmQdMTyZqGrOvzFIXVwbgTKaMhrggaFAIjWVnI4jUZ0710QYUro8GcTTN98UiX2r5KR7lHs5Wk5H9J5HQIXQsVmfhfeEBrcGRQ
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQdMTyZqGrOvzFIXVwbgTKaMhrggaFAIjWVnI4jUZ0710QYUro8GcTTN98UiX2r5KR7lHs5Wk5H9J5HQIXQsVmfhfeEBrcGRQ&google_hm=Q0FFU0VOS0M5aG1XbDR...

170 B
232 B

34ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQdMTyZqGrOvzFIXVwbgTKaMhrggaFAIjWVnI4jUZ0710QYUro8GcTTN98UiX2r5KR7lHs5Wk5H9J5HQIXQsVmfhfeEBrcGRQ&google_hm=Q0FFU0VOS0M5aG1XbDRLd2VFN0lNTlB4RVpB

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Sep 2023 06:39:14 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQdMTyZqGrOvzFIXVwbgTKaMhrggaFAIjWVnI4jUZ0710QYUro8GcTTN98UiX2r5KR7lHs5Wk5H9J5HQIXQsVmfhfeEBrcGRQ&google_hm=Q0FFU0VOS0M5aG1XbDRLd2VFN0lNTlB4RVpB
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B46F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKiZQWcZecytNjHS7gZ0pgk&google_cver=1&google_push=AXcoOmQdXgjXfwXlVXWhymkQKSGcN_iFMiWcRV_UdU9PMFderwg9BsRD-aONNQ186X-UV-wXiEIjewCc9FObnZ3Ph3WhuKF...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQdXgjXfwXlVXWhymkQKSGcN_iFMiWcRV_UdU9PMFderwg9BsRD-aONNQ186X-UV-wXiEIjewCc9FObnZ3Ph3WhuKFhEpKeKe0&google_hm=eS1ZVHBxc09oRTJwR09...

170 B
232 B

33ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQdXgjXfwXlVXWhymkQKSGcN_iFMiWcRV_UdU9PMFderwg9BsRD-aONNQ186X-UV-wXiEIjewCc9FObnZ3Ph3WhuKFhEpKeKe0&google_hm=eS1ZVHBxc09oRTJwR09KOXB0SWd0d09UaWVMVmhCN0pBUX5B

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 06:39:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQdXgjXfwXlVXWhymkQKSGcN_iFMiWcRV_UdU9PMFderwg9BsRD-aONNQ186X-UV-wXiEIjewCc9FObnZ3Ph3WhuKFhEpKeKe0&google_hm=eS1ZVHBxc09oRTJwR09KOXB0SWd0d09UaWVMVmhCN0pBUX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B46F 43 B
363 B 54ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS0Dj47wCuezrQocZkXhgNVjwMqykKuzviAsZqORwVg8Vq_wWyiIn_AEwnjmYOpJJRXKSNZvn-Yzyw5q4jKA2_jK7D2G_vUVw&google_gid=CAESEIaEYRj0KQ1F8RnXJlkLZLU&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:14 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 231596
expires: Tue, 12 Sep 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B46F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHOvggY49AKnQokfQUA7Xs8&google_cver=1&google_push=AXcoOmRb3808TDhAdW1PZPi7cSZkbtSnDSy9PYgA5Csew7qv2HZXIhjJFNw6YBk-HhFSAMgu6lZTAXbmXdRS...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRb3808TDhAdW1PZPi7cSZkbtSnDSy9PYgA5Csew7qv2HZXIhjJFNw6YBk-HhFSAMgu6lZTAXbmXdRSQAxoHye1J57NvmJkMyw

170 B
329 B

49ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRb3808TDhAdW1PZPi7cSZkbtSnDSy9PYgA5Csew7qv2HZXIhjJFNw6YBk-HhFSAMgu6lZTAXbmXdRSQAxoHye1J57NvmJkMyw

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRb3808TDhAdW1PZPi7cSZkbtSnDSy9PYgA5Csew7qv2HZXIhjJFNw6YBk-HhFSAMgu6lZTAXbmXdRSQAxoHye1J57NvmJkMyw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B46F 0
139 B 95ms
27ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVh7PfefkwXZUlJtLkJohHGyGYBEdekODcN-BC2oa1n1FsEiFo3y1sfJdrBdfR6_L_wwcR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame 7C70 9 KB
4 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 20:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 20:09:51 GMT

GET
H2 200 eb24e5338fb35f0e823aa45ca63cea7d.js Show response
www.gstatic.com/mysidia/ Frame 7C70 11 KB
5 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eb24e5338fb35f0e823aa45ca63cea7d.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 21:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4726
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 21:04:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7C70 14 KB
1 KB 39ms
32ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 06:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 05:23:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 06:39:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 7C70 2 KB
926 B 31ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame 7C70 23 KB
9 KB 34ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 7C70 3 KB
1 KB 34ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:35:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 7C70 20 KB
8 KB 30ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7C70 0
0 46ms
40ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQelvGb-73xj_-o2Cpy-hOYZ8CX5snbjrQf-y5wV1Veog0-ZPzz4FmZWsIaAYKLaZwWU6S-HhN63GD_xCT9RRVPiqoZg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C70 181 KB
57 KB 42ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 06:39:14 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame 7C70 36 KB
15 KB 33ms
28ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 11:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 11:05:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9179 14 KB
1 KB 30ms
30ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 06:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 06:08:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 06:39:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 9179 2 KB
926 B 24ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame 9179 23 KB
9 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:27 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BF7A 143 B
166 B 46ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 9179 3 KB
1 KB 23ms
0ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:35:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 89E6 1 KB
643 B 49ms
32ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 69916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 12 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 9179 20 KB
8 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9179 0
0 49ms
40ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDpDN1HcQcM64F-eYevxm_lQNyJGP4vkGaQuMke-FQst87PpvF7HmDrCpnIVMxxQ9HrcqOJ2GF77JzPc2YYqfWnZr6CQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9179 181 KB
57 KB 67ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 06:39:15 GMT

GET
H2 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame 9179 36 KB
15 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 11:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 11:05:55 GMT

GET
DATA 200
OK truncated
/ Frame 6C48 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb81656c68a432902c65a063a7ee65d116683ed3371ed188915e1f19cb5b36b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 262F 6 KB
706 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 06:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 05:32:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 06:39:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 262F 2 KB
892 B 25ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame 262F 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 262F 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:28:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 06:28:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 643E 1 KB
643 B 34ms
31ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 69916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 12 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 262F 20 KB
8 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 17:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 17:31:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 262F 0
0 41ms
39ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLcz52g4s5fthGnkGwdzO1DfQ6pDDDcFSnoLWbFxKfIbPR_-hypiLiJ2Q7IuQrMqEg06ritp_lgl9Rh-EiwZGokb7y8g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 262F 181 KB
57 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 06:39:15 GMT

GET
H3 200 1c0c92110fea9bdf1302b7cf16d857ac.js Show response
www.gstatic.com/mysidia/ Frame 262F 36 KB
15 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 11:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 11:05:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6C48 16 KB
16 KB 89ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 565981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Sep 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6C48 15 KB
15 KB 90ms
27ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 462659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 22:08:16 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 89E6
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEV2GHgxKKeQ14ClKF84HTI&google_cver=1&google_push=AXcoOmTMWoHLJdxZEQIU7BiBSPfbecFlNr3otc9DZEnnS7neLJ6xl2m6qEzGu7jY5ELM8P8NDqHCuyCjJLXvV3sYVQdukNjMQvJVJw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk1OTYxMDkwNjk2NDUyNDA2MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFNQqDxP8dGaQ2IgVAZHMsI&google_cver=1

43 B
398 B

67ms
17ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFNQqDxP8dGaQ2IgVAZHMsI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Sep 2023 06:39:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFNQqDxP8dGaQ2IgVAZHMsI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 89E6 43 B
407 B 207ms
205ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEDRyTmlgyHRJdEbW0pkc0Ts&google_cver=1&google_push=AXcoOmRPMt4vPGq07UUvtz_AdDHiowGBIm1-y82BknuVCICNB0theiJLt0n6A7uWBvLzvVgPqntpXICgm1IbU4JMhdTDa0_cucWtng&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRPMt4vPGq07UUvtz_AdDHiowGBIm1-y82BknuVCICNB0theiJLt0n6A7uWBvLzvVgPqntpXICgm1IbU4JMhdTDa0_cucWtng%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 805626f7caab368a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 89E6 70 B
265 B 103ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJWUQZEHxe1nx0_TTtwPtT4&google_cver=1&google_push=AXcoOmQI73vcKBvtZZ6tfieoLZRBHLTEsHjLDDoKx6er5BVKoeMMS0Nf_6LtMvLa4kNABJC0LUNo4X6CehxWRa6pVH-53wn1aEGiRk4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89E6
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPmmMp8J-igI9T0bMRDTtaw&google_cver=1&google_push=AXcoOmQR5OtCA_t5hRfVGRiDs5o8WzAVO_lDKS6-tP7ZjgSnX1w32jhWF5H1R1k-IBZbc_a3Zp1XV1BGB0M...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQR5OtCA_t5hRfVGRiDs5o8WzAVO_lDKS6-tP7ZjgSnX1w32jhWF5H1R1k-IBZbc_a3Zp1XV1BGB0MBQZtgv_vRqVVz6-lVoIo&google_hm=oTaLQcBESzqAgqDb5...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQR5OtCA_t5hRfVGRiDs5o8WzAVO_lDKS6-tP7ZjgSnX1w32jhWF5H1R1k-IBZbc_a3Zp1XV1BGB0MBQZtgv_vRqVVz6-lVoIo&google_hm=oTaLQcBESzqAgqDb5I2z9JI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQR5OtCA_t5hRfVGRiDs5o8WzAVO_lDKS6-tP7ZjgSnX1w32jhWF5H1R1k-IBZbc_a3Zp1XV1BGB0MBQZtgv_vRqVVz6-lVoIo&google_hm=oTaLQcBESzqAgqDb5I2z9JI
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 89E6 0
173 B 76ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAnvBHlFI_gIqq3KEutBPyw&google_cver=1&google_push=AXcoOmQac3uER4EhOlSqxM4AXdDZD7I-Gek0hhebOX5cmiz5e8m18v559yn_edmLSLuu42477JO5JAn5kUPZkqVR3xblu7fyOQJEjZY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89E6
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGCUluQpX3k8h7_PoBKAZyw&google_cver=1&google_push=AXcoOmRmc7rFp7PXcDLeohi_ak1EksLIcvMBFc_TJCkPCTHkRkIEHG5alUQuM6sxrc2aweQdIGXKBDehFI0UU9XwvN92M6s...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmc7rFp7PXcDLeohi_ak1EksLIcvMBFc_TJCkPCTHkRkIEHG5alUQuM6sxrc2aweQdIGXKBDehFI0UU9XwvN92M6sZ3aqIalI&google_hm=eS1ZVHBxc09oRTJwR09...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmc7rFp7PXcDLeohi_ak1EksLIcvMBFc_TJCkPCTHkRkIEHG5alUQuM6sxrc2aweQdIGXKBDehFI0UU9XwvN92M6sZ3aqIalI&google_hm=eS1ZVHBxc09oRTJwR09KOXB0SWd0d09UaWVMVmhCN0pBUX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 06:39:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmc7rFp7PXcDLeohi_ak1EksLIcvMBFc_TJCkPCTHkRkIEHG5alUQuM6sxrc2aweQdIGXKBDehFI0UU9XwvN92M6sZ3aqIalI&google_hm=eS1ZVHBxc09oRTJwR09KOXB0SWd0d09UaWVMVmhCN0pBUX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89E6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECviBzPbYOT-ouFATG9i4lQ&google_cver=1&google_push=AXcoOmR0XjFpaU8KBMEV3FtI_3NAMt0mq9avnGGHLZTM49KvghKjrDuVSzSc3HdGs_-vQs04_FSR2U2x...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECviBzPbYOT-ouFATG9i4lQ&google_cver=1&google_push=AXcoOmR0XjFpaU8KBMEV3FtI_3NAMt0mq9avnGGHLZTM49KvghKjrDuVSzSc3HdGs_-vQs04_FS...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcyMTAyNzkxMTg3NzQ1NTg1MA&google_push=AXcoOmR0XjFpaU8KBMEV3FtI_3NAMt0mq9avnGGHLZTM49KvghKjrDuVSzSc3HdGs_-vQs04_FSR2U...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcyMTAyNzkxMTg3NzQ1NTg1MA&google_push=AXcoOmR0XjFpaU8KBMEV3FtI_3NAMt0mq9avnGGHLZTM49KvghKjrDuVSzSc3HdGs_-vQs04_FSR2U2xaCP7IKPQheZbcaSA8Oz0410

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcyMTAyNzkxMTg3NzQ1NTg1MA&google_push=AXcoOmR0XjFpaU8KBMEV3FtI_3NAMt0mq9avnGGHLZTM49KvghKjrDuVSzSc3HdGs_-vQs04_FSR2U2xaCP7IKPQheZbcaSA8Oz0410
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 89E6 0
12 B 28ms
27ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JuX0G1dnALzFaafgQRliFPyIzYNZp9TyCo5KLNkluuxuGWMb4pLx0HlzQzSOmYZA2X0s3z

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E0A3 143 B
166 B 23ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EFC9 1 KB
643 B 44ms
43ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 69916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Tue, 12 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BF7A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:39:15 GMT
expires: Tue, 12 Sep 2023 06:39:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:39:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 643E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBoTOZwTr03v3bwLbK9w4f0&google_cver=1&google_push=AXcoOmQktErNp-bM7ixZmMFd9wwJGndLHH2udXHnCj7I11gQxLVsKt6XV4...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQktErNp-bM7ixZmMFd9wwJGndLHH2udXHnCj7I11gQxLVsKt6XV4P5PiUcLMIV_7k6GmqoTtaVjWnyCTBHn8-FwmcJMPN2&google_hm=GFYl33AntQwA...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQktErNp-bM7ixZmMFd9wwJGndLHH2udXHnCj7I11gQxLVsKt6XV4P5PiUcLMIV_7k6GmqoTtaVjWnyCTBHn8-FwmcJMPN2&google_hm=GFYl33AntQwADoE8G26mwg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQktErNp-bM7ixZmMFd9wwJGndLHH2udXHnCj7I11gQxLVsKt6XV4P5PiUcLMIV_7k6GmqoTtaVjWnyCTBHn8-FwmcJMPN2&google_hm=GFYl33AntQwADoE8G26mwg
pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 643E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFBXkaS3qfg91LqncdC_iv0&google_cver=1&google_push=AXcoOmRoEQ7-IgPmXIgGc2vKFqxPyJF-rYF53psTH4nvdIFJO_GzR90mIqdHkeJiFaFeDmF9aRRM_to1p4FSLb9uxyXDhXrTqyAP8w
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmRoEQ7-IgPmXIgGc2vKFqxPyJF-rYF53psTH4nvdIFJO_GzR90mIqdHkeJiFaFeDmF9aRRM_to1p4FSLb9...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmRoEQ7-IgPmXIgGc2vKFqxPyJF-rYF53psTH4nvdIFJO_GzR90mIqdHkeJiFaFeDmF9aRRM_to1p4FSLb9uxyXDhXrTqyAP8w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 06:39:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmRoEQ7-IgPmXIgGc2vKFqxPyJF-rYF53psTH4nvdIFJO_GzR90mIqdHkeJiFaFeDmF9aRRM_to1p4FSLb9uxyXDhXrTqyAP8w
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 11 Sep 2023 06:39:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 643E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOBGDYX8fxhbU33FIPXsyKk&google_cver=1&google_push=AXcoOmT5R05dqUDO4y-FzB5p22YIVFOFBweVDgZlKkuMzbxQO9q7wg8jkQqqqG6Ozjh-h0JC8dsr9R4e2loazZuJ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4NOndHyuQ0eTCXOXTndcmw2&google_push=AXcoOmT5R05dqUDO4y-FzB5p22YIVFOFBweVDgZlKkuMzbxQO9q7wg8jkQqqqG6Ozjh-h0JC8dsr9R4e2loazZuJQIK9TnTy58RG

170 B
188 B

42ms
41ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4NOndHyuQ0eTCXOXTndcmw2&google_push=AXcoOmT5R05dqUDO4y-FzB5p22YIVFOFBweVDgZlKkuMzbxQO9q7wg8jkQqqqG6Ozjh-h0JC8dsr9R4e2loazZuJQIK9TnTy58RG

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 06:39:15 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4NOndHyuQ0eTCXOXTndcmw2&google_push=AXcoOmT5R05dqUDO4y-FzB5p22YIVFOFBweVDgZlKkuMzbxQO9q7wg8jkQqqqG6Ozjh-h0JC8dsr9R4e2loazZuJQIK9TnTy58RG
x-host: tde-deliveryengine-production-5c7796b7ff-27x2f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 643E
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEQL2u0AsZ6rkp0YBTYBAx8&google_cver=1&google_push=AXcoOmQ6orWQrLwqkg99xC0F75lRmqfzn86_oWv9ccXnyTYkjMOcmVCLQ_GYvzKGVzZK-Kyo_Uzw-UiiKptFNEx4S7q1Lq2...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEQL2u0AsZ6rkp0YBTYBAx8&google_cver=1&google_push=AXcoOmQ6orWQrLwqkg99xC0F75lRmqfzn86_oWv9ccXnyTYkjMOcmVCLQ_GYvzKGVzZK-Kyo_Uzw-UiiKptFNEx4S7q1L...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ6orWQrLwqkg99xC0F75lRmqfzn86_oWv9ccXnyTYkjMOcmVCLQ_GYvzKGVzZK-Kyo_Uzw-UiiKptFNEx4S7q1Lq2Vz_6HQw

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ6orWQrLwqkg99xC0F75lRmqfzn86_oWv9ccXnyTYkjMOcmVCLQ_GYvzKGVzZK-Kyo_Uzw-UiiKptFNEx4S7q1Lq2Vz_6HQw

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ6orWQrLwqkg99xC0F75lRmqfzn86_oWv9ccXnyTYkjMOcmVCLQ_GYvzKGVzZK-Kyo_Uzw-UiiKptFNEx4S7q1Lq2Vz_6HQw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 643E 43 B
362 B 31ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQLJeK9OxwUgqWhXzE-st4hGG83G1kNu9RUR2DgFS3oBvrA3Ic_M9UbqFQUXPVA2foh96wOHPCUBiPuKAUt4lMMNj8tlh9p2w&google_gid=CAESECO_rVhgmDefhAUHI66ZF6Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 235994
expires: Tue, 12 Sep 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 643E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECviBzPbYOT-ouFATG9i4lQ&google_cver=1&google_push=AXcoOmSD9YPFCBv7uYgIUuMooIPcJx5uia5j5Q8J-B4FE4iUtU3ECo--P-bmgpApRrzjDTnPgvW1otrL...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECviBzPbYOT-ouFATG9i4lQ&google_cver=1&google_push=AXcoOmSD9YPFCBv7uYgIUuMooIPcJx5uia5j5Q8J-B4FE4iUtU3ECo--P-bmgpApRrzjDTnPgvW...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDAxNDQyNDU1MjY4MjA2MDkw&google_push=AXcoOmSD9YPFCBv7uYgIUuMooIPcJx5uia5j5Q8J-B4FE4iUtU3ECo--P-bmgpApRrzjDTnPgvW1otrL...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDAxNDQyNDU1MjY4MjA2MDkw&google_push=AXcoOmSD9YPFCBv7uYgIUuMooIPcJx5uia5j5Q8J-B4FE4iUtU3ECo--P-bmgpApRrzjDTnPgvW1otrLtZ8bsVWYX0W3gTeTyt8vIQ

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDAxNDQyNDU1MjY4MjA2MDkw&google_push=AXcoOmSD9YPFCBv7uYgIUuMooIPcJx5uia5j5Q8J-B4FE4iUtU3ECo--P-bmgpApRrzjDTnPgvW1otrLtZ8bsVWYX0W3gTeTyt8vIQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 643E
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENxqlHHASvN1...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmR2mJ9I-SYgvuNgjHAqdkhVkIUBeGUGlp8-WzsurwL3XenL4Xd9EEeSykjTUMAbuc615AG8uNZShOxs4OxbbO0HRHgwEZEJE34
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

44ms
44ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Tue, 12 Sep 2023 06:39:15 GMT
pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 643E 0
12 B 36ms
27ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJyCgTgNIMWU5Xm8Hio3unG7Slds9yPePRXlLhUMvf_C7XQoKzN-hcFeqCOmN3eoA0jlSuvA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame E32A 37 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 04:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 04:13:35 GMT

GET
H3 200 17838781799723618648
tpc.googlesyndication.com/simgad/ Frame 262F 472 KB
472 KB 154ms
153ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17838781799723618648

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef023ca1aaf7bceb2ca5bdd55db3a40967669c94d7caa87fbc47e6f427a5102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 482838
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 12:35:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 06:39:15 GMT

GET
H3 200 8485323922404412972
tpc.googlesyndication.com/simgad/ Frame 262F 1 KB
1 KB 61ms
61ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8485323922404412972?w=100&h=100

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2a9da62d3545c298e67b7b7ed57baec863a2b7e19575b9d0b11f3f84902907c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1505
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 12:35:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 06:39:15 GMT

GET
DATA 200
OK truncated
/ Frame 262F 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 262F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68fb84202583d557365f7c3abd5fc2e31fd050f9761e8ea653807eb3a691a834

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9179 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9179 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46214aac0267d7dbbf6442800a3510e5de99498431792462138871729efbb36c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EFC9
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEV2GHgxKKeQ14ClKF84HTI&google_cver=1&google_push=AXcoOmRtgI_fUvsmnOC8Z0KBzZWAUQ6v5wxgBKEeKQGqG1x38O2JpxYhCr0usYr66Zejwtscn571eQ3t-xDDa_jW7xlUoOhCt7efaw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk1OTYxMDkwNjk2NDUyNDA2MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFNQqDxP8dGaQ2IgVAZHMsI&google_cver=1

43 B
398 B

16ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFNQqDxP8dGaQ2IgVAZHMsI&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Sep 2023 06:39:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFNQqDxP8dGaQ2IgVAZHMsI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame EFC9 0
104 B 104ms
30ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPn4gocyfB-MCi2XJxO7dpo&google_cver=1&google_push=AXcoOmQFatJWw3tcXkpZ32a8f9EAZJ_i4-IRIt6uMViGZutf2AnyGHhG_NMbaWbBj61-4GjizVDmjn6gsI9hJyS3KGSg43FR6dYN5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFC9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELDBNAIoA6a10Bph0gs5Id0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELDBNAIoA6a10Bph0gs5Id0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=anhjY1UxYnYxUUZYM2w1&google_gid=CAESELDBNAIoA6a10Bph0gs5Id0&google_cver=1&google_push=AXcoOmSZB61N_t9Bpf4vQqbTaIqpZt_1aMJsAT7sd-Xsiwk...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=anhjY1UxYnYxUUZYM2w1&google_gid=CAESELDBNAIoA6a10Bph0gs5Id0&google_cver=1&google_push=AXcoOmSZB61N_t9Bpf4vQqbTaIqpZt_1aMJsAT7sd-XsiwkHkjIveG28Vte287bJcxa28EbxBBoYHMQeIfw_HgKkeVCX3jAy7pSmcQ

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Sep 2023 06:39:15 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=anhjY1UxYnYxUUZYM2w1&google_gid=CAESELDBNAIoA6a10Bph0gs5Id0&google_cver=1&google_push=AXcoOmSZB61N_t9Bpf4vQqbTaIqpZt_1aMJsAT7sd-XsiwkHkjIveG28Vte287bJcxa28EbxBBoYHMQeIfw_HgKkeVCX3jAy7pSmcQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame EFC9 43 B
596 B 258ms
257ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEDRyTmlgyHRJdEbW0pkc0Ts&google_cver=1&google_push=AXcoOmSJxgNyioGZu82CYBpKu4GXBiSMpPE9RtAzgdI7jt-Z4ynl53Aa308xQ1BwwdL1kdWni5rP54dYWkI3fAEFnAiGRujXz0NKeA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSJxgNyioGZu82CYBpKu4GXBiSMpPE9RtAzgdI7jt-Z4ynl53Aa308xQ1BwwdL1kdWni5rP54dYWkI3fAEFnAiGRujXz0NKeA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 805626f9ce359078-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFC9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFBXkaS3qfg91LqncdC_iv0&google_cver=1&google_push=AXcoOmRnd-fLgcRjsd-zolPmSR9M8dA52hyavYtW_-66BCx58-hsy-KoMpVyuFoutt0JtNHue0BeDJ2hJfaLEASxY23gcMD-G9esyw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmRnd-fLgcRjsd-zolPmSR9M8dA52hyavYtW_-66BCx58-hsy-KoMpVyuFoutt0JtNHue0BeDJ2hJfaLEAS...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmRnd-fLgcRjsd-zolPmSR9M8dA52hyavYtW_-66BCx58-hsy-KoMpVyuFoutt0JtNHue0BeDJ2hJfaLEASxY23gcMD-G9esyw

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Sep 2023 06:39:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D287723D6D214D7193A22F15097CAAF0&google_push=AXcoOmRnd-fLgcRjsd-zolPmSR9M8dA52hyavYtW_-66BCx58-hsy-KoMpVyuFoutt0JtNHue0BeDJ2hJfaLEASxY23gcMD-G9esyw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 11 Sep 2023 06:39:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFC9
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEK6MZnzOGuQrA2IP9_Z06HA&google_cver=1&google_push=AXcoOmRLHmkdj2aQmML4eSdaZShrh5ZH4g1g1_4OSygDb6xfzZbLFTHut8m58mMIS0qCk44lOT_FiuJu7zAU9q...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NzgyNTMyNTc4MzY0NDMxOQ%3D%3D&google_push=AXcoOmRLHmkdj2aQmML4eSdaZShrh5ZH4g1g1_4OSygDb6xfzZbLFTHut8m58mMIS0qCk44lOT_FiuJu7zAU9qn_Zm...

170 B
188 B

33ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NzgyNTMyNTc4MzY0NDMxOQ%3D%3D&google_push=AXcoOmRLHmkdj2aQmML4eSdaZShrh5ZH4g1g1_4OSygDb6xfzZbLFTHut8m58mMIS0qCk44lOT_FiuJu7zAU9qn_ZmueelxWJcC4jA

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NzgyNTMyNTc4MzY0NDMxOQ%3D%3D&google_push=AXcoOmRLHmkdj2aQmML4eSdaZShrh5ZH4g1g1_4OSygDb6xfzZbLFTHut8m58mMIS0qCk44lOT_FiuJu7zAU9qn_ZmueelxWJcC4jA
Date: Tue, 12 Sep 2023 06:39:15 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame EFC9 43 B
146 B 278ms
19ms Image
image/gif 18.197.117.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEObSmeq68Kf9gCWJAnCOww0&google_cver=1&google_push=AXcoOmSNXjQQMD3KxCTSyqgSl1npVM48ptV6Ndwi_Q5g0HtQk5n3MgVAAD5G6O5UKYQJ0lFsRIhcoFOQiH0WDSoLcrU6VtdlwK7d0w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.117.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-117-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EFC9 0
12 B 33ms
32ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ibjw7LRPPQWBAIzgb6oP84KEsSVhtfvJqC-y3N4QpkAJ2tz7Qzv_zpxr36dLiiPRrNh-9T

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7C70
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CXr11kAcAZef4O5iD-gaT5o2QDZqrtZhwlL_ZlfkQ07_utPA6EAEgz8OZc2CRBKABovP91QLIAQGpAqboG8cCCLI-qAMByAPLBKoEgQNP0AvqhuFBzT30vF07GtLnz7ziLy6e_56D0O9e20m...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225543343638084156351%22,%22debug_reporting%22:true,%22destination%22:%22https://tibbaa.com%22,%22event_report_window%22:%22...

0
0

62ms
60ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225543343638084156351%22,%22debug_reporting%22:true,%22destination%22:%22https://tibbaa.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22717191586%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210006995333627121057%22}&andc=true

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5543343638084156351","debug_reporting":true,"destination":"https://tibbaa.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["717191586"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"10006995333627121057"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Sep 2023 06:39:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 06:39:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5543343638084156351","debug_reporting":true,"destination":"https://tibbaa.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["717191586"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"10006995333627121057"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 115ms
73ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230907&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a43514d396611b99ed7987844d0a264c59365fd5df86fd89dfe8a6a2a50ffdcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11742
x-xss-protection: 0

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8319 37 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 04:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 04:13:35 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E0A3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
41ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:39:15 GMT
expires: Tue, 12 Sep 2023 06:39:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:39:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DF7 37 KB
14 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: andacredito.mx
URL: https://andacredito.mx/landing/offers?sub1=4dc65fd250fc4736a409f5dda0fd6f36&sub2=mx-sms-welcome-click-trigger-3&sub3=sl-crm&sub4=0&sub5=&sub6=14&sub7=&sub8=&sub9=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 04:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 04:13:35 GMT

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame EFE8 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 04:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 04:13:35 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9179
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CLoUgkAcAZej4O5iD-gaT5o2QDYT81eBslcKUqbcR8uzS4LIBEAEgz8OZc2CRBKABzcm0zAHIAQGpAqboG8cCCLI-qAMByAPLBKoEhgNP0IJx8W8e0PQ9WKSvrqMrbBnIRgCn1Qx2BjgzzFq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210653435112338612719%22,%22debug_reporting%22:true,%22destination%22:%22https://eurotronic.nl%22,%22event_report_window%22...

0
0

57ms
55ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210653435112338612719%22,%22debug_reporting%22:true,%22destination%22:%22https://eurotronic.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22428680397%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224021200017715956433%22}&andc=true

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10653435112338612719","debug_reporting":true,"destination":"https://eurotronic.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["428680397"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"4021200017715956433"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Sep 2023 06:39:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 06:39:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10653435112338612719","debug_reporting":true,"destination":"https://eurotronic.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["428680397"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"4021200017715956433"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 262F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9n0tkAcAZen4O5iD-gaT5o2QDcHb4upygLnQ8NgRiv2ghMMBEAEgz8OZc2CRBKAB76Tr_QPIAQmpAqboG8cCCLI-qAMByAPLBKoE9QJP0Ecim7xa9vHzimGI_ze1QxTIhBDNP5lxhdwN2kZ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216148236639414909188%22,%22debug_reporting%22:true,%22destination%22:%22https://kerstpakkettenplaza.nl%22,%22event_report_...

0
0

56ms
54ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216148236639414909188%22,%22debug_reporting%22:true,%22destination%22:%22https://kerstpakkettenplaza.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221069208175%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210074702575395867649%22}&andc=true

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16148236639414909188","debug_reporting":true,"destination":"https://kerstpakkettenplaza.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1069208175"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"10074702575395867649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Sep 2023 06:39:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 06:39:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16148236639414909188","debug_reporting":true,"destination":"https://kerstpakkettenplaza.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1069208175"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"10074702575395867649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 87ms
83ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 06:39:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 58ms
56ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 06:39:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 58ms
56ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 06:39:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 06:39:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9B40 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:28:26 GMT
expires: Wed, 11 Sep 2024 06:28:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E372 829 B
557 B 45ms
44ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0ba6b78f98ce72880f93851f63e0cc6d92421d24f1a253fdd845b72087947ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wJs9J8egsifpobrSk-Qzag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://andacredito.mx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-wJs9J8egsifpobrSk-Qzag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:39:15 GMT
expires: Tue, 12 Sep 2023 06:39:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E372 0
0 66ms
65ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230907&jk=3775051539506680&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B40 37 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHcu3EGdo_M2vyRVVDr4aifYAmzuFrNOMQiPLv8ePBs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 04:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14472
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 04:13:35 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9B40 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?w--3jA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:39:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6C48 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZ6HxEN56Pk9oMX6Fvp6HqZCx8h0BPyeaCH5U0L2v5AdZRfyiK5N5qoTxhADJOwSSl2L0B-pHS6CujcdBHL_1yXcLGYJG2iNVlGU_QXcT4O_5qnb2vO5_iJ0ZbRGjvSKWgkFXCUV_UizTF&sai=AMfl-YSPyly0geZgOkfTv6rvnXKlGjJNf_BXpNKyIvSS2V5bI71wkN9uC5WHVjJrW_aRDGO-DCvg3s5vdxZe2mh5Fkm2VnJaPCoiinA&sig=Cg0ArKJSzI4voBuB_6RMEAE&cid=CAQSKQBpAlJWWAxb3cSmDkRRQ5n3SPl212lsO0zhuyuKOPSY00gSEE_oDF_4GAE&id=lidar2&mcvt=1000&p=0,0,280,910&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=0.88&if=1&vu=1&app=0&itpl=22&adk=1462056812&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694500752956&rpt=2328&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 262F 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssV9YD20YVggo305Lz4qGCumxNVX3YsAXRXzbytkaH4C-HUzw59YwmROaS1AfXXTVg6RWHLx0xUHOM8o09ue_6BamS2DPRrFNJiRzjmIQSmXjSFZuUj6TkA47sYSFzhgeCNCCj3P6IAPpDf&sai=AMfl-YTCX7A3Cng7e7ogIe5Ca3L7AcyfRyHLLjDV8sGjxRUp5MJD2dXEri9wKFpc8AZx8XZKEXfweRtV77wamsiMrNmTIfMkGpy_1QU&sig=Cg0ArKJSzGvTChfrLmz4EAE&cid=CAQSKQBpAlJWngWyCiEwtFmQOAZycdYYaQVXv2ApnAYH4c0WQoXlhu0X5UwgGAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694500754796&rpt=640&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9179 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9nHIOG_CWMhuNQwNgqKdCP9cKHR3QXVm6fy-jrpgxMiZ8HjzmSxQ2bC3QtQ0q-L17zwyNtKCFrvpAD8PzjCzlZESZyOQlMQ6iMNdCAlU0mXDYbVCSToKvC5GdFl9F6pPuOloeqbVbTUSP&sai=AMfl-YTOETX_KIr3yZcaM-Pv_VTEnMT91JdR0wvLHQzM6myJH44pho3Noyt1LQRHlwC2ocVIwrEzckhMhrk3YbX7VeuTy1ZUz4g0V9o&sig=Cg0ArKJSzA-97hpVqD9pEAE&cid=CAQSKQBpAlJWngWyCiEwtFmQOAZycdYYaQVXv2ApnAYH4c0WQoXlhu0X5UwgGAE&id=lidar2&mcvt=1002&p=0,0,600,200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694500754788&rpt=676&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 06:39:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
82ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230907&jk=3775051539506680&bg=!aWqlaiXNAAa6D61Rmg87ADQBe5WfOFIK6r5xXirS9ueXhQO6yxtBG3ksvLFC37nXHPLBRlnNyMqexs6nhYMtXYMDmjsbAgAAAF5SAAAACmgBBwoATDaXyPuu2QJTO097uEtHh3AEl56nrcfDiSJ67_zn0fR-BrHZFC3mGlZzI8jYeo8yOvcJW3JGkLAB6a3WkRZvKdK4zthtr7fH3RwqJ_yZArQhN3YvE7WMFE_hVOpp4RuVR0GN7H95bQeZPmzU6XCHpqatiqA_0CZrruKu5IyAx95_U2ExnlA-gJqma7u2R0yMFMFUK-kDrYaaQaL6IRAwBKDCEjwoNWTZ72xRzg4tfB5jvPXvKOTjQBaE9Q1UTgGRN7zb7H8ARAhTSFlb_WgTwxv40vbGvC55KmA3ZahxB7F5rSejxDvU2OYO-fYAV93Hh2KOUOxYbpe5f3b-Ad1yFSx5-5Kqd4a1ZIGPZUcRs64IUCm_vPEcPkOyiO7zVGllWLRRb6a-neev-PxdRdqnGGo3utRdbZa60Kn-UzBYe71pThhFa986oV2IRrd8Yo_1poTp1VVC2MIOVUcS7DFN0U5kfsVhXRKAs4uJllTdj_XUuah9ffUUc9KuuW86eVnoIGPq5ICHcGaumlZNVkA-VHOtppRE1xpqp2NIvpwPfeQiYcXVDjG1fisBSpIuc32__8FBbaqADO7-AHftdpE27WvTWTHyNuC5oam9f7x7roFnoXrcOWuseEhFAAmQKwBO60d9SI2aIX_wJWPgpb2A-xVnQ-L_XkMqxGua71wFXJ55THQTKNDN6Sease9XU_W9fxAgM2BJIKO0lAK_rT65zGdqmZEmUPkRjguu4_JsZrjCj4vI28yjk9RyjPOrZzfOgplaOI0FmivERgqpw-vXpT3szsIz5FMXl9QnALhVksbJYFen7l6GJd0yyI8_fx3tLQo_v75BqavfW2DjUY8nhIkGrsygDyrpxRydeNpQubhthP0ekJsAQr555tTE7VRFi0FmHMZ1mtLUi7GpR9_uSEOJYyl97jOCqUU_50D-YA2pjn_jOyTfSgk1FvfTZQGh3Gptjhix99BqYaNylpk10u-f9pYsTrDw4z18bwfXKY2hL-0Z-J9j6rcq3HnN0zptqMb8Og
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://andacredito.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
track.crezu.net/	1970-01-20 23:27:16	Name: afclick Value: 6500078ffb5eb50001ca5ac8
track.crezu.net/	1970-01-20 23:27:16	Name: afoffers Value: {"216":1694500751}
.andacredito.mx/	1970-01-20 16:51:16	Name: _gcl_au Value: 1.1.1727638184.1694500752
.andacredito.mx/	1970-01-21 00:17:40	Name: _ga Value: GA1.1.1518035038.1694500752
.andacredito.mx/	1970-01-20 19:00:52	Name: sbjs_migrations Value: 1418474375998%3D1
.andacredito.mx/	1970-01-20 19:00:52	Name: sbjs_current_add Value: fd%3D2023-09-12%2008%3A39%3A12%7C%7C%7Cep%3Dhttps%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D%7C%7C%7Crf%3D%28none%29
.andacredito.mx/	1970-01-20 19:00:52	Name: sbjs_first_add Value: fd%3D2023-09-12%2008%3A39%3A12%7C%7C%7Cep%3Dhttps%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D%7C%7C%7Crf%3D%28none%29
.andacredito.mx/	1970-01-20 19:00:52	Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.andacredito.mx/	1970-01-20 19:00:52	Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.andacredito.mx/	1970-01-20 19:00:52	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F116.0.5845.179%20Safari%2F537.36
.andacredito.mx/	1970-01-20 14:41:42	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fandacredito.mx%2Flanding%2Foffers%3Fsub1%3D4dc65fd250fc4736a409f5dda0fd6f36%26sub2%3Dmx-sms-welcome-click-trigger-3%26sub3%3Dsl-crm%26sub4%3D0%26sub5%3D%26sub6%3D14%26sub7%3D%26sub8%3D%26sub9%3D
andacredito.mx/	1970-01-20 14:41:42	Name: landingOffersVisit Value: {"sub1":"4dc65fd250fc4736a409f5dda0fd6f36","sub2":"mx-sms-welcome-click-trigger-3"}
andacredito.mx/	1970-01-20 14:43:07	Name: test_flow Value: non-exp
andacredito.mx/	1970-01-20 14:41:42	Name: uuidv4 Value: 4c687b9e-7362-4f39-a901-1069ba6b0881
.andacredito.mx/	1970-01-21 00:03:16	Name: __gads Value: ID=8e1ee391eb1e5b88-22fc25eb6ede00d2:T=1694500752:RT=1694500752:S=ALNI_MbjcS7psWfbEQ2yz_y4yBkyW1DDzw
.andacredito.mx/	1970-01-21 00:03:16	Name: __gpi Value: UID=00000c73f70458a2:T=1694500752:RT=1694500752:S=ALNI_MbCMsaZV82XoWNWoH47J2NElG2xtw
.doubleclick.net/	1970-01-21 00:03:16	Name: IDE Value: AHWqTUl3r_hXRbQ_yrerAGdSIFItKN98vFVAOElIdpAqH1gdKRsMnbgObdC3qBvtNVM
.quantserve.com/	1970-01-20 16:51:16	Name: d Value: EEYBCQH3KYEA
.quantserve.com/	1970-01-21 00:11:55	Name: mc Value: 65000792-e2190-aa5e0-8a49a
.simpli.fi/	1970-01-20 23:28:43	Name: suid Value: D287723D6D214D7193A22F15097CAAF0
.agkn.com/	1970-01-20 23:27:16	Name: ab Value: 0001%3ASIgqlcSYw%2FTTX%2Fr6XJaWLne9hSWahyiL
.agkn.com/	1970-01-20 23:27:16	Name: u Value: C\|0CEAsksQTLJLEEwAAAAAAAQ13AQCAAQpAAAAAAA
.yahoo.com/	1970-01-20 23:27:38	Name: A3 Value: d=AQABBJMHAGUCEAymG53rIQsno7hKYC2DnXYFEgEBAQFZAWUJZQAAAAAA_eMAAA&S=AQAAAr-2Eojz62RbtXIpqIEZd7E
.googleadservices.com/	1970-01-20 16:51:16	Name: ar_debug Value: 1
.blismedia.com/	1970-01-20 23:27:20	Name: b Value: 6500079338067CC9F4CB63B5BLIS
.ctnsnet.com/	1970-01-20 23:27:16	Name: gid_CAESEPmmMp8J-igI9T0bMRDTtaw Value: 1
.ctnsnet.com/	1970-01-20 23:27:16	Name: cid_a1368b41c0444b3a8082a0dbe48db3f4 Value: 1
.turn.com/	1970-01-20 19:00:52	Name: uid Value: 2959610906964524061
.adform.net/	1970-01-20 15:24:52	Name: C Value: 1
.doubleclick.net/	1970-01-20 14:41:44	Name: DSID Value: NO_DATA
.travelaudience.com/	1970-01-21 00:11:55	Name: _tracker Value: %7B%22UUID%22%3A%22E0D3A774-7CAE-4347-9309-73974E775C9B%22%7D
.de17a.com/	1970-01-20 23:20:04	Name: guid Value: 1.107273872354192159
.andacredito.mx/	1970-01-21 00:17:40	Name: _ga_EM2MYKZJLX Value: GS1.1.1694500752.1.0.1694500755.57.0.0
.adform.net/	1970-01-20 16:08:04	Name: uid Value: 8721027911877455850
.adfarm1.adition.com/	1970-01-20 16:51:16	Name: UserID1 Value: 7277825325783644319
.w55c.net/	1970-01-21 00:11:55	Name: wfivefivec Value: jxccU1bv1QFX3l5
.tribalfusion.com/	1970-01-20 16:51:16	Name: ANON_ID Value: avnt6ZatMPmFUTgUpyWVot06xhw92iBTn1uK6EvQjr9qFnhHc0mNdMrWNucSNO1WkINfjdlgadrJJhZdWEcC1S6coVkSM4
.w55c.net/	1970-01-20 15:24:52	Name: matchgoogle Value: 5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
andacredito.mx
c1.adform.net
cdn.crezu.net
cdn.morecashpls.com
clnk.si
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
events.crezu.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
s.tribalfusion.com
sl.crezu.mx
sl.crezu.net
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
track.crezu.net
um.simpli.fi
workers.crezu.net
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.130
142.250.186.130
15.197.193.217
178.250.1.9
18.197.117.175
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.167
23.32.185.35
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9a
2a02:fa8:8806:13::1370
2a05:d018:d29:3601:ad5e:1111:f66a:1a0c
2a06:98c1:3120::3
2a06:98c1:3121::3
3.120.226.29
34.107.249.96
34.77.94.206
34.90.63.227
34.96.105.8
35.186.193.173
35.190.0.66
35.201.76.189
35.204.158.49
35.235.93.22
35.240.92.105
35.241.222.91
37.157.6.233
51.38.120.206
52.28.40.145
85.114.159.93
0080533385cb921b0179ecb02426c5ef684d6bf2189d43b3678689f6af233bf5
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f264931fbb1d2885a1a4f117ce8e83e47acf6495d3b78b2ff3fcff599c53fb6
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a49454b27284f8a409abfe02ee82f6aca81c42481091e6710bc2d8aa2ade16
194d53b4483d0fc25f7ccf7f5431893376d633324170f6366d4de0eb102fe25e
285e118e92522c8ff54924df155c47e28811c85f9e66e756ad4571da1a0e9cb0
30d723a4c49276260bc6e2d943a01c4e1d398cdae58b60569cb583af78b8fee2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3353dbadebb12047d42fe8bf09b3f2650eb1c7e8f8aa42befcff6c78ef1974dc
3524705a4e41f826d205a6a2da1cde39f5f27725fc91971e87a7a68cdeeb2821
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3fba042d66c118ce8482e7234f74b97449730bf19c62329fcbd50b99eaa254e7
430c5ec2c068b7c86539903b0634ed86ddfc3cb02df3ea27d6b1af6e328b650f
44b998b905a69ea4e7f13d76797fe491e7a71dfd8b9c02b34bcb128c3bcf0a4d
46214aac0267d7dbbf6442800a3510e5de99498431792462138871729efbb36c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
51901d4731a0b09210085c3a1e0c40319a73f2c9b9f8d77f33d76850e876b8e6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56814b7d406e980f2304225a2a68993319fec77317a2fefc1b3223bf6237d855
5bacac65cd03f5724f8e242261b6cd170831f4783c2f46c5885a9c32fdf84850
5dcf6eb5eda272f00fcae338d989dc5fa6b3a5b50d78b7a61ce27a38965710fe
5e0440d1f014655b2a7c9a0ce23aa09e79d49d7afce588d3f7d54a89e92ceb6f
5e37eed5fe086f3d4b30f5918ce80d5dcd5c38473c6497c26160710addeea013
5ef023ca1aaf7bceb2ca5bdd55db3a40967669c94d7caa87fbc47e6f427a5102
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63425a51bc14b66579166bac9b5902793d36bf0ba63a713e0517967c81d9a313
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
68fb84202583d557365f7c3abd5fc2e31fd050f9761e8ea653807eb3a691a834
6c119d365fbfa2a92664014792d670928a767572e90434a25aa95b6af6f29671
70772edc419da3f336bf2455543af86a27d8026cee16b34e31088f2eff1e3c1b
726308d60991c0af0e4e25515249c1a2adc3976fad41b2ca22bb8f1380ace4cb
8236d168322fe35d3a2e16f1786d9f37617b3a722aa109a94ca07f91cf171775
83266e6622f2a756514aa79371b77429d60037875178227cc7cebe4957376317
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2bfd4107782129b2db1fbeca09be2eb6e311180f7349cd53ad32b2b6be82934
a43514d396611b99ed7987844d0a264c59365fd5df86fd89dfe8a6a2a50ffdcb
a9d019de6cb27c35845f9e26aa99dd8e2f01f04368f237c65f631578cb0dc1c8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0ba6b78f98ce72880f93851f63e0cc6d92421d24f1a253fdd845b72087947ef
b2a9da62d3545c298e67b7b7ed57baec863a2b7e19575b9d0b11f3f84902907c
c02a9a923d18ca649db49834a748c054319b4366675f6c4dc069c36778f2b8ba
c50c9d76ad4e28c150f09dfa4f6d2fc6e1adb5eadf841b9b6a28ea55c3b45021
cab64a5ebd216dbc8d1090c4a4acb0aeb5978535c9e8c570c23c5a0a12393b5b
da20c86e8b34fdb9c40bddee0fd35ba440bd7776e1be0de139fece28a2d3da61
daf3e192cbb8650f8de6594ad2ffa61267872058742197e80e6e166db4d6fdfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422c9e7b193c43036b49343e86201a4adf09795984214ead171606cb4df86d5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6c5c461893723c63bc895efa9b77800585897c98156560e66e6db75a10f6b0d
e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699
e99a79b67018d4f28948226a27d0aa7d3e7a2e71eefaa13993e323fe71ca0cd7
ec68368115e7c1e9eeececfb003c990d971d917c84c94e9798fedbcf116decfc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa503dfdadb36bfe3b366aaef36c3d4ed5ce5249923fdb979e6c530d6adcfcd3
fb5d224c0d6133efc6727f46d8b9120582df1b550370f4e6181e4d09334d0e57
fb81656c68a432902c65a063a7ee65d116683ed3371ed188915e1f19cb5b36b9

andacredito.mx Open in urlscan Pro 35.235.93.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

149 Requests

85 %HTTPS

45 %IPv6

33 Domains

45 Subdomains

30 IPs

10 Countries

3286 kBTransfer

5854 kBSize

38 Cookies

5 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

andacredito.mx Open in urlscan Pro
35.235.93.22 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

85 %
HTTPS

45 %
IPv6

33
Domains

45
Subdomains

30
IPs

10
Countries

3286 kB
Transfer

5854 kB
Size

38
Cookies

149 HTTP transactions
5 data transactions