www.dafiti.com.co Open in urlscan Pro
179.191.182.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.dafiti.com.co/
Effective URL:
https://www.dafiti.com.co/
Submission: On December 19 via api (December 19th 2023, 2:36:31 am UTC) from US — Scanned from DE

Summary HTTP 316 Redirects Behaviour Indicators

Summary

This website contacted 91 IPs in 11 countries across 83 domains to perform 316 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.dafiti.com.co. The Cisco Umbrella rank of the primary domain is 366380.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on June 13th 2023. Valid for: a year.

This is the only time www.dafiti.com.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	179.191.182.65 179.191.182.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
1	2606:4700::68... 2606:4700::6810:cc16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2600:9000:231... 2600:9000:2315:b600:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.194.56 52.217.194.56	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:244... 2600:9000:2440:2000:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
30	18.173.233.48 18.173.233.48	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:244... 2600:9000:2440:3a00:15:14c9:5c80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.248.94 18.66.248.94	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2.23.209.35 2.23.209.35	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.212.237.123 52.212.237.123	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
4 9	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
7 23	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 5	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2.16.62.104 2.16.62.104	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	35.190.29.52 35.190.29.52	15169 (GOOGLE) (GOOGLE)
48	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	3.69.190.202 3.69.190.202	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:9000:224... 2600:9000:224a:a200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
3 3	52.57.12.239 52.57.12.239	16509 (AMAZON-02) (AMAZON-02)
2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
3 5	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2 2	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 5	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1 3	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6813:afbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.132.158.37 18.132.158.37	16509 (AMAZON-02) (AMAZON-02)
1	46.4.101.115 46.4.101.115	24940 (HETZNER-AS) (HETZNER-AS)
2	169.197.104.68 169.197.104.68	21859 (ZEN-ECN) (ZEN-ECN)
3 5	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	108.157.4.75 108.157.4.75	16509 (AMAZON-02) (AMAZON-02)
1	18.154.63.57 18.154.63.57	16509 (AMAZON-02) (AMAZON-02)
1	34.120.4.21 34.120.4.21	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	3.9.60.26 3.9.60.26	16509 (AMAZON-02) (AMAZON-02)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	164.132.25.185 164.132.25.185	16276 (OVH) (OVH)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1	63.33.18.223 63.33.18.223	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.75.61.252 54.75.61.252	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	52.18.145.191 52.18.145.191	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.157.70.183 35.157.70.183	16509 (AMAZON-02) (AMAZON-02)
1	52.25.95.187 52.25.95.187	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	52.58.18.253 52.58.18.253	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:cd63:6b3d:4f30:16c6	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.250.71.117 34.250.71.117	16509 (AMAZON-02) (AMAZON-02)
1	54.217.28.190 54.217.28.190	16509 (AMAZON-02) (AMAZON-02)
1	3.18.227.110 3.18.227.110	16509 (AMAZON-02) (AMAZON-02)
316	91

21 179.191.182.65 (Offenbach, Germany) 1 redirects

ASN52580 (Azion Technologies Ltda., BR)

www.dafiti.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.dafiti.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.dafiti.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:9000:2315:b600:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.194.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2440:2000:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 18.173.233.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-48.dus51.r.cloudfront.net

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2440:3a00:15:14c9:5c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cjs.ptengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-94.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.23.209.35 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-35.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.237.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-237-123.eu-west-1.compute.amazonaws.com

wurfl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.184.10.30 (Poland) 4 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ash.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.217.16.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.82 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.62.104 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-62-104.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.29.52 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 52.29.190.35.bc.googleusercontent.com

rt.udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.190.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-190-202.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:a200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.12.239 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-239.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.20 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.38.120.206 (Hessen, Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.89.75 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.148.9 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:afbe (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.158.37 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-158-37.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.101.115 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.115.101.4.46.clients.your-server.de

tm.simptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.197.104.68 (Frankfurt am Main, Germany)

ASN21859 (ZEN-ECN, US)
PTR: comms.expectation.cc

stats.ptengine.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.11 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-75.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.63.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-57.dus51.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.4.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.4.120.34.bc.googleusercontent.com

eum-orange-saas.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.60.26 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-60-26.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.132.25.185 (France)

ASN16276 (OVH, FR)
PTR: ip185.ip-164-132-25.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.18.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-18-223.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.75.61.252 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-61-252.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.145.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-145-191.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.70.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-70-183.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.95.187 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-95-187.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.18.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-18-253.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:cd63:6b3d:4f30:16c6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.71.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-71-117.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.28.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-28-190.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.18.227.110 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-227-110.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	dynamicyield.com cdn.dynamicyield.com — Cisco Umbrella Rank: 6084 st.dynamicyield.com — Cisco Umbrella Rank: 5745 async-px.dynamicyield.com — Cisco Umbrella Rank: 5840	3 MB
48	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	442 KB
35	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 ad.doubleclick.net — Cisco Umbrella Rank: 139	174 KB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	119 KB
20	dafiti.com.co 1 redirects www.dafiti.com.co — Cisco Umbrella Rank: 366380 static.dafiti.com.co — Cisco Umbrella Rank: 361238	656 KB
11	criteo.com 4 redirects dis.criteo.com — Cisco Umbrella Rank: 550 gum.criteo.com — Cisco Umbrella Rank: 424 sslwidget.criteo.com — Cisco Umbrella Rank: 1761 widget.us.criteo.com — Cisco Umbrella Rank: 17950	14 KB
11	creativecdn.com 5 redirects tags.creativecdn.com — Cisco Umbrella Rank: 5350 us.creativecdn.com — Cisco Umbrella Rank: 2503 cm.creativecdn.com — Cisco Umbrella Rank: 8129 ash.creativecdn.com — Cisco Umbrella Rank: 9169	8 KB
9	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563 static-de.ad4mat.net — Cisco Umbrella Rank: 192580	3 KB
5	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1299 criteo-sync.teads.tv — Cisco Umbrella Rank: 2120	1 KB
5	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 714	2 KB
5	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 560 cm.adform.net — Cisco Umbrella Rank: 1211	3 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	286 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	146 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	23 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6765	732 B
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	105 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	19 KB
3	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 13930	2 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	979 B
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 818	3 KB
3	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	1 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4165 onesignal.com — Cisco Umbrella Rank: 1473	73 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	ptengine.com cjs.ptengine.com — Cisco Umbrella Rank: 210260	62 KB
3	gstatic.com fonts.gstatic.com	25 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1462	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	140 B
2	ptengine.jp stats.ptengine.jp — Cisco Umbrella Rank: 61442	530 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	651 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 650	1 KB
2	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	292 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	91 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	195 KB
2	instana.io eum.instana.io — Cisco Umbrella Rank: 7932 eum-orange-saas.instana.io — Cisco Umbrella Rank: 6168	10 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2253	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2331	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33110	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2462	400 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 723	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 689	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 936	422 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1074	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10023	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 666	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	921 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 656	385 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1460	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	163 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 665	790 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	5 KB
1	simptrack.com tm.simptrack.com — Cisco Umbrella Rank: 106380	891 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 83743	493 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 104746	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 89094	434 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 88416	261 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	715 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	463 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	238 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 695	236 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	554 B
1	udmserve.net rt.udmserve.net — Cisco Umbrella Rank: 3557	473 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2266	962 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	15 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2580	258 B
1	dafiti.com.br static.dafiti.com.br — Cisco Umbrella Rank: 472717	2 KB
1	wurfl.io wurfl.io — Cisco Umbrella Rank: 26217	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 225	400 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 590	25 KB
1	amazonaws.com s3.amazonaws.com	118 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
316	83

	Domain	Requested by
30	async-px.dynamicyield.com	www.dafiti.com.co cdn.dynamicyield.com
23	cm.g.doubleclick.net	7 redirects 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
22	cdn.dynamicyield.com	www.dafiti.com.co st.dynamicyield.com
18	static.dafiti.com.co	www.dafiti.com.co static.dafiti.com.co
16	assets.ad4m.at	as.ad4m.at
16	ad4m.at	as.ad4m.at ad4m.at
16	as.ad4m.at	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com www.dafiti.com.co as.ad4m.at ad4m.at
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com www.dafiti.com.co
8	pagead2.googlesyndication.com	www.dafiti.com.co tpc.googlesyndication.com 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
8	www.google.com	tpc.googlesyndication.com 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com www.dafiti.com.co
8	us.creativecdn.com	4 redirects www.dafiti.com.co tags.creativecdn.com
6	securepubads.g.doubleclick.net	www.googletagservices.com www.dafiti.com.co 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
5	gum.criteo.com	3 redirects static.criteo.net gum.criteo.com
5	onetag-sys.com	3 redirects 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
5	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	www.dafiti.com.co 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
5	analytics.tiktok.com	www.googletagmanager.com analytics.tiktok.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.dafiti.com.co
4	static-de.ad4mat.net	as.ad4m.at
4	prod-rtb.ad4mat.net	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
4	sync.teads.tv	2 redirects 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
4	c1.adform.net	4 redirects
4	dis.criteo.com	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
4	www.google.de
4	ib.adnxs.com	2 redirects
3	www.awin1.com	1 redirects as.ad4m.at
3	pv.medialead.de	as.ad4m.at
3	pm.w55c.net	3 redirects
3	pixel.rubiconproject.com	2 redirects
3	script.hotjar.com	static.hotjar.com script.hotjar.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.dafiti.com.co
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	cjs.ptengine.com	www.dafiti.com.co cjs.ptengine.com
3	fonts.gstatic.com	fonts.googleapis.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	api.webgains.io	analytics.webgains.io
2	stats.ptengine.jp	www.dafiti.com.co cjs.ptengine.com
2	ad.doubleclick.net	2 redirects
2	d5p.de17a.com	2 redirects
2	ap.lijit.com	2 redirects
2	tr.blismedia.com	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
2	x.bidswitch.net	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
2	match.adsrvr.org	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
2	www.facebook.com
2	connect.facebook.net	www.dafiti.com.co connect.facebook.net
2	cdn.onesignal.com	www.googletagmanager.com cdn.onesignal.com
2	www.googletagmanager.com	www.dafiti.com.co www.googletagmanager.com
2	www.dafiti.com.co	1 redirects
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	contextual.media.net
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	eum-orange-saas.instana.io	eum.instana.io
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	tm.simptrack.com	as.ad4m.at
1	track.webgains.com	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	secure.adnxs.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
1	rtb.openx.net	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com	4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	rt.udmserve.net
1	analytics.pangle-ads.com	analytics.tiktok.com
1	static.criteo.net	www.googletagmanager.com
1	vc.hotjar.io	www.dafiti.com.co
1	onesignal.com	cdn.onesignal.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ash.creativecdn.com
1	cm.creativecdn.com	1 redirects
1	tags.creativecdn.com	www.dafiti.com.co
1	static.dafiti.com.br	www.googletagmanager.com
1	wurfl.io	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	bam.nr-data.net	www.dafiti.com.co
1	js-agent.newrelic.com	www.dafiti.com.co
1	st.dynamicyield.com	www.dafiti.com.co
1	s3.amazonaws.com	www.dafiti.com.co
1	fonts.googleapis.com	www.dafiti.com.co
1	eum.instana.io	www.dafiti.com.co
316	111

This site contains no links.

Subject Issuer	Validity	Valid
*.dafiti.com.co GeoTrust TLS RSA CA G1	`2023-06-13` - `2024-06-26`	a year	crt.sh
*.instana.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-20` - `2024-09-19`	a year	crt.sh
*.dynamicyield.com Amazon RSA 2048 M02	`2023-09-03` - `2024-10-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ptengine.jp Amazon RSA 2048 M02	`2023-06-25` - `2024-07-23`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
wurfl.io Amazon RSA 2048 M02	`2023-05-11` - `2024-06-08`	a year	crt.sh
*.dafiti.com.br GeoTrust TLS RSA CA G1	`2023-06-07` - `2024-06-24`	a year	crt.sh
1589314308.rsc.cdn77.org R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-27` - `2023-12-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
udmserve.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
simptrack.com R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.dafiti.com.co/
Frame ID: CBBA40ED11E6D4FC78835EF982FF7ABF
Requests: 143 HTTP requests in this frame

Frame: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 38FC718B011CCBEC5D63E14A3DA1AF5B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21524E1D2FADC75EBCCCC3773F191F35
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58BB09E523496375AC54C018214132AD
Requests: 2 HTTP requests in this frame

Frame: https://us.creativecdn.com/ig-membership?ntk=pNB9u-jL0BKwpMkVKMA0eUbRuI8XPSbAZ1WEi9VJv1h5LoJ9E1KauXvGhoFbzJQql9gSEOsdtnOo1QF1QPUYwrfUlnU_AhX9aJJiaAt6Wi4
Frame ID: 78E25A4CBD474DEB5058F544C4A1664C
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/topics-membership?ntk=xdXmFyNwZqGjehNpCWXO9M2AJso7bIrh81OmtdDbnEgQV6utgKj3qr8ZPLxxUz6uLcyZEOATCryUCJ88NlVRRQ
Frame ID: 11C11D613508E7C6EA56DCFDBBD901EB
Requests: 1 HTTP requests in this frame

Frame: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E57C18952A5F49A46726146AFD307D61
Requests: 9 HTTP requests in this frame

Frame: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7B70436774D5283B4E0AD513D7362639
Requests: 9 HTTP requests in this frame

Frame: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DF7D8D0994AEB7BE41EE0A4E0661E47A
Requests: 1 HTTP requests in this frame

Frame: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A8BB0B3130964532C93BF60138FCBED
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g6k15ez1f11kvj0c9sbbp1gb8thckcjhwqytf8mnfwqwey0xecneay7b52kbp31s7dmz9j19vfza42sxn2nnv60qzr7v9sbb4gp7q5n66xxzd4qt70hqyz50hctkbkft9frh274ysymdn2hq66eq2wjdb423kk683r8d7brwkw536vg8d7ydcjc81xptb1qjnz65g772apwz1ksmr0p18x68kwj44f6rg8gr0yhgxpxdht6vx8xaahkhsd2yfv5qpcp2q339swa91kb2aknmcjjrmv97c37tcm8w160a0sp0rce3t6jswyqjeyhmgm31gvy09zag10jd2p6m3gnmw3935wg2fg47n7t7d5wqajkvy35akesq3gr829mh59vanhqrdv8my6rkysnafsjhkxv8k300nr8mtvs352h6g821b2v9r6qzckrk7ev250z46dc5kjm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%26num%3D1%26sig%3DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%26client%3Dca-pub-5111069894309966%26adurl%3D
Frame ID: 41804106CE73A081034306AF8AE32EAE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D858DD9FB6302C7CAA081B9ACB45994F
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1geen3rb9xdxrxnh6kp0qke7f3atrg7637bwg0mkcyeznc388csayfjcpaknwvbbwj45phqqv4wrfhyfsahk7frs3nerbk963pqwhbkjex4ewvm5qqx34b5ert8hbx5jh3ezze51km9ztedq35cf15dfsxh04fzh5510kwj3mx712dc37j8rc763hg1d4m821pp5tvgrwsjkn4gmh747sn7t6xxhnt7htrf02q0cqmmjc0kjw4red0e80mn24jwneqx8jwrr85yk6188n6e1g087vvhn3xa12nhx21a49q2jmc5f6gbj5dhx94z65dr5n69bvf9nqrz1shh8b046q5y3b26v6x88krhp0xak4zhtq9e9ceg1bee81sdvgchzaqartbh4zbrs7q23ytv3281s9ywfq67td2p11tsgtc4zq7cm855gtjx5gbp2r4sf6nz6n64xaw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%26client%3Dca-pub-5111069894309966%26adurl%3D
Frame ID: 62CA22B8B8955B31A55FE8B6FDC43E80
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5220783C4A906CBDC1F968BD17AF865A
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jnjf8r2s0cbk5w2v8qmn7efc1500vnhbnd28t88c293wy5585q55ptkdc5ah2cab15qeehh9pmag3rxdr6mztz3b6cbjz5zxqdxezmak8gb30g2yymk2cq1d041db2qazd2y9w40knye24xcs0er9yznmx9gx43jdyv035vq55wctt43tdkfnj9cyqqyzm4vb02p9bskbgejwce0t1zdjtaqf30zf18qtcg827km9nztsk32j7xrz519zyw5p37hngtv26v43zbwbrxt80e12n66vr6zr5fp8ex82hhdwph1a6gb4sqjn2crh2ve9sj9g2fs373zwnxpvrne39kf26kx5gm8e13xqwecnmge3x80wk3vbtnajrb6dmpwkwh0j3kmk0v3qh8ktkhnrgyyhw40rersa008ysx7bt02cesdrzfwhpgw3wegsv4s96wyzg3jhw5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%26client%3Dca-pub-5111069894309966%26adurl%3D
Frame ID: 9E64B0D081839EB57BE7DB5069F25ECB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: EFB72CE6A156B77C292077DB31B4DDD9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 67344B9E610BF2620E8CE7A9FD86F402
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jajz00a1kjzdbdq7ffetex9mke1z179p2f8mxsbcbm759qfzxrg8yqtqx4fxqxnhwpjec144nyc5b17jg285qg36gk210nxwm5mgp4hvg52kqn1b33zf117sweqxd9nk2pv2z4z5k23edswck7k6v4yz7zpdm214phnfvd2r0xajz84k7btphgh5ahvbj2hw9a83gqs0kbpt4qb1091s5atk69zrm9e19w55s3aga9xwc138qtk9dz4f2d7jf5rzgyvet8mtrn9zmv4axah3py6bn3mn90455yx910zw5cd4b05q4x88sdb7bckvs88vxy0nx18gj8j5nm9gx0m7sywq1zs53x7vn37qepd04fcvq36e1pgx8n1g81651pd9r0ezss14bg60q9r7ex1c3ky2b3vgw5qv7xerw90r6wka40yfsv38td3zn18ykft73x4pcp8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%26client%3Dca-pub-5111069894309966%26adurl%3D
Frame ID: 6F7EDDCA5BAF18B4661D5743EED39987
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: B9E6A7EA54D8FBF6498396E861B22F09
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B31CD1C4383915438BE63A26A4A05764
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 4BF42E3DDF17F3CED36692C6FBDFA741
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 080C5DCBB0494B8547BED57BB243360F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 60C80B50BFF038B09007685CF9D4A978
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 96F15D4C9368F35ACA63FAA8559DA69C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Frame ID: 93603F382C2567AB7DA0CD5AC1A82AB4
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=0342cb3e74445ca9da638e41fddb9d33%2F6177627442614147421&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khfj13c25v0z89kgce8050wxahkwfzck3x2qa735fefaj9r52t3yegt0mazp3krfs4qwmkdcazj1tj490d8qy8caaxx8ccjjx4msw2h2qgm1kjejnseexcd8kzt36cp8rwqtg6gyd4gjzb1f94wdwx7y1aptjfb08z62ysvsk75e9yv6cw5t7jnkgy9fxwbypesrfzkbxpy3rd0twbbvh72vdwjrx39jqc1dakzkby1htw96xdyyp264kykzqac6kgens3mbd5xgjsekzmvvqnk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Frame ID: 11B94CA7427870B8198D40559D3A77C7
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Frame ID: 8CA6430344B156D3AB4AF03ED3EA6F69
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=50&e=&g=cf5f2c49225bc88e316a8caf48488c85%2F2074465583183754607&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386529&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr62hs3ph0t6dpg41mvkbkqagt75j73jwh2pbhkqab6ay0ptt50kttfh8xxwd3xjt3877kx63akj2w8r36ez6x5j7h4z94jhn3q9ra7t4g9474w1cm31a1stypdz4t19watfgm1ttad88hykhaqzt2jp3vgd5rp307na72fv09xwd5ekj4k8ey1718gyf4pm9rtesz3dbrt5yje5bkspj59adwrpnzkya2p5nzdbzpe8nvy0854dk4c6dmbbpzgs19jwn4gys3a7ftgskjzjhth%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Frame ID: 573B32DE486F3CE37EF7E4EACA189F8F
Requests: 5 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: 48C4A899D436EC57B2881392BFB2CDC8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.dafiti.com.co&origin=onetag
Frame ID: 292E4281175A8C83F721B63E5A2F3F89
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-WOamGdAkHa-ESNzkgfw0sByfEElGtgDIXuZKsQ&google_gid=CAESEAKYTdO1f0VksByHl4Jnl7o&google_cver=1&google_ula=913071,0
Frame ID: DC9D37280B78ABBCD3ED073C7D608E9D
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.dafiti.com.co/ HTTP 301
https://www.dafiti.com.co/ Page URL

Page Statistics

316
Requests

91 %
HTTPS

32 %
IPv6

83
Domains

111
Subdomains

91
IPs

11
Countries

5414 kB
Transfer

14984 kB
Size

104
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.dafiti.com.co/ HTTP 301
https://www.dafiti.com.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://us.creativecdn.com/tags?type=img&id0=pr_dbHfLLzNJzzUn3Ibqx7K_uid_&id=pr_dbHfLLzNJzzUn3Ibqx7K_home&su=https%3A%2F%2Fwww.dafiti.com.co%2F%3Fsr%3D&ts=1702953385537&gtmcb=1508128302 HTTP 302
https://us.creativecdn.com/tags?type=img&id0=pr_dbHfLLzNJzzUn3Ibqx7K_uid_&id=pr_dbHfLLzNJzzUn3Ibqx7K_home&su=https%3A%2F%2Fwww.dafiti.com.co%2F%3Fsr%3D&ts=1702953385537&gtmcb=1508128302&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=6KAUwwEtn07C-CcFFgx6dWBLaBiShUZ5l19owxkaN-8&pi=adx&tdc=ash HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&google_gid=CAESEDZO6WkEWAmMwcbH0YSgAws&google_cver=1&google_ula=5153224,0 HTTP 302
https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&google_gid=CAESEDZO6WkEWAmMwcbH0YSgAws&google_cver=1&google_ula=5153224,0

Request Chain 71

https://us.creativecdn.com/tags?type=img&id=pr_dbHfLLzNJzzUn3Ibqx7K&id=pr_dbHfLLzNJzzUn3Ibqx7K_uid_&su=https%3A%2F%2Fwww.dafiti.com.co%2F%3Fsr%3D&ts=1702953385541 HTTP 302
https://us.creativecdn.com/tags?type=img&id=pr_dbHfLLzNJzzUn3Ibqx7K&id=pr_dbHfLLzNJzzUn3Ibqx7K_uid_&su=https%3A%2F%2Fwww.dafiti.com.co%2F%3Fsr%3D&ts=1702953385541&tc=1 HTTP 302
https://ib.adnxs.com/setuid?entity=315&code=6KAUwwEtn07C-CcFFgx6dWBLaBiShUZ5l19owxkaN-8 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D6KAUwwEtn07C-CcFFgx6dWBLaBiShUZ5l19owxkaN-8

Request Chain 153

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPTxW-960klNTzPRLItH9l0&google_cver=1&google_push=AXcoOmQWDUSmXlvoXqsNiBTrT-Zx9V9j8jc7FzR7rtoe0NHHE-1Mmcmm9TTBhBC4uVBJNkx2MsgeomdSyHAGVE-btBMLBf7VrEa9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWDUSmXlvoXqsNiBTrT-Zx9V9j8jc7FzR7rtoe0NHHE-1Mmcmm9TTBhBC4uVBJNkx2MsgeomdSyHAGVE-btBMLBf7VrEa9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPTxW-960klNTzPRLItH9l0&google_cver=1&google_push=AXcoOmQWDUSmXlvoXqsNiBTrT-Zx9V9j8jc7FzR7rtoe0NHHE-1Mmcmm9TTBhBC4uVBJNkx2MsgeomdSyHAGVE-btBMLBf7VrEa9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWDUSmXlvoXqsNiBTrT-Zx9V9j8jc7FzR7rtoe0NHHE-1Mmcmm9TTBhBC4uVBJNkx2MsgeomdSyHAGVE-btBMLBf7VrEa9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 155

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDoYvwsKgw9FlFx6LVCHhmw&google_cver=1&google_push=AXcoOmQOGmMmFqmWl2qUa_MhmDPvRZGLZw5pmpmmxQsWAUeLJDn9dhkR9UZgzicv-tnjNyNzdHoqGhHdCSiGDhj3jwzgQH3NLis HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=67aw6FPYQn0PhuaOnumpKA&google_push=AXcoOmQOGmMmFqmWl2qUa_MhmDPvRZGLZw5pmpmmxQsWAUeLJDn9dhkR9UZgzicv-tnjNyNzdHoqGhHdCSiGDhj3jwzgQH3NLis

Request Chain 158

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENy-VNbnJUGfK3jq_1eOdZM&google_cver=1&google_push=AXcoOmSJMZG0uti92P098V532VijPjAsmImCWfzn669H6Eyk6NVjH6CGtvyeaDTwb7EZwNVyEil443q2VlqQ0pHdhrGyN7RBefXF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFCUUg2SUItMU4tN1dQQg==&google_push=AXcoOmSJMZG0uti92P098V532VijPjAsmImCWfzn669H6Eyk6NVjH6CGtvyeaDTwb7EZwNVyEil443q2VlqQ0pHdhrGyN7RBefXF

Request Chain 161

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDI72KuvzjlX_KbXvPbxlnM&google_cver=1&google_push=AXcoOmSTy6DedUpYiyz70_1r3tn3a5GgLJLxadd4Y8XG773qiUUK9cxd4NuYMPEBa1WzCOmabnPXrBWm7Csal4JZkUCY6pXYbEGC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1MDQ4NDY1MzEyNjA5OTQ1NA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDI72KuvzjlX_KbXvPbxlnM&google_cver=1

Request Chain 163

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmQtmYWb7O3wfCcmcgZdJ0FEDN06XLpzbUVz1Ftn3iANnhZj59sIiNxwGmBcQVWWufGpMfZpx2to9sGyI4v7SRVwBnowWuoDiw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmQtmYWb7O3wfCcmcgZdJ0FEDN06XLpzbUVz1Ftn3iANnhZj59sIiNxwGmBcQVWWufGpMfZpx2to9sGyI4v7SRVwBnowWuoDiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWVxcHdwTjQxUmZwWTY1&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmQtmYWb7O3wfCcmcgZdJ0FEDN06XLpzbUVz1Ftn3iANnhZj59sIiNxwGmBcQVWWufGpMfZpx2to9sGyI4v7SRVwBnowWuoDiw

Request Chain 166

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzfNEPz73loLtNFr55ro58&google_cver=1&google_push=AXcoOmR7q6gIUveWtvqc1YH5vHaEIVefABnvPN9vEoh2cJIpz4fzc0s59xZMxinvLrUSJW8g_1aWdDW1A6nCAaGrudyMjDv5yEEA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAzfNEPz73loLtNFr55ro58&google_cver=1&google_push=AXcoOmR7q6gIUveWtvqc1YH5vHaEIVefABnvPN9vEoh2cJIpz4fzc0s59xZMxinvLrUSJW8g_1aWdDW1A6nCAaGrudyMjDv5yEEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEyMTY0MDUxOTQ1MjYxMDI4Mg&google_push=AXcoOmR7q6gIUveWtvqc1YH5vHaEIVefABnvPN9vEoh2cJIpz4fzc0s59xZMxinvLrUSJW8g_1aWdDW1A6nCAaGrudyMjDv5yEEA

Request Chain 167

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECjI6j-PrhlnPAQTIRRuWNA&google_cver=1&google_push=AXcoOmSOZQiFUGI0NvlcMwR0DjFW364NhnCIlNywpengC_RI7UsI3-wRoAlXOLUxpxKqg7rneTcjFYL34kRktluhB_8trwAKPNh7rl4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSOZQiFUGI0NvlcMwR0DjFW364NhnCIlNywpengC_RI7UsI3-wRoAlXOLUxpxKqg7rneTcjFYL34kRktluhB_8trwAKPNh7rl4 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 171

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzfNEPz73loLtNFr55ro58&google_cver=1&google_push=AXcoOmSNFS3cMafPnjWwh10Pj5vEyX2G9gvnUNl16u7GVk787mJ2apG9gy5ht7ghhdVKyv1XS7bUIv52GQaUSBtiW3MncqLS3RBl HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAzfNEPz73loLtNFr55ro58&google_cver=1&google_push=AXcoOmSNFS3cMafPnjWwh10Pj5vEyX2G9gvnUNl16u7GVk787mJ2apG9gy5ht7ghhdVKyv1XS7bUIv52GQaUSBtiW3MncqLS3RBl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MzQ2MDQxMzQ3MDYzNjU3Ng&google_push=AXcoOmSNFS3cMafPnjWwh10Pj5vEyX2G9gvnUNl16u7GVk787mJ2apG9gy5ht7ghhdVKyv1XS7bUIv52GQaUSBtiW3MncqLS3RBl

Request Chain 172

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENy-VNbnJUGfK3jq_1eOdZM&google_cver=1&google_push=AXcoOmRzWYvMQpCC85iicsq3DG784Hg9T4pN3II3zqwU-LtvBAuZoiXOftB4-cP2TA6ejisuXtl7phmlmLcbKA-hmHfDmYleZ8xa4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFCUUg2SUItRi1CMkxB&google_push=AXcoOmRzWYvMQpCC85iicsq3DG784Hg9T4pN3II3zqwU-LtvBAuZoiXOftB4-cP2TA6ejisuXtl7phmlmLcbKA-hmHfDmYleZ8xa4Q

Request Chain 173

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL1PwvR8vhHgoA2jHyiMKuA&google_cver=1&google_push=AXcoOmRkRkpnnGayGWCO-JG4rVNO85hOS_USUcVYoHpZPn4YPXtYAUIM1GnMuYo3CLQrJ5ou4o2XzhnZ3Ruzt5RX674pzeppO7RE HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL1PwvR8vhHgoA2jHyiMKuA&google_cver=1&google_push=AXcoOmRkRkpnnGayGWCO-JG4rVNO85hOS_USUcVYoHpZPn4YPXtYAUIM1GnMuYo3CLQrJ5ou4o2XzhnZ3Ruzt5RX674pzeppO7RE&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRkRkpnnGayGWCO-JG4rVNO85hOS_USUcVYoHpZPn4YPXtYAUIM1GnMuYo3CLQrJ5ou4o2XzhnZ3Ruzt5RX674pzeppO7RE&google_hm=H2EcsGZHIJRQppu2Sky9s3ft

Request Chain 174

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECjI6j-PrhlnPAQTIRRuWNA&google_cver=1&google_push=AXcoOmSkZMSl8DfDfFQKu53vbAeQO6unYM02OAOsZNXaUV9wA9tbkO9MRNUjhWho1qvckZVbeoptfBI2O67BFryq1yLuZqXQs-EC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkZMSl8DfDfFQKu53vbAeQO6unYM02OAOsZNXaUV9wA9tbkO9MRNUjhWho1qvckZVbeoptfBI2O67BFryq1yLuZqXQs-EC

Request Chain 175

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECjI6j-PrhlnPAQTIRRuWNA&google_cver=1&google_push=AXcoOmQ6-mSl-cSeLNskTzSHmksJm4Bs2ObmeY48kIOoowY8AzMP8VUt0ASBX3VG34-CjU3ZA3Pzy60uSQ1VcNZyxVARttegy_-AJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ6-mSl-cSeLNskTzSHmksJm4Bs2ObmeY48kIOoowY8AzMP8VUt0ASBX3VG34-CjU3ZA3Pzy60uSQ1VcNZyxVARttegy_-AJg HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 176

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEADxlDfZxn5XFW2yFQuaOlk&google_cver=1&google_push=AXcoOmRRh693rCT_3AVRJXu3xWT1XYyNvvwzqE2L7eKpTaZRcceQCT3SJ1z1AUOhz1U9g_1z4C3-ySUg0s7MtR4NjCm8dlfYkc3Dag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRRh693rCT_3AVRJXu3xWT1XYyNvvwzqE2L7eKpTaZRcceQCT3SJ1z1AUOhz1U9g_1z4C3-ySUg0s7MtR4NjCm8dlfYkc3Dag HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 181

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmRZ-eLCQQuVit8URB3upBBfLCDT0gPpCBpHLMeQvmq01Ps1MyjebqoDvfXk8YlCN_SxUIM2GgUf9_xrdQz2EA4yrdZwikQZ8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWVxcHdwTjQxUmZwWTY1&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmRZ-eLCQQuVit8URB3upBBfLCDT0gPpCBpHLMeQvmq01Ps1MyjebqoDvfXk8YlCN_SxUIM2GgUf9_xrdQz2EA4yrdZwikQZ8w

Request Chain 182

https://um.simpli.fi/gp_match?google_gid=CAESEPlkej5VVlqxaIW5WPvF_AI&google_cver=1&google_push=AXcoOmQnXh7hHm254rYuzCy0QrR4ukNGrxrx1HqNjx6uaCQUYxOPz6izlj3aOyos3THBMbefr2n4cdeF3c-XI0OqYQi1sQw9tMo7LQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F4378E736DE4964AF66542D80C43E1B&google_push=AXcoOmQnXh7hHm254rYuzCy0QrR4ukNGrxrx1HqNjx6uaCQUYxOPz6izlj3aOyos3THBMbefr2n4cdeF3c-XI0OqYQi1sQw9tMo7LQ

Request Chain 184

https://d5p.de17a.com/cookies/google?google_gid=CAESEOtXNsirCZhzouHp-RnpO04&google_cver=1&google_push=AXcoOmTLfw4R-h744BOd96hc9zoQtiYm7lQu7HWPw0u5ZwU5dDll6xz33G4v2QVzZJP69N2MT4opoieBa3tm9TaIaSyhSzGrfDRYUw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOtXNsirCZhzouHp-RnpO04&google_cver=1&google_push=AXcoOmTLfw4R-h744BOd96hc9zoQtiYm7lQu7HWPw0u5ZwU5dDll6xz33G4v2QVzZJP69N2MT4opoieBa3tm9TaIaSyhSzGrfDRYUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTLfw4R-h744BOd96hc9zoQtiYm7lQu7HWPw0u5ZwU5dDll6xz33G4v2QVzZJP69N2MT4opoieBa3tm9TaIaSyhSzGrfDRYUw

Request Chain 186

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEADxlDfZxn5XFW2yFQuaOlk&google_cver=1&google_push=AXcoOmRL5UELKvNACTvSAR_TKVTfZYjAlBGhCi9Ez1lwWaJfbMnQkW0pD1mKlsXYLJbZjNLcrxVpHPLR8o07aB33mqpd_qSm2i13xg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRL5UELKvNACTvSAR_TKVTfZYjAlBGhCi9Ez1lwWaJfbMnQkW0pD1mKlsXYLJbZjNLcrxVpHPLR8o07aB33mqpd_qSm2i13xg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 187

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEB4PMXk-ditOKtb-uyXbJtw&google_cver=1&google_push=AXcoOmRF44gT5ZU0jbHMogLX3XPWmTUWLZG3z6fj4Ixng7N-PmhjIr6PYGSVm-Jx4nTbhdlYEJog8Xz5HFJkM0_FaoxKFKCxAMNxxuc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA5MDcwOTU2NjM5OTE0NzA2Nw%3D%3D&google_gid=CAESEB4PMXk-ditOKtb-uyXbJtw&google_cver=1&google_push=AXcoOmRF44gT5ZU0jbHMogLX3XPWmTUWLZG3z6fj4Ixng7N-PmhjIr6PYGSVm-Jx4nTbhdlYEJog8Xz5HFJkM0_FaoxKFKCxAMNxxuc

Request Chain 268

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKK1tt27moMDFbbtEQgdLIMMkw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023121903362691421156855X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023121903362691421156855X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218

Request Chain 271

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1702953386_684d8010-9e17-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 286

https://sslwidget.criteo.com/event?a=5844&v=5.20.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd&p1=e%3Dvh%26si%3D0&p2=e%3Ddis&adce=1&bundle=Hz3dbl9hNlI1dVMwMEI1UUhnWHlscldWcDhwd1NlVVBPJTJCbzJoM2Ftbk1kU2JxSjVRYnNHaG5DeUtTWktHVlVwY2Q2MHUlMkIxZTVsOWpsbnVMM202U2l4ZndhQmhxUGJXWDBmSkVRd09mNFpqeVVJQXRzNExmcXZwJTJCQW5BRSUyRktVVWc2TnJ3UVpqYzZtTDNMMDc5amwlMkZDJTJCc3huU0ElM0QlM0Q&tld=dafiti.com.co&fu=https%253A%252F%252Fwww.dafiti.com.co%252F&ceid=400d1725-3657-47d6-8870-7dd5c7506cd6&dtycbr=16742 HTTP 302
https://widget.us.criteo.com/event?a=5844&v=5.20.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd&p1=e%3Dvh%26si%3D0&p2=e%3Ddis&adce=1&bundle=Hz3dbl9hNlI1dVMwMEI1UUhnWHlscldWcDhwd1NlVVBPJTJCbzJoM2Ftbk1kU2JxSjVRYnNHaG5DeUtTWktHVlVwY2Q2MHUlMkIxZTVsOWpsbnVMM202U2l4ZndhQmhxUGJXWDBmSkVRd09mNFpqeVVJQXRzNExmcXZwJTJCQW5BRSUyRktVVWc2TnJ3UVpqYzZtTDNMMDc5amwlMkZDJTJCc3huU0ElM0QlM0Q&tld=dafiti.com.co&fu=https%253A%252F%252Fwww.dafiti.com.co%252F&ceid=400d1725-3657-47d6-8870-7dd5c7506cd6&dtycbr=16742

Request Chain 289

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-WOamGdAkHa-ESNzkgfw0sByfEElGtgDIXuZKsQ&google_cm&google_hm=ay1XT2FtR2RBa0hhLUVTTnprZ2Z3MHNCeWZFRWxHdGdESVh1WktzUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-WOamGdAkHa-ESNzkgfw0sByfEElGtgDIXuZKsQ&google_gid=CAESEAKYTdO1f0VksByHl4Jnl7o&google_cver=1&google_ula=913071,0

Request Chain 291

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7090709566399147067

Request Chain 301

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1FkVsdAkHa-ESNzkgfw0sByfEEl9kqBsiT-mlA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1FkVsdAkHa-ESNzkgfw0sByfEEl9kqBsiT-mlA&C=1

Request Chain 302

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=YzgCD4AmEoZxehd92dM8IYdxP0-_GGEP HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YzgCD4AmEoZxehd92dM8IYdxP0-_GGEP

Request Chain 318

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=UhPRW0Lz_xNqvZMSzqFZfDiTRq6SaC-_

Request Chain 319

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=4BOsQtAvw7kx0nMz5v0a1Fgp39eMNvkw

316 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.dafiti.com.co/
Redirect Chain

http://www.dafiti.com.co/
https://www.dafiti.com.co/

325 KB
89 KB

10028ms
10015ms

Document
text/html

179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

nginx /

Resource Hash

8485264bbcea02744377ec26fc10400a9b6e9f01e96c17ede366c976aa586ec5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 02:36:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
server-timing: intid;desc=80915c74c01c4230
x-server: dft-co-live-alice-i-088678ea2b835c837
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 19 Dec 2023 02:36:13 GMT
Location: https://www.dafiti.com.co/
Server: azion webserver

GET
H2 200 desktop-86f00e5ab7.css
static.dafiti.com.co/css/live/ 147 KB
48 KB 638ms
6ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.co/css/live/desktop-86f00e5ab7.css
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: c3340d6fd09a51cd4ee7b0c80ac510cc7ee3a8b359c87cd326ca4dd4b6590500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:24 GMT
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 01:14:02 GMT
server: nginx
etag: W/"6580ee5a-24c4f"
vary: User-Agent
content-type: text/css
cache-control: max-age=31536000, public
expires: Wed, 18 Dec 2024 01:35:47 GMT

GET
H2 200 eum.min.js Show response
eum.instana.io/ 27 KB
10 KB 45ms
12ms Script
application/javascript 2606:4700::6810:cc16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a6fdd83eb858f126fc5b8c408c0bf49fda96e9dedb44d893d88932cc40294d

Request headers

Referer: https://www.dafiti.com.co/
Origin: https://www.dafiti.com.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:23 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 1 Jan 1970 00:00:01 GMT
server: cloudflare
age: 57195
etag: -724079698--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin: *
cf-ray: 837c41f86e686909-FRA

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8767770/ 5 MB
435 KB 473ms
423ms Script
application/javascript 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8767770/api_dynamic.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: d5dd6fa2766b4f32a9e74bab27ef97f583bf185ada3c65fc2996d05a6558de35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 02:35:15 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: W/"2a58b3c7bb4e02ae246b6b6d4ac027be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: qGrgD_HvHXMjC1Hy5AZ2I01E_NvAjS0BhLXCcL3i-BARVia1pFHjMg==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8767770/ 299 KB
88 KB 477ms
428ms Script
application/javascript 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8767770/api_static.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: fbae3eb07bebd887c70fc5c2ac40b7f4bee4985aedc1f3901c91af14679d3ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 02:35:16 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: W/"012a0047dc6ee50f0faac2609bcc18ec"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: p_jKgVHAuklZRYb_p21LsadOPwU2MwBeB1szqttLd3iCwQZqAUh1kA==

GET
H2 200 dafiti-logo.png
static.dafiti.com.co/images/ 780 B
975 B 620ms
7ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.co/images/dafiti-logo.png
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 045dd3e2cc1e5a78554b1ffda7def82133042a6d02bc0f27103046f7412b532c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:24 GMT
server: Azion IMS
x-original-image-size: 1344
etag: "e5e6be253ad4338d3a5a6718ff0f7d4e32d6fab3"
vary: Accept, User-Agent
content-type: image/webp
x-ims: Enabled
content-length: 780
expires: Fri, 17 Nov 2023 15:57:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,500;0,600;1,100;1,200;1,300;1,700&display=swap

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5860f72894745aab31c02dd9501b4f52a13a10c974359ff46bc6193cd8b30be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 02:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 02:36:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 02:36:23 GMT

GET
H/1.1 200
OK bundle.min.js Show response
s3.amazonaws.com/widgets.addi.com/ 118 KB
118 KB 310ms
119ms Script
text/javascript 52.217.194.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/widgets.addi.com/bundle.min.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 51662303bf958ed5fcd55f7bdb63c65e5e9782cad38b5ceac639c68c737aff58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 02:36:25 GMT
x-amz-version-id: pItQl6aGn3mwYDv0nUMw0lUlfSe_qVAA
Last-Modified: Fri, 16 Jun 2023 20:37:42 GMT
Server: AmazonS3
x-amz-request-id: MSNVWE7QW0DDR6BX
ETag: "c9eb6167a0c13ee0e5b93d8c26024994"
x-amz-server-side-encryption: AES256
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 120707
x-amz-id-2: mUQ/NMpC6nkQoLdAPhnBQZKbRDuntW5bfP1rOx7XZ5wLuFdesZ3yWEcYxp1BI5x0agKzdkl4tzY=

GET
H2 200 st Show response
st.dynamicyield.com/ 22 KB
4 KB 350ms
301ms Script
text/javascript 2600:9000:2440:2000:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8767770&inHead=true&id=0&jsession=&ref=&scriptVersion=1.213.0&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%7D
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:2000:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c937c24b4cca0fb31ed9129826926e85bd19a0d0186985dd1711a6e857b61c69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: w2KKm0YlTKsQfSO2SOA88nKb3kRDxCEOT6WBhIDnKOc1kK65xKoWKg==
expires: Tue, 19 Dec 2023 02:36:24 GMT

GET
H2 200 control-a3d74937f4.js Show response
static.dafiti.com.co/js/live/ 6 KB
2 KB 6ms
6ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.co/js/live/control-a3d74937f4.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: 8efaf82825a9c0bc6d98cf9cec490eb08d92d29934ad237273708216720fcc55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:24 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 15:19:03 GMT
server: nginx
etag: W/"654ba6e7-18a3"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 15 Nov 2024 15:49:08 GMT

GET
H2 200 Roboto-Regular.woff
static.dafiti.com.co/fonts/ 24 KB
25 KB 20ms
6ms Font
font/woff 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.co/fonts/Roboto-Regular.woff
Requested by: Host: static.dafiti.com.co
URL: https://static.dafiti.com.co/css/live/desktop-86f00e5ab7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

Request headers

Referer: https://static.dafiti.com.co/css/live/desktop-86f00e5ab7.css
Origin: https://www.dafiti.com.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
last-modified: Wed, 08 Nov 2023 15:19:03 GMT
server: nginx
etag: "654ba6e7-61bc"
vary: User-Agent
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25020
expires: Fri, 15 Nov 2024 15:49:08 GMT

GET
H2 200 Flechas.png
static.dafiti.com.co/cms/2019/AGOSTO/ON-SITE/ 3 KB
4 KB 10ms
10ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.co/cms/2019/AGOSTO/ON-SITE/Flechas.png
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 66ecb05ae6aa55edec47dc3b7f25f1bb505551e57f01a8ebda9873077ef779c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
server: Azion IMS
x-original-image-size: 3183
etag: "d935500a9f8a2b3beb4e812c1be5bf08728c415e"
vary: Accept, User-Agent
content-type: image/webp
x-ims: Enabled
content-length: 3494
expires: Fri, 17 Nov 2023 17:15:42 GMT

GET
H2 200 cce.png
static.dafiti.com.co/cms/ 4 KB
5 KB 10ms
10ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.co/cms/cce.png
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7e705f6ee9c3b61851c5da6eeecd130443bf77c0e15724b74e29fc81b9522c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
server: Azion IMS
x-original-image-size: 14224
etag: "85f774f67553ecbb85c7a3355e22165fb0e1ab53"
vary: Accept, User-Agent
content-type: image/webp
x-ims: Enabled
content-length: 4536
expires: Fri, 17 Nov 2023 15:57:39 GMT

GET
H2 200 sicfacilita.png
static.dafiti.com.co/cms/2019/Octubre/Onsite/ 4 KB
4 KB 11ms
10ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.co/cms/2019/Octubre/Onsite/sicfacilita.png
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 6895cc3d18135d5475cf830e523a6bd88f89403a491623213ff516f86028327b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
server: Azion IMS
x-original-image-size: 20342
etag: "db90c5acb3841b92540df1f379e74a4e955858e9"
vary: Accept, User-Agent
content-type: image/webp
x-ims: Enabled
content-length: 3868
expires: Fri, 17 Nov 2023 15:57:40 GMT

GET
H2 200 sic.jpg
static.dafiti.com.co/cms/push/cyberagosto/ 2 KB
2 KB 11ms
11ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.co/cms/push/cyberagosto/sic.jpg
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 884c77595d4fcaf52b0771c2ce360f82f517fa6fa766b0c94f573d083d7fcb61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
server: Azion IMS
x-original-image-size: 8208
etag: "68082e993304196d47b47a5c39efc42e55d27d4c"
vary: Accept, User-Agent
content-type: image/webp
x-ims: Enabled
content-length: 2064
expires: Fri, 17 Nov 2023 15:57:39 GMT

GET
H2 200 dafiticons-8d88266c66.woff
static.dafiti.com.co/fonts/ 9 KB
9 KB 20ms
8ms Font
font/woff 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.co/fonts/dafiticons-8d88266c66.woff
Requested by: Host: static.dafiti.com.co
URL: https://static.dafiti.com.co/css/live/desktop-86f00e5ab7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: a851ebeff4931c41de8ab0a382ebd9badbe8c85db60e22f70bf95591f3681198

Request headers

Referer: https://static.dafiti.com.co/css/live/desktop-86f00e5ab7.css
Origin: https://www.dafiti.com.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
last-modified: Tue, 19 Dec 2023 01:14:02 GMT
server: nginx
etag: "6580ee5a-2460"
vary: User-Agent
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9312
expires: Wed, 18 Dec 2024 01:27:03 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,500;0,600;1,100;1,200;1,300;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dafiti.com.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 18:54:06 GMT
x-content-type-options: nosniff
age: 27739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 18:54:06 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 9 KB
9 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,500;0,600;1,100;1,200;1,300;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dafiti.com.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 01:12:20 GMT
x-content-type-options: nosniff
age: 350645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8712
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 01:12:20 GMT

GET
H2 200 desktop-head-7181906e18.js
static.dafiti.com.co/js/live/ 78 KB
78 KB 6ms
6ms Image
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.co/js/live/desktop-head-7181906e18.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 15:19:03 GMT
server: nginx
etag: W/"654ba6e7-26215"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 15 Nov 2024 15:49:08 GMT

GET
H2 200 printBanner.js
static.dafiti.com.co/js/libs/ 4 KB
4 KB 7ms
7ms Image
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.co/js/libs/printBanner.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 15:19:03 GMT
server: nginx
etag: W/"654ba6e7-10e9"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 15 Nov 2024 17:40:55 GMT

GET
H2 200 desktop-footer-6699d41005.js
static.dafiti.com.co/js/live/ 104 KB
104 KB 9ms
8ms Image
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.co/js/live/desktop-footer-6699d41005.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
last-modified: Tue, 12 Dec 2023 14:39:31 GMT
server: nginx
etag: W/"657870a3-51a57"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Wed, 11 Dec 2024 15:00:32 GMT

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/1.213.0/ 199 KB
62 KB 10ms
10ms Script
application/javascript 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Requested by: Host: st.dynamicyield.com
URL: https://st.dynamicyield.com/st?sec=8767770&inHead=true&id=0&jsession=&ref=&scriptVersion=1.213.0&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 19b9a6628fa003af26766ce1578420be5068227a572c78f0e20b53e2f2fc1886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:00:40 GMT
content-encoding: gzip
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
last-modified: Sun, 15 Oct 2023 07:23:37 GMT
server: DYCDN
age: 617746
x-amz-cf-pop: DUS51-P2
etag: W/"b587b1ed184fe1cb6e2ea31f12e547c2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: ARq8IeDn7COenudu_6nV08ePFTf9wH-linO4vUmKU5KOkEigsETGaQ==

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
383 B 134ms
105ms XHR
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1702953385383
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 158fcfe21f7e6b2462341c797edc267c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: DcfUc_Sc7E0z7lEcEefelvYSj9zCV_APwkt8t1hTFd3CKHDFMfoOhQ==
expires: 0

GET
H2 200 nr-full-1.249.0.min.js Show response
js-agent.newrelic.com/ 73 KB
25 KB 25ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-full-1.249.0.min.js

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

293596ca987a05b6966614b08a9369eb37ee12a373eed8faf64f188c79c98962

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.dafiti.com.co/
Origin: https://www.dafiti.com.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: FG4gJKi4hvQMXbL6zhYA9xtMBWu49yZa
content-encoding: br
via: 1.1 varnish
date: Tue, 19 Dec 2023 02:36:25 GMT
strict-transport-security: max-age=300
x-amz-request-id: Q56KPQCT2NNNPKP0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 24848
x-amz-id-2: 0HQTQVy2mWF4CBpM7Ljll+Y7nGi5anhsCJrdRnGzWRr/7Tyy6HqbH1/07hXjF+PJFOZhIoBepmg=
x-served-by: cache-fra-etou8220048-FRA
last-modified: Thu, 14 Dec 2023 16:36:09 GMT
server: AmazonS3
x-timer: S1702953385.413576,VS0,VE0
etag: "dde2becd3a0bbb615a3d81eb9ddc15b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 42315

GET
H2 200 desktop-head-7181906e18.js Show response
static.dafiti.com.co/js/live/ 153 KB
58 KB 6ms
6ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.co/js/live/desktop-head-7181906e18.js
Requested by: Host: static.dafiti.com.co
URL: https://static.dafiti.com.co/js/live/control-a3d74937f4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: cf09eee7101e4fff639120495f14b24cd0aa6d5fae90240f2b2c3adf888b0100

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 15:19:03 GMT
server: nginx
etag: W/"654ba6e7-26215"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 15 Nov 2024 15:49:08 GMT

GET
DATA 200
OK truncated
/ 52 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd7059bd5c8e99398ab4805b8e62c7acb64075dd921b65b9377ffe84a26c2e04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 394 KB
117 KB 67ms
45ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-HHB6

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02865daaa641d7a90f81bd855f5d79645e10d3533442b529799a3e1413032275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119181
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Dec 2023 02:36:25 GMT

GET
H2 200 sprite-desktop-867c23d7fa.webp
static.dafiti.com.co/images/co/sp/ 50 KB
50 KB 7ms
7ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.co/images/co/sp/sprite-desktop-867c23d7fa.webp
Requested by: Host: static.dafiti.com.co
URL: https://static.dafiti.com.co/css/live/desktop-86f00e5ab7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: 879b44d198774dde08d879917367c43591d71b8f1edb09b5a4d7ea5681874335

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.dafiti.com.co/css/live/desktop-86f00e5ab7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
last-modified: Tue, 05 Dec 2023 15:37:38 GMT
server: nginx
etag: "656f43c2-c6ca"
vary: User-Agent
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 50890
expires: Wed, 04 Dec 2024 16:06:45 GMT

GET
H2 200 dffbe5a6c437__fillet_levis_trasnochono.png
cdn.dynamicyield.com/api/8767770/images/ 18 KB
19 KB 411ms
411ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/dffbe5a6c437__fillet_levis_trasnochono.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

7f90e31462f033ca6d83e5cf171bb758eb059131b3ac21712c96d80bf887fb46

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Tue, 14 Nov 2023 19:21:36 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "7113531cc0e9086e671215b95d371daa"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 18859
x-amz-cf-id: 5Ihi4oRZM8G73UnXEFIjugmBAiN6ussGgTt0-VfL9cuAObA-kCaTYw==

POST
H2 200 dpx
async-px.dynamicyield.com/ 0
384 B 308ms
291ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 5X_wcYF5NuM_I4NEBbmELszQTXz2TTrU6eubFTKsRDgNNsPo8Z9rFw==
expires: 0

GET
H2 200 pta_en.js Show response
cjs.ptengine.com/ 960 B
1 KB 49ms
9ms Script
application/javascript 2600:9000:2440:3a00:15:14c9:5c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cjs.ptengine.com/pta_en.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:3a00:15:14c9:5c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6100e404af322aea23d64043c9bf9f51856bb90a0c41ecd94b640a29aec6f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: TnKuBPxeVhChOg8c2FeaP5pnlBNiIq.E
date: Fri, 15 Dec 2023 05:42:34 GMT
via: 1.1 029240073e9896e5a27397d88f3dcfc2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
age: 334726
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 960
last-modified: Mon, 18 Sep 2023 10:32:49 GMT
server: AmazonS3
etag: "374e5e468b0e5853f5fe70647b076d03"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
x-amz-cf-id: LbufySdweIHkWnfo6YtY1FA7dlg6G4wuJ2bJEtCzuYLoFSnRykEx6w==

GET
H2 200 pts.js Show response
cjs.ptengine.com/ 0
438 B 50ms
10ms Script
application/javascript 2600:9000:2440:3a00:15:14c9:5c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cjs.ptengine.com/pts.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:3a00:15:14c9:5c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 05:26:35 GMT
x-amz-version-id: _E_EkswFAxlww3ixrVb_BzgjMl807VhE
via: 1.1 029240073e9896e5a27397d88f3dcfc2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
age: 508191
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Mon, 18 Sep 2023 10:33:47 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qnDvXL_DorWoMDKWEl69xNV4TmWMUKXO9h45cWSJRP1nqNw4Hv57Hg==

POST
H2 200 var
async-px.dynamicyield.com/ 0
384 B 120ms
105ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 28FePilibmiInF_5BFxlM3J5yb7HwLpAdO1k3MRTfIxNCotRD-YS5Q==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 305ms
290ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: xiMN1IdhTrJpXeeO745wdmv_NeBtFQejz8FjVx7IxUGFLfqjyualzg==
expires: 0

GET
H2 200 printBanner.js Show response
static.dafiti.com.co/js/libs/ 4 KB
2 KB 6ms
5ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.co/js/libs/printBanner.js
Requested by: Host: static.dafiti.com.co
URL: https://static.dafiti.com.co/js/live/control-a3d74937f4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: b1f022d469107e179e293411ea4bb9b5fd772d7c73d3b9faf36861acb44837b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 15:19:03 GMT
server: nginx
etag: W/"654ba6e7-10e9"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 15 Nov 2024 17:40:55 GMT

POST
H/1.1 200 5b8ab51bf8 Show response
bam.nr-data.net/1/ 40 B
400 B 569ms
543ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/5b8ab51bf8?a=1850442&v=1.249.0&to=Y1JXMURWXEJSVEVbDFoYdhBFQ11cHF5fVgZMGFwLUlJK&rst=13294&ck=0&s=ea6296e812d86990&ref=https://www.dafiti.com.co/&af=err,xhr,stn,ins&ap=514&be=11548&fe=1704&dc=1329&at=TxVARwxMTx0RVhMIGElK&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1702953372145,%22n%22:0,%22f%22:1520,%22dn%22:1521,%22dne%22:1521,%22c%22:1521,%22s%22:1526,%22ce%22:1534,%22rq%22:1534,%22rp%22:11549,%22rpe%22:11640,%22di%22:12876,%22ds%22:12877,%22de%22:12877,%22dc%22:13249,%22l%22:13249,%22le%22:13252%7D,%22navigation%22:%7B%7D%7D&fp=12885&fcp=12885
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.dafiti.com.co
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: close
Content-Length: 40
x-served-by: cache-fra-eddf8230045-FRA

GET
H2 200 bf4ecd999386__after_banner_pepejeans.png
cdn.dynamicyield.com/api/8767770/images/ 60 KB
61 KB 418ms
418ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/bf4ecd999386__after_banner_pepejeans.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

ddd73f65cd1ea20a2f63c6335ed0cf95dadea78f8987518ee54ed9d2617580e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Fri, 15 Dec 2023 03:43:06 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "348a9858a97b055dba2558d1915f3f3a"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 61274
x-amz-cf-id: qf8Evq-AJgUkQTgRlMfWuj_Hhah6ClZfHJx-fnRLWavTHE_dl4_GFA==

GET
H2 200 desktop-footer-6699d41005.js Show response
static.dafiti.com.co/js/live/ 327 KB
94 KB 6ms
5ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.co/js/live/desktop-footer-6699d41005.js
Requested by: Host: static.dafiti.com.co
URL: https://static.dafiti.com.co/js/live/control-a3d74937f4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: 346b1cd1ac8dc72559d6db756ac610651fbf3486f311bd3f8382676abd751ca8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
last-modified: Tue, 12 Dec 2023 14:39:31 GMT
server: nginx
etag: W/"657870a3-51a57"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Wed, 11 Dec 2024 15:00:32 GMT

GET
H2 200 icn_dafiti_mobile.jpg
static.dafiti.com.co/cms/Layover/mobile/ 1 KB
2 KB 6ms
5ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dafiti.com.co/cms/Layover/mobile/icn_dafiti_mobile.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: f6598e2b8722563e8ab81b2e1bdf01223822c1f5d28d8f08e415f17688776c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
server: Azion IMS
x-original-image-size: 2712
etag: "8598a31493d4923f282730557da65b76361f8168"
vary: Accept, User-Agent
content-type: image/webp
x-ims: Enabled
content-length: 1488
expires: Fri, 17 Nov 2023 15:57:43 GMT

GET
H2 200 24a92dbf25a68__cenro-dzeo.png
cdn.dynamicyield.com/api/8767770/images/ 11 KB
11 KB 412ms
412ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/24a92dbf25a68__cenro-dzeo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

47b1d446e17718dc5bddbf37824374b5474c1cbeb5a2bfcbac0be7ef86351af1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Fri, 06 Oct 2023 17:17:53 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "18862d2c1c2d6830141984f9a0f4e2ed"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 10770
x-amz-cf-id: KI3yhU3l9jBdxwREaUR6K3IHK5rUg7zahwubyOv4JRTncbLFZtangw==

GET
H2 200 Poppins-Regular.ttf
static.dafiti.com.co/fonts/poppins/ 155 KB
77 KB 6ms
6ms Font
application/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.co/fonts/poppins/Poppins-Regular.ttf
Requested by: Host: static.dafiti.com.co
URL: https://static.dafiti.com.co/css/live/desktop-86f00e5ab7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: 707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a

Request headers

Referer: https://static.dafiti.com.co/css/live/desktop-86f00e5ab7.css
Origin: https://www.dafiti.com.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 15:19:03 GMT
server: nginx
etag: W/"654ba6e7-26a20"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 15 Nov 2024 15:49:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,500;0,600;1,100;1,200;1,300;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dafiti.com.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:01:24 GMT
x-content-type-options: nosniff
age: 581701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 09:01:24 GMT

GET
H2 200 1c75937c87d93__fem_desktop.png
cdn.dynamicyield.com/api/8767770/images/ 801 KB
803 KB 443ms
442ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/1c75937c87d93__fem_desktop.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

83d50316766e200bdb52677b5f0718b164aa097563a725585ec89428ba9cdc89

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Thu, 07 Dec 2023 18:11:29 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "b1311c81c40e46f834b2a58f7dcbbdaf"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 820035
x-amz-cf-id: p87r8XqWy6KRI9xFDZD9Qr8_2vorfSs3JkTIss6OOptBL3MS1L-S1A==

GET
H2 200 20654ccd4c092__male_desktop.png
cdn.dynamicyield.com/api/8767770/images/ 609 KB
610 KB 417ms
415ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/20654ccd4c092__male_desktop.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

b00e7845ea05321197df168471efb0d49e0ae72556e5d9f326e662279fd907e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Thu, 07 Dec 2023 18:11:41 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "0a64a25d320ef996fb333b2839c4e496"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 623310
x-amz-cf-id: wQXkZTr0Uv-jyoPc_5mbq4H1_d7xllPt-_o9Pg3Um_zFm9W2mfUn9g==

GET
H2 200 2c09c69f050e2__sneakers.png
cdn.dynamicyield.com/api/8767770/images/ 260 KB
261 KB 466ms
466ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/2c09c69f050e2__sneakers.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

13bb968402cd6e9d631c9bbb9e2b474601d5422d3c3305bdcbc9d50814e803e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Tue, 26 Sep 2023 17:45:43 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "e6ed7295eea52b5a0b3957f2016bf896"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 266630
x-amz-cf-id: Oq_mde-o6VQYU3q-RFBLErG_Xh3RQIXNXnn-fHb_cZCwX4cEai8tyQ==

GET
H2 200 9707a709718__kids_btb.png
cdn.dynamicyield.com/api/8767770/images/ 161 KB
161 KB 427ms
426ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/9707a709718__kids_btb.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

c812e171dbd2962761ef514f7dbc63c6b4cf7b94c1bb610d1ba085bb899abc7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Mon, 02 Oct 2023 16:41:30 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "90d1178555a2ed66161feb4f6d7be88a"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 164412
x-amz-cf-id: JF1w__o5xfvPNTDwe2g6Gny-Z4Q2lgKmFudGrIpNfEakaWZ2JFpMMA==

GET
H2 200 174660b3e6362__fanaticos.png
cdn.dynamicyield.com/api/8767770/images/ 173 KB
174 KB 417ms
417ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/174660b3e6362__fanaticos.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

10ee80decb15be26a4b8e05da63c68fa0a83abf237e0cbc64b17417478ca84b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Tue, 26 Sep 2023 17:45:15 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "e62ee269b351f3ff042ad6ae75d4de3c"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 176746
x-amz-cf-id: raZThgrdCd8HpaXNVBiGDB6Cl4Oq3PDdOQgKRahv1CEJuPOZZetToQ==

GET
H2 200 3686964df9e99__performance.png
cdn.dynamicyield.com/api/8767770/images/ 2 KB
3 KB 410ms
409ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/3686964df9e99__performance.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

860832082dfad377dc30188b5398b166b655b9e256c2c464d18e6811ee41d1e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Wed, 18 Aug 2021 00:38:07 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "178c7f3c4a5e768a3826f923df2e0f46"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 1882
x-amz-cf-id: seDGQiIjmbG-pZz4SjlRnjLFJGev3HpPNaLBHIh43PmlQttqXhIkGQ==

GET
H2 200 b1ef570f15ba__skechers.png
cdn.dynamicyield.com/api/8767770/images/ 2 KB
3 KB 421ms
420ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/b1ef570f15ba__skechers.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

5f8dbde334302fd0e6e3c5b9fd32fcedbab30cf73f84917cd1b7e68dcd62a937

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Wed, 18 Aug 2021 00:34:24 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "dd6afa19ba05b3cca6a330cbc22c9f7a"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 2066
x-amz-cf-id: EqLkoR5GC5jtMcormsBoeswfuIY4Og9XhoBvmkN6YPi9awH9QAsBnw==

GET
H2 200 1a3897ff81248__royalcounty_logo.png
cdn.dynamicyield.com/api/8767770/images/ 4 KB
5 KB 426ms
425ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/1a3897ff81248__royalcounty_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

2b031cfc79c145a7a44104257e4a8e1eef8950e35030026d34d2db03e32243a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Tue, 02 Aug 2022 20:36:24 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "9e02532f2b6b31975021e7c14ea5c68f"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 4300
x-amz-cf-id: nKcEWPksBD8si_zYQDr2QudPsy00dIi68q5KBLEi3m1pFgW6N8eLdw==

GET
H2 200 307da4ffdf1b8__levis.png
cdn.dynamicyield.com/api/8767770/images/ 2 KB
2 KB 420ms
419ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/307da4ffdf1b8__levis.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

a5e07dfacc8a2b0fdbfa4f83052db6f26f4fafb8add925339adeadb34ec24082

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Wed, 18 Aug 2021 00:58:51 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "71e1660c1542f092024ec4a35599e014"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 1716
x-amz-cf-id: BHdRZOdK91xAgiTo7-8ugy3ItHaqEZ-wVhI89kfOOY1pCkH1d0Ns6g==

GET
H2 200 2fb46d9ead305__nike.png
cdn.dynamicyield.com/api/8767770/images/ 2 KB
2 KB 425ms
424ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/2fb46d9ead305__nike.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

c2eeeab125e267564f79d8007d510ba102f76bde2a32f83cb6fd1637965612fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Wed, 18 Aug 2021 00:38:21 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "335c2c3598d4aafcbc3d174cc55bb46d"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 1688
x-amz-cf-id: zOJxHKBxj0-mIEcqg667uBDVd3n0GkjKvQnBjAN96D9a4b9d4VRxUg==

GET
H2 200 1d48ca3c8480a__reebok.png
cdn.dynamicyield.com/api/8767770/images/ 2 KB
3 KB 430ms
429ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/1d48ca3c8480a__reebok.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

dabdd6f975687d917357a4b34673292b9d18ce949c49f72b6e49594facaa7e5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Wed, 18 Aug 2021 00:59:41 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "cff2dc18d714620bd24db6b3a31e8ac4"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 2016
x-amz-cf-id: tq3nVttCmdYYJviVPdLtXCi8q0vEHsHqrjRKcgyOmaGLQH00I0Bn3Q==

GET
H2 200 2c32a50712eeb__gap.png
cdn.dynamicyield.com/api/8767770/images/ 3 KB
3 KB 409ms
408ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/2c32a50712eeb__gap.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

4ded95156e0defad04f29ae2de8bcfcbac77722873b6c29b02249f8e23272ae4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Fri, 11 Nov 2022 13:41:16 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "66ed60b0bca2a291c8e85184d2a5113e"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 2588
x-amz-cf-id: oERh4wl0O4SNlC7wVEcg7NbWFtW79TNxvlXjft7AxpjKoCPit-si8A==

GET
H2 200 b9bd2cbf7b5f__footer_cambios_gris.png
cdn.dynamicyield.com/api/8767770/images/ 9 KB
10 KB 419ms
418ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/b9bd2cbf7b5f__footer_cambios_gris.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

25b0b97adf86573d0847bb1b44df7e4b64f5c32b3708a3f48a25a8a3b57c5022

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Tue, 02 Nov 2021 15:48:19 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "8e112adf014e947d57dbf86cd90e722c"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 9522
x-amz-cf-id: LKlxmV6T3mEVq-7z98oNH9ac3W8nwkQQqhP645kkD1pTqZ6pjKvHxg==

GET
H2 200 83da4c34d160__footer_cambios_gris.png
cdn.dynamicyield.com/api/8767770/images/ 9 KB
10 KB 426ms
425ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/83da4c34d160__footer_cambios_gris.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

25b0b97adf86573d0847bb1b44df7e4b64f5c32b3708a3f48a25a8a3b57c5022

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Tue, 02 Nov 2021 15:48:22 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "8e112adf014e947d57dbf86cd90e722c"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 9522
x-amz-cf-id: wL1r6mNlP0wsXlSFhOTNgD8rOzDw5Fd6deyBhtO5ESvXDUva0TXYCA==

GET
H2 200 e5d0f5146da3__footer_servicios_gris.png
cdn.dynamicyield.com/api/8767770/images/ 11 KB
11 KB 416ms
415ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/e5d0f5146da3__footer_servicios_gris.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

6a673500a8f421015680d4388568def5cb3896e7473d28283fe11261d3073722

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Tue, 02 Nov 2021 15:48:34 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "68ec5b437c79846eb6a5bae9a55aba4b"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 10947
x-amz-cf-id: smJbvuSo19T3dsoBnc4IDHwRgJLFZbhGWdMNXIU9GJq9Xrbva6DKlA==

GET
H2 200 355bab2968014__footer_servicios_gris.png
cdn.dynamicyield.com/api/8767770/images/ 11 KB
11 KB 429ms
428ms Image
image/png 2600:9000:2315:b600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.dynamicyield.com/api/8767770/images/355bab2968014__footer_servicios_gris.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DYCDN /

Resource Hash

6a673500a8f421015680d4388568def5cb3896e7473d28283fe11261d3073722

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src 'none'; style-src 'self'; media-src 'self'; object-src 'none'; sandbox;
last-modified: Tue, 02 Nov 2021 15:48:39 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
etag: "68ec5b437c79846eb6a5bae9a55aba4b"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
content-length: 10947
x-amz-cf-id: O7C47zla3bPrmxooX4tKdSDSvZDn7SGRXn56cxTK2eL5yHHXYMUi4w==

POST
H2 200 batch
async-px.dynamicyield.com/ 0
383 B 104ms
104ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1702953385497_999720
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: pW_ulwgpCZM8HdcyNF1yxesXlTx8eSRvDJGAgYjisMxin-CfC_EAvw==
expires: 0

GET
H2 200 4112a7e5.js Show response
cjs.ptengine.com/ 245 KB
60 KB 669ms
669ms Script
application/javascript 2600:9000:2440:3a00:15:14c9:5c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cjs.ptengine.com/4112a7e5.js
Requested by: Host: cjs.ptengine.com
URL: https://cjs.ptengine.com/pta_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:3a00:15:14c9:5c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5ee5d49afaf261b06c55455fa3cc5bdffd24dce67258c2e2d38a62387670652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:27 GMT
content-encoding: gzip
via: 1.1 029240073e9896e5a27397d88f3dcfc2.cloudfront.net (CloudFront)
x-amz-version-id: VzuaIMUhJZvTEfUzlmxMIyeM3NTDRO4p
last-modified: Mon, 18 Dec 2023 15:16:08 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P3
x-amz-server-side-encryption: AES256
etag: W/"e12b0b271958edb98a6ef4b2c8336d1a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0dtk5Y3YVWr5tvcDVya45XsojE5xlxj11XPoQjUwh55v8TJvzUNvCg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HHB6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 01:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2891
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 19 Dec 2023 03:48:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2MJMQ15YLT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HHB6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31e9e8e99d6c6165cfa2ed38ec9a4e1ed85b9bed4213b2a91623f74e0e314599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79918
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 02:36:25 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998754738/ 3 KB
2 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998754738/?random=1702953385535&cv=11&fst=1702953385535&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6125902&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.dafiti.com.co%2F&hn=www.googleadservices.com&frm=0&tiba=dafiti%20Colombia%20%7C%20Moda%20Online%20-%20zapatos%2C%20ropa%20y%20accesorios&auid=1821598447.1702953386&uamb=0&uaw=0&data=ecomm_pagetype%3Dhome%3BpageName%3DHome&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HHB6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d00377efd7963e7fd6b764c23ae9b1d9968c55eb03e69951114884c871c62d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-1793197.js Show response
static.hotjar.com/c/ 11 KB
5 KB 69ms
45ms Script
application/javascript 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1793197.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HHB6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-94.dus51.r.cloudfront.net

Software

Resource Hash

4099be53965b081dcb3c8265fe12f23af06f086383215545e928962ea0d11097

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: W/58316c9488f38a30e456dc89ce41c542
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: i78YBcT506LzVe3KtSsPRvCzPXfuUvgzHMjlaX2hzc0EZNOpYc301Q==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 46ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HHB6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 19 Dec 2023 02:36:25 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B12639C3321B4ACD98708D7904CB5CB8 Ref B: FRA31EDGE0212 Ref C: 2023-12-19T02:36:25Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 128ms
106ms Script
application/javascript 2.23.209.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CF3A8NRC77U110MJMFJ0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HHB6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-35.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 547c2e2900c87032f1dc7970437cfa747e8ca7cc32152a601e834a80f96a8de7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 22992c5c.2e576c56
date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231219023625979944217C22721A7E5B-2DD9B115D5EC24A0-00
x-cache: TCP_MISS from a23-62-213-99.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 94,23.62.213.99
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=7, inner; dur=3
content-length: 1736
pragma: no-cache
server: nginx
x-tt-logid: 20231219023625979944217C22721A7E5B
x-cache-remote: TCP_MISS from a66-198-8-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,66.198.8.124
x-tt-trace-host: 01ca5754d83224ad6ee886f811f65003088692969012431dc124328a3f99cf56dfe5f0d137abd86b7a860378780065e3c1cf6be7f473f9bf13c5d9d806a20b7585d724594ebf73fee21f78b1e471e70c7c2b25830ecd6b4dcc8a02753703bdccd19059fbb907970a746420ee5573314041
expires: Tue, 19 Dec 2023 02:36:25 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 89 KB
29 KB 70ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99d4aa81e65880a9034b20fbc9d8b003db458ce49891c802a2d4f123f582eea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29108
x-xss-protection: 0
server: cafe
etag: 447 / 19710 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 02:36:25 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 46ms
23ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HHB6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1891
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 837c4203cbb91919-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Dec 2023 02:36:25 GMT

GET
H/1.1 200
OK wurfl.js Show response
wurfl.io/ 4 KB
2 KB 135ms
32ms Script
application/javascript 52.212.237.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wurfl.io/wurfl.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HHB6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.237.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-237-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d83dca202a4e9e03f699c025878763187e6fe4c79553bab5022474c03b65b5be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 02:36:25 GMT
Content-Encoding: br
Accept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
Cross-Origin-Opener-Policy: cross-origin
Cross-Origin-Embedder-Policy: cross-origin
Vary: accept-encoding, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version
Content-Type: application/javascript
Cache-Control: no-cache
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1443

GET
H2 200 lc.js Show response
static.dafiti.com.br/dist/mkt/track/ 4 KB
2 KB 1078ms
7ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dafiti.com.br/dist/mkt/track/lc.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HHB6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx /
Resource Hash: 89ddd9c116e6fbefbe6a870ce0a105add7ba4562b968228514f8a2c93288a895

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: gzip
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Mon, 28 Aug 2023 19:04:59 GMT
server: nginx
x-amz-cf-pop: FRA2-C1
etag: W/"d50278af38209e3b341c9b91f779fe42"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
content-length: 1244
x-amz-cf-id: X8HyQjOFb-4KW3XdC6L3Nurfd56FERgxCiy3GSe87iMbjBPb91Wuag==
expires: Thu, 18 Jan 2024 02:36:26 GMT

GET
H2 200 dbHfLLzNJzzUn3Ibqx7K.js Show response
tags.creativecdn.com/ 4 KB
2 KB 48ms
6ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/dbHfLLzNJzzUn3Ibqx7K.js
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
x-age-lb: 20515
x-guploader-uploadid: ABPtcPrYjOTEiwEbCHOr3ywXav3E2n2HCO2IzzQbCHMdTLl3ezr1nvtN1QrhhxVTBdOKbt2lvGVwX5NKFw
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-accel-date: 1702932870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt: ApySIYg3NzfeI1AAANRmOJw3Nzf/sAAAAA
x-accel-expires: @1702956746
x-77-age: 20691
x-cache-lb: REVALIDATED
last-modified: Tue, 20 Sep 2022 08:42:47 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: f6587a1dc3641f7da90181652cf7a922
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1663663367641224
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Mon, 20 Nov 2023 21:47:14 GMT

GET
H2

200

cm
ash.creativecdn.com/adx/
Redirect Chain

https://us.creativecdn.com/tags?type=img&id0=pr_dbHfLLzNJzzUn3Ibqx7K_uid_&id=pr_dbHfLLzNJzzUn3Ibqx7K_home&su=https%3A%2F%2Fwww.dafiti.com.co%2F%3Fsr%3D&ts=1702953385537&gtmcb=1508128302
https://us.creativecdn.com/tags?type=img&id0=pr_dbHfLLzNJzzUn3Ibqx7K_uid_&id=pr_dbHfLLzNJzzUn3Ibqx7K_home&su=https%3A%2F%2Fwww.dafiti.com.co%2F%3Fsr%3D&ts=1702953385537&gtmcb=1508128302&tc=1
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=6KAUwwEtn07C-CcFFgx6dWBLaBiShUZ5l19owxkaN-8&pi=adx&tdc=ash
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&google_gid=CAESEDZO6WkEWAmMwcbH0YSgAws&google_cver=1&google_ula=5153224,0
https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&google_gid=CAESEDZO6WkEWAmMwcbH0YSgAws&google_cver=1&google_ula=5153224,0

42 B
243 B

98ms
92ms

Image
image/gif

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&google_gid=CAESEDZO6WkEWAmMwcbH0YSgAws&google_cver=1&google_ula=5153224,0
Protocol: H2
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT, Tue, 19 Dec 2023 02:36:26 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&google_gid=CAESEDZO6WkEWAmMwcbH0YSgAws&google_cver=1&google_ula=5153224,0
date: Tue, 19 Dec 2023 02:36:26 GMT
content-length: 0

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://us.creativecdn.com/tags?type=img&id=pr_dbHfLLzNJzzUn3Ibqx7K&id=pr_dbHfLLzNJzzUn3Ibqx7K_uid_&su=https%3A%2F%2Fwww.dafiti.com.co%2F%3Fsr%3D&ts=1702953385541
https://us.creativecdn.com/tags?type=img&id=pr_dbHfLLzNJzzUn3Ibqx7K&id=pr_dbHfLLzNJzzUn3Ibqx7K_uid_&su=https%3A%2F%2Fwww.dafiti.com.co%2F%3Fsr%3D&ts=1702953385541&tc=1
https://ib.adnxs.com/setuid?entity=315&code=6KAUwwEtn07C-CcFFgx6dWBLaBiShUZ5l19owxkaN-8
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D6KAUwwEtn07C-CcFFgx6dWBLaBiShUZ5l19owxkaN-8

43 B
914 B

13ms
13ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D6KAUwwEtn07C-CcFFgx6dWBLaBiShUZ5l19owxkaN-8

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
an-x-request-uuid: c99a9faa-1524-4808-a9eb-340e307a1192
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
an-x-request-uuid: 573f654b-7ecd-4dcf-9ebb-f2d29707e538
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D6KAUwwEtn07C-CcFFgx6dWBLaBiShUZ5l19owxkaN-8
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 19 Dec 2023 02:36:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: hbFNw+9T/TavN0peenk9SdDY6YDH7PoeT5HpfA/TfGPPwkC6Cm6qA4duS6yU9+CsXOIN1bUCww8zHzUsUQ4sqg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 dpx
async-px.dynamicyield.com/ 0
383 B 107ms
107ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: edl9cmP31OdcFejIv7THEckFNDqybkCF-D1OMVWzuZn27mrH72XBvg==
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2MJMQ15YLT&gtm=45je3bt0v9162041016z86125902&_p=1702953385419&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=122775227.1702953386&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=ecommerce%20-%20home&dl=https%3A%2F%2Fwww.dafiti.com.co%2F&dp=%2F&sid=1702953385&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=2&ep.buyer_type=logged%20out&tfd=13441
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2MJMQ15YLT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dafiti.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 20ms
17ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2MJMQ15YLT&cid=122775227.1702953386&gtm=45je3bt0v9162041016z86125902&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2MJMQ15YLT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dafiti.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2MJMQ15YLT&cid=122775227.1702953386&gtm=45je3bt0v9162041016z86125902&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=778466195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/998754738/ 42 B
455 B 38ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998754738/?random=1702953385535&cv=11&fst=1702951200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6125902&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.dafiti.com.co%2F&frm=0&tiba=dafiti%20Colombia%20%7C%20Moda%20Online%20-%20zapatos%2C%20ropa%20y%20accesorios&data=ecomm_pagetype%3Dhome%3BpageName%3DHome&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_72ZtQCih00ceGzSyzytJGyupysovkQ&random=933368813&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/998754738/ 42 B
154 B 22ms
22ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998754738/?random=1702953385535&cv=11&fst=1702951200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v6125902&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.dafiti.com.co%2F&frm=0&tiba=dafiti%20Colombia%20%7C%20Moda%20Online%20-%20zapatos%2C%20ropa%20y%20accesorios&data=ecomm_pagetype%3Dhome%3BpageName%3DHome&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_72ZtQCih00ceGzSyzytJGyupysovkQ&random=933368813&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 20ms
20ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1890
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 837c4203fbd41919-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Dec 2023 02:36:25 GMT

GET
H2 204 4022374.js Show response
bat.bing.com/p/action/ 0
116 B 33ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4022374.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 19 Dec 2023 02:36:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC690546C8D24C59A087F4A0D0A2C002 Ref B: FRA31EDGE0212 Ref C: 2023-12-19T02:36:25Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 83ms
83ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4022374&Ver=2&mid=eb4c8a74-12ea-4573-9930-9585fd429e5b&sid=67ada5609e1711eea16f7fecbe2743c0&vid=67ad9d309e1711eebd1579ab8eb05c6f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=dafiti%20Colombia%20%7C%20Moda%20Online%20-%20zapatos,%20ropa%20y%20accesorios&p=https%3A%2F%2Fwww.dafiti.com.co%2F&r=&lt=13252&evt=pageLoad&sv=1&rn=589738

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 02:36:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 39633E64E65A419D93AE5C4FBAB07031 Ref B: FRA31EDGE0212 Ref C: 2023-12-19T02:36:25Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 19 Dec 2023 03:33:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 24ms
24ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2082839859&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dafiti.com.co%2F&dp=https%3A%2F%2Fwww.dafiti.com.co%2F&ul=en-us&de=UTF-8&dt=dafiti%20Colombia%20%7C%20Moda%20Online%20-%20zapatos%2C%20ropa%20y%20accesorios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEIJAAAAACgEK~&jid=307650176&gjid=1260487883&cid=122775227.1702953386&tid=UA-30747187-1&_gid=615907393.1702953386&_slc=1&gtm=45He3bt0n51HHB6v6125902&cg1=home&cd4=&cd5=&cd6=2023-12-19T03%3A36%3A25.528%2B01%3A00&cd7=&cd8=1702953385528.fgtc3b8h&cd9=No&cd10=false&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd11=122775227.1702953386&z=864025239

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dafiti.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 49ms
17ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30747187-1&cid=122775227.1702953386&jid=307650176&gjid=1260487883&_gid=615907393.1702953386&_u=YCDAgEIJAAAAAGgEKAC~&z=1127882804

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Dec 2023 02:36:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dafiti.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 batch
async-px.dynamicyield.com/ 0
383 B 289ms
288ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1702953385603_604629
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: NqoX3fObpYZBiwD4TjUT932DcjK7v9lrJp0rZfsPSNnjYKqsgs2DjA==
expires: 0

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 277ms
92ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.dafiti.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.dafiti.com.co
access-control-max-age: 3600
content-length: 0
date: Tue, 19 Dec 2023 02:36:25 GMT
vary: Origin

POST
H2 200 v2 Show response
us.creativecdn.com/tags/ 452 B
840 B 94ms
94ms Fetch
application/json 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: 42383ecc5514f791bdc563f843d87b4a3d513bc902a642810638943d7358c339

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT, Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.dafiti.com.co
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 340
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 modules.f8398e1fcf749800c3fc.js Show response
script.hotjar.com/ 220 KB
55 KB 26ms
7ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1793197.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 12:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 397999
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55732
last-modified: Thu, 14 Dec 2023 12:02:27 GMT
etag: "ce5f5f2327c7562166cfcaad455b7a17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: aV-LtlAHwO5QAjJMONEcCA1ZcSHtbXRBY9ikhqRbFmEh9Q9ferSvUA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2082839859&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.dafiti.com.co%2F&ul=en-us&de=UTF-8&dt=dafiti%20Colombia%20%7C%20Moda%20Online%20-%20zapatos%2C%20ropa%20y%20accesorios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=promotionImpression&el=_&_u=aCDAAEIJAAAAAGgMKAC~&jid=376062460&gjid=2057875395&cid=122775227.1702953386&tid=UA-30747187-1&_gid=615907393.1702953386&_r=1&cg1=home&cg4=Home&cd1=&cd3=Home&cd4=&cd5=&cd6=2023-12-19T03%3A36%3A25.544%2B01%3A00&cd8=1702953385544.zgphjra&cd9=No&promo1id=EnvioTransporte&promo1nm=EnvioTransporte&promo1ps=HomeGeneral_InfoEspecial&promo2id=CambiosyDevoluciones&promo2nm=CambiosyDevoluciones&promo2ps=HomeGeneral_InfoEspecial&promo3id=8262_BRANDING%20SHOES&promo3nm=8262_BRANDING%20SHOES&promo3ps=Home_Comercial&promo4id=_&promo4nm=_&promo4ps=HomeHome_Fillet&z=325681487

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dafiti.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/e57a860f-b6a2-436a-964f-66bfa5b047ed/ 3 KB
2 KB 65ms
58ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/e57a860f-b6a2-436a-964f-66bfa5b047ed/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be9066e7f3450edabb3588bb75e0f5de43b55a95f8e316b59e682ac03019006

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3e20acad-3c99-426a-89f4-466dffa0c34c
x-runtime: 0.027250
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"0be9066e7f3450edabb3588bb75e0f5d"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 837c42043bf21919-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 19 Dec 2023 03:36:25 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 22:13:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15768
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 17 Dec 2024 22:13:37 GMT

GET
H2 200 1403478043249467 Show response
connect.facebook.net/signals/config/ 142 KB
37 KB 74ms
74ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1403478043249467?v=2.9.138&r=stable&domain=www.dafiti.com.co

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a0813eb9bd64857720e968fb593073b2a1a9ad0e859cc95da3c106406c9aaac6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 19 Dec 2023 02:36:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vSX0PO0b20NXvXXVWMxI3uVCYbOjg2IPZIxdVMFU0/lNV4XqoYTF83gnEWufgZ9Nk6OVge2qA7VvyjSjxRf9kA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 17ms
17ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30747187-1&cid=122775227.1702953386&jid=376062460&gjid=2057875395&_gid=615907393.1702953386&_u=aCDAAEIJAAAAAGgMKAC~&z=1254034508

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Dec 2023 02:36:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dafiti.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30747187-1&cid=122775227.1702953386&jid=307650176&_u=YCDAgEIJAAAAAGgEKAC~&z=1613883088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30747187-1&cid=122775227.1702953386&jid=307650176&_u=YCDAgEIJAAAAAGgEKAC~&z=1613883088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 1793197 Show response
vc.hotjar.io/sessions/ 0
258 B 60ms
34ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1793197?s=0.25&r=0.017246123402576252
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: Bj0IorQz_UuYgmmESPqwWrBznI7Nb-CEMFc9EhnrqasbmSKNrvu0BA==

GET
H2 200 preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js Show response
script.hotjar.com/ 190 KB
42 KB 7ms
7ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2282958
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 42783
last-modified: Wed, 22 Nov 2023 16:26:24 GMT
etag: "238d00d7f9c895e9f37ab6355e0076c2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: rjo86R0G9QKtVU_ZgSuDtD-lT-QcxhC-i8LkmwjLCU5qmZ4cgdM_cw==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
17ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30747187-1&cid=122775227.1702953386&jid=376062460&_u=aCDAAEIJAAAAAGgMKAC~&z=918281741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30747187-1&cid=122775227.1702953386&jid=376062460&_u=aCDAAEIJAAAAAGgMKAC~&z=918281741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 10ms
10ms Script
application/javascript 2.23.209.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CF3A8NRC77U110MJMFJ0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-35.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 2e576e19
date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073130B449FB1941D1CD01820C
vary: Accept-Encoding
x-cache: TCP_HIT from a23-62-213-99.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0111813c96d4b2ce2acadb0628bda1b4d9b12f1f3b00f3f65ef1383bf10ac09bbebab174ca3d82fba33f6aefd8fc6591dfb3adf3b7cca08d5bd79f407d1558152d7674e4a4c806a5fcbfb98e68762d5b4b5ea099724811fdbfadc62e776d69def2
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 108332

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 48ms
23ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HHB6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Oct 2023 15:11:46 GMT
server: nginx
etag: W/"652569b2-b614"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 02:36:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 20ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1403478043249467&ev=PageView&dl=https%3A%2F%2Fwww.dafiti.com.co%2F&rl=&if=false&ts=1702953385751&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1702953385750.586025185&hmd=0ade22fe1a992f191d8a5307&pl=https%3A%2F%2Fwww.dafiti.com.co%2F&ler=empty&it=1702953385639&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 19 Dec 2023 02:36:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1403478043249467&ev=Microdata&dl=https%3A%2F%2Fwww.dafiti.com.co%2F&rl=&if=false&ts=1702953385752&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22dafiti%20Colombia%20%7C%20Moda%20Online%20-%20zapatos%2C%20ropa%20y%20accesorios%22%2C%22meta%3Adescription%22%3A%22Compra%20ropa%2C%20zapatos%20y%20accesorios%20de%20las%20mejores%20marcas%20en%20Dafiti%20Colombia%2C%20tu%20tienda%20de%20moda%20online.%20Pago%20contraentrega.%20%C2%A1Entra%20Ahora!%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22dafiti%20Colombia%20%7C%20Moda%20Online%20-%20zapatos%2C%20ropa%20y%20accesorios%22%2C%22og%3Adescription%22%3A%22Compra%20ropa%2C%20zapatos%20y%20accesorios%20de%20las%20mejores%20marcas%20en%20Dafiti%20Colombia%2C%20tu%20tienda%20de%20moda%20online.%20Pago%20contraentrega.%20%C2%A1Entra%20Ahora!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.dafiti.com.co%2Fimages%2Fdafiti-og-logo.png%22%2C%22og%3Atype%22%3A%22product%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Dafiti%22%2C%22alternateName%22%3A%22Dafiti%20CO%22%2C%22url%22%3A%22https%3A%2F%2Fwww.dafiti.com.co%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.dafiti.com.co%2Fcatalog%2F%3Fq%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.2.1702953385750.586025185&hmd=0ade22fe1a992f191d8a5307&pl=https%3A%2F%2Fwww.dafiti.com.co%2F&ler=empty&it=1702953385639&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 19 Dec 2023 02:36:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 font-hotjar_5.65042d.woff2
script.hotjar.com/ 2 KB
3 KB 20ms
7ms Font
font/woff2 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/font-hotjar_5.65042d.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dafiti.com.co/
Origin: https://www.dafiti.com.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 9341225
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 01 Sep 2023 09:38:54 GMT
etag: "c9fb9163f8b7be37023ebe649688bebf"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: none
x-amz-cf-id: h7atV6pxQJr9f-Dbk5SHyLENEJPKoUVsRM4y-K8HeeBfAMh5gPgVsw==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 178 KB
32 KB 342ms
341ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1322168891264652&correlator=1071511986427684&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=153718744%2CDAFITI_HOME&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702953385801&lmt=1702953385&adxs=436%2C330%2C650%2C970&adys=2324%2C2263%2C2263%2C2263&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.dafiti.com.co%2F&vis=1&psz=1600x41%7C320x0%7C320x0%7C300x0&msz=1600x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=122775227.1702953386&ga_sid=1702953386&ga_hid=2082839859&ga_fc=true&dlt=1702953383696&idt=2083&adks=743288500%2C2204743558%2C2204743557%2C2204743556&frm=20

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c1ff62646b3fb6a250c66e841cd3c1a3a0f687d632b8aa4df03373048660091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32424
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dafiti.com.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 77ms
56ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8df638b5be0aa6d24b119ee7f0d4b7928baf01614c7653a3f70852db7f2a4004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12117
x-xss-protection: 0

GET
H2 200 container.html Show response
4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 38FC 6 KB
3 KB 62ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dafiti.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:25 GMT
expires: Wed, 18 Dec 2024 02:36:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 10ms
10ms Script
application/javascript 2.23.209.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-35.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 2e576f04
date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073130B449FB1941D1CD018233
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-62-213-99.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0111813c96d4b2ce2acadb0628bda1b4d9b12f1f3b00f3f65ef1383bf10ac09bbebab174ca3d82fba33f6aefd8fc6591dfd35023cd03fd79cf739de019b27ef7dbe81192777d95726322be5e877e4b6a73cd982cc517a9d9c92c5bb431791dec2c
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 36090

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
962 B 150ms
115ms Ping
text/plain 2.16.62.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.62.104 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-62-104.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 974bef8.1582fd7
date: Tue, 19 Dec 2023 02:36:26 GMT
x-bytefaas-request-id: 202312190236258D13A81ADD6CBD6D6F59
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312190236258D13A81ADD6CBD6D6F59-6E390444C1F36172-00
x-cache: TCP_MISS from a2-16-62-100.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-parent-response-time: 106,2.16.62.100
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=16, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312190236258D13A81ADD6CBD6D6F59
x-cache-remote: TCP_MISS from a23-36-67-229.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.17
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01ca5754d83224ad6ee886f811f6500308e3edb3e9d0b59fc26a8e9921021976d285441560ce6a111142fb48d745473c936719d03c8e4a9471b8834fc24bfa0e798dbe4477d4b3d08ef69352c5316b9ba68116fe1bd77b3a2631e22ececc53c814d80e6eb850230d6fb808a95c34c31a90
x-origin-response-time: 16,23.36.67.229
access-control-allow-headers: *
expires: Tue, 19 Dec 2023 02:36:26 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
843 B 173ms
173ms Ping
text/plain 2.23.209.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-35.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a69f781.2e576f4a
date: Tue, 19 Dec 2023 02:36:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231219023625D4C3F89BF7AF3A783899-269AA3D59B7C29E1-00
x-cache: TCP_MISS from a23-62-213-99.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 155,23.62.213.99
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=70, inner; dur=39
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231219023625D4C3F89BF7AF3A783899
x-cache-remote: TCP_MISS from a23-221-225-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 71,23.221.225.108
x-tt-trace-host: 01ca5754d83224ad6ee886f811f65003084c410c0a2310f3fd2d21c37b42223c09236312ee546d74a1e74a72355520b5be5edec725426f7884eda074461718adda98bf920e9da819df61be9d2bfecd6c0efaeba04b17cf77b18e916d39f40693afe87f7e9b8834ad0b231c49b368dddb88
access-control-allow-headers: Authorization,*
expires: Tue, 19 Dec 2023 02:36:26 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 02:36:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2152 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dafiti.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 22:13:40 GMT
expires: Tue, 17 Dec 2024 22:13:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 58BB 829 B
558 B 18ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a09661fd8abbda645d03748af2a287b3175bb9ab1c62f69c3942463a51292e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ywnICgPZMhrkhsEknrsl2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dafiti.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ywnICgPZMhrkhsEknrsl2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:25 GMT
expires: Tue, 19 Dec 2023 02:36:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2152 39 KB
15 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 22:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Dec 2024 22:13:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 58BB 0
0 43ms
41ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1322168891264652&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ig-membership Show response
us.creativecdn.com/ Frame 78E2 2 KB
760 B 92ms
91ms Document
text/html 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/ig-membership?ntk=pNB9u-jL0BKwpMkVKMA0eUbRuI8XPSbAZ1WEi9VJv1h5LoJ9E1KauXvGhoFbzJQql9gSEOsdtnOo1QF1QPUYwrfUlnU_AhX9aJJiaAt6Wi4
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/dbHfLLzNJzzUn3Ibqx7K.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: 6e8589ce90ab754f06eb4152be861976740c14bc5d9233b8be65aac89b4a7463

Request headers

Referer: https://www.dafiti.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 572
content-type: text/html;charset=utf-8
date: Tue, 19 Dec 2023 02:36:26 GMT Tue, 19 Dec 2023 02:36:26 GMT
expires: Wed, 20 Dec 2023 02:36:26 GMT
vary: Accept-Encoding

GET
H2 200 topics-membership Show response
us.creativecdn.com/ Frame 11C1 943 B
657 B 93ms
93ms Document
text/html 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/topics-membership?ntk=xdXmFyNwZqGjehNpCWXO9M2AJso7bIrh81OmtdDbnEgQV6utgKj3qr8ZPLxxUz6uLcyZEOATCryUCJ88NlVRRQ
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/dbHfLLzNJzzUn3Ibqx7K.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: 827ddacee09879c49013f6b637b3d594bebbe4723419028bc41bb8b6f6fedbc0

Request headers

Referer: https://www.dafiti.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 469
content-type: text/html;charset=utf-8
date: Tue, 19 Dec 2023 02:36:26 GMT Tue, 19 Dec 2023 02:36:26 GMT
expires: Wed, 20 Dec 2023 02:36:26 GMT
vary: Accept-Encoding

GET
H2 200 fetch.pix
rt.udmserve.net/udm/ 43 B
473 B 224ms
203ms Image
image/gif 35.190.29.52
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt.udmserve.net/udm/fetch.pix?rtbh=6KAUwwEtn07C-CcFFgx6dWBLaBiShUZ5l19owxkaN-8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.29.52 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 52.29.190.35.bc.googleusercontent.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cache-control: max-age=43200
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2152 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Hu1v6A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
843 B 136ms
136ms Ping
text/plain 2.23.209.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-35.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 296ec833.2e577156
date: Tue, 19 Dec 2023 02:36:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312190236261668B3DFF3855A506819-3AC9DE2CD41074B3-00
x-cache: TCP_MISS from a23-62-213-99.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 120,23.62.213.99
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=32, inner; dur=29
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312190236261668B3DFF3855A506819
x-cache-remote: TCP_MISS from a104-78-78-110.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,104.78.78.110
x-tt-trace-host: 01ca5754d83224ad6ee886f811f650030872bea8a675ab7b491eee07debe78c2df4a4277573571990b4044bd6ab254703c0a8056ea132e6e59f1ba8532692bb3527069094c55535fd55afd0e322956959cd052ca3297bf570893e731140b5511b2c96bc9e36bdf936374d86d98589e5eee
access-control-allow-headers: Authorization,*
expires: Tue, 19 Dec 2023 02:36:26 GMT

GET
H2 200 container.html Show response
4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E57C 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dafiti.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:25 GMT
expires: Wed, 18 Dec 2024 02:36:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B70 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dafiti.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:25 GMT
expires: Wed, 18 Dec 2024 02:36:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF7D 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dafiti.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:25 GMT
expires: Wed, 18 Dec 2024 02:36:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A8B 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dafiti.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:25 GMT
expires: Wed, 18 Dec 2024 02:36:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4180 2 KB
1 KB 70ms
40ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g6k15ez1f11kvj0c9sbbp1gb8thckcjhwqytf8mnfwqwey0xecneay7b52kbp31s7dmz9j19vfza42sxn2nnv60qzr7v9sbb4gp7q5n66xxzd4qt70hqyz50hctkbkft9frh274ysymdn2hq66eq2wjdb423kk683r8d7brwkw536vg8d7ydcjc81xptb1qjnz65g772apwz1ksmr0p18x68kwj44f6rg8gr0yhgxpxdht6vx8xaahkhsd2yfv5qpcp2q339swa91kb2aknmcjjrmv97c37tcm8w160a0sp0rce3t6jswyqjeyhmgm31gvy09zag10jd2p6m3gnmw3935wg2fg47n7t7d5wqajkvy35akesq3gr829mh59vanhqrdv8my6rkysnafsjhkxv8k300nr8mtvs352h6g821b2v9r6qzckrk7ev250z46dc5kjm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%26num%3D1%26sig%3DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%26client%3Dca-pub-5111069894309966%26adurl%3D

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efffd799eb73c5c5e79e9883791d223ea941acbee00553e38a6a3b33f5e5df98

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837c420818a14d1f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E57C 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 22:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 22:13:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D858 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E57C 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E57C 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuH6QwjxoAvB3-bKol_2VfH5oyBqTV8opx1sNCiJrlDexhPZE9fhYOmLsUgBPwo2IpTWMkflrFUb0JqH1EK3CRh-RinA
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E57C 24 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E57C 203 KB
65 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 02:36:26 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 62CA 2 KB
1 KB 61ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1geen3rb9xdxrxnh6kp0qke7f3atrg7637bwg0mkcyeznc388csayfjcpaknwvbbwj45phqqv4wrfhyfsahk7frs3nerbk963pqwhbkjex4ewvm5qqx34b5ert8hbx5jh3ezze51km9ztedq35cf15dfsxh04fzh5510kwj3mx712dc37j8rc763hg1d4m821pp5tvgrwsjkn4gmh747sn7t6xxhnt7htrf02q0cqmmjc0kjw4red0e80mn24jwneqx8jwrr85yk6188n6e1g087vvhn3xa12nhx21a49q2jmc5f6gbj5dhx94z65dr5n69bvf9nqrz1shh8b046q5y3b26v6x88krhp0xak4zhtq9e9ceg1bee81sdvgchzaqartbh4zbrs7q23ytv3281s9ywfq67td2p11tsgtc4zq7cm855gtjx5gbp2r4sf6nz6n64xaw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%26client%3Dca-pub-5111069894309966%26adurl%3D

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f78fd27853c1b5b63b7cc41bd2beabf645629ffb9c4fe71973ddb68392dae7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837c420818a34d1f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7B70 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 22:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 22:13:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5220 1 KB
643 B 9ms
9ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7B70 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7B70 0
0 18ms
17ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXiCfMo5UBTEOtaKJXjXCBS1x7QTmcBt1NY7yIA-TefTWEVEJnui3-RGj9inNu4x2yETuAutfxxXMiLls4zN8qtIlL9Q
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7B70 24 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B70 203 KB
64 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 02:36:26 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 9E64 2 KB
1 KB 67ms
48ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jnjf8r2s0cbk5w2v8qmn7efc1500vnhbnd28t88c293wy5585q55ptkdc5ah2cab15qeehh9pmag3rxdr6mztz3b6cbjz5zxqdxezmak8gb30g2yymk2cq1d041db2qazd2y9w40knye24xcs0er9yznmx9gx43jdyv035vq55wctt43tdkfnj9cyqqyzm4vb02p9bskbgejwce0t1zdjtaqf30zf18qtcg827km9nztsk32j7xrz519zyw5p37hngtv26v43zbwbrxt80e12n66vr6zr5fp8ex82hhdwph1a6gb4sqjn2crh2ve9sj9g2fs373zwnxpvrne39kf26kx5gm8e13xqwecnmge3x80wk3vbtnajrb6dmpwkwh0j3kmk0v3qh8ktkhnrgyyhw40rersa008ysx7bt02cesdrzfwhpgw3wegsv4s96wyzg3jhw5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%26client%3Dca-pub-5111069894309966%26adurl%3D

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8300edd09667c08a8f5ff999e575e404d1253f7c5a7435dd0e602c164a59ab1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837c4208189f4d1f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EFB7 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 22:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 22:13:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6734 1 KB
643 B 11ms
8ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EFB7 20 KB
8 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EFB7 0
0 18ms
16ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIOSzvMLbmQUJxKMnIXgxvgAxExG60H8eUN7dsWwy6_B_nrnkb9Vzhx8tdGcwGv_a2aKz77TWyNepWp6UoUb9k0adsVQ
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EFB7 24 KB
6 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFB7 203 KB
64 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 02:36:26 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 6F7E 2 KB
3 KB 46ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jajz00a1kjzdbdq7ffetex9mke1z179p2f8mxsbcbm759qfzxrg8yqtqx4fxqxnhwpjec144nyc5b17jg285qg36gk210nxwm5mgp4hvg52kqn1b33zf117sweqxd9nk2pv2z4z5k23edswck7k6v4yz7zpdm214phnfvd2r0xajz84k7btphgh5ahvbj2hw9a83gqs0kbpt4qb1091s5atk69zrm9e19w55s3aga9xwc138qtk9dz4f2d7jf5rzgyvet8mtrn9zmv4axah3py6bn3mn90455yx910zw5cd4b05q4x88sdb7bckvs88vxy0nx18gj8j5nm9gx0m7sywq1zs53x7vn37qepd04fcvq36e1pgx8n1g81651pd9r0ezss14bg60q9r7ex1c3ky2b3vgw5qv7xerw90r6wka40yfsv38td3zn18ykft73x4pcp8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%26client%3Dca-pub-5111069894309966%26adurl%3D

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f509ad600ddc78957fd482c2b0c6d3988035ae381ae060bc22084602dfc49c54

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837c420818a44d1f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B9E6 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 22:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 22:13:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B31C 1 KB
643 B 9ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B9E6 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B9E6 0
0 16ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZlpDV8SjyUIGZ0DLES1orcRzTIQHOXLSq0hgyn76Gy_clGZ1SKUUPKvmy6uarI7fhbkt31xDA0j1p5PTdCj1DGyTmlA
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B9E6 24 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9E6 203 KB
64 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 02:36:26 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D858
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPTxW-960klNTzPRLItH9l0&google_cver=1&google_push=AXcoOmQWDUSmXlvoXqsNiBTrT-Zx9V9j8jc7FzR7rtoe0NHHE-1Mmcmm9TTBhBC4uVBJNkx2MsgeomdSyHAGVE-btBMLBf7VrEa9&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPTxW-960klNTzPRLItH9l0&google_cver=1&google_push=AXcoOmQWDUSmXlvoXqsNiBTrT-Zx9V9j8jc7FzR7rtoe0NHHE-1Mmcmm9TTBhBC4uVBJNkx2MsgeomdSyHAGVE-btBMLBf7VrEa...

43 B
424 B

178ms
177ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPTxW-960klNTzPRLItH9l0&google_cver=1&google_push=AXcoOmQWDUSmXlvoXqsNiBTrT-Zx9V9j8jc7FzR7rtoe0NHHE-1Mmcmm9TTBhBC4uVBJNkx2MsgeomdSyHAGVE-btBMLBf7VrEa9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWDUSmXlvoXqsNiBTrT-Zx9V9j8jc7FzR7rtoe0NHHE-1Mmcmm9TTBhBC4uVBJNkx2MsgeomdSyHAGVE-btBMLBf7VrEa9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 837c42093a9e18eb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 59
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPTxW-960klNTzPRLItH9l0&google_cver=1&google_push=AXcoOmQWDUSmXlvoXqsNiBTrT-Zx9V9j8jc7FzR7rtoe0NHHE-1Mmcmm9TTBhBC4uVBJNkx2MsgeomdSyHAGVE-btBMLBf7VrEa9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWDUSmXlvoXqsNiBTrT-Zx9V9j8jc7FzR7rtoe0NHHE-1Mmcmm9TTBhBC4uVBJNkx2MsgeomdSyHAGVE-btBMLBf7VrEa9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 837c420829f218eb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame D858 70 B
148 B 108ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIJjkc6PWkEhyYx55eHz888&google_cver=1&google_push=AXcoOmSx_woeGLnwLv7O_G6vmrxg0aSavCGjQjubjF4uhnZe-5xnXEneoyg_hTSRcQlkUlgk6L9H1lDLjEajQtsOFyVn1GL4oHkG
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D858
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDoYvwsKgw9FlFx6LVCHhmw&google_cver=1&google_push=AXcoOmQOGmMmFqmWl2qUa_MhmDPvRZGLZw5pmpmmxQsWAUeLJDn9dhkR9UZgzicv-tnjNyNzdHoqGhHdCSiGDhj3...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=67aw6FPYQn0PhuaOnumpKA&google_push=AXcoOmQOGmMmFqmWl2qUa_MhmDPvRZGLZw5pmpmmxQsWAUeLJDn9dhkR9UZgzicv-tnjNyNzdHoqGhHdCSiGDhj3jwzgQH3NLis

170 B
188 B

19ms
19ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=67aw6FPYQn0PhuaOnumpKA&google_push=AXcoOmQOGmMmFqmWl2qUa_MhmDPvRZGLZw5pmpmmxQsWAUeLJDn9dhkR9UZgzicv-tnjNyNzdHoqGhHdCSiGDhj3jwzgQH3NLis

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=67aw6FPYQn0PhuaOnumpKA&google_push=AXcoOmQOGmMmFqmWl2qUa_MhmDPvRZGLZw5pmpmmxQsWAUeLJDn9dhkR9UZgzicv-tnjNyNzdHoqGhHdCSiGDhj3jwzgQH3NLis
x-host: tde-deliveryengine-production-6b95976987-r8tz7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame D858 43 B
146 B 29ms
7ms Image
image/gif 3.69.190.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIvjoknmna-1PtXRU-GxmoQ&google_cver=1&google_push=AXcoOmQUDN2FMCtxmfOPwaUejJgAdAt0tI_6IDc5vdCAY1FiEV2EEwm5E_u4bMOGD-r58MyuU-vnbOm1wKPaPUilo7g8q8dstN68
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.190.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 dds
rtb.openx.net/sync/ Frame D858 43 B
236 B 36ms
15ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHViZw2vneElZZ2VmW5sK9E&google_cver=1&google_push=AXcoOmSr8Tfi_jEO44Yy45bNoqdJVXmCAX1oFMnmypncmXFI2Vn0bglYXmNPj5OFsyUqoOJcpOmiKQrXzQSdleKa1YZO4lw9cm90
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D858
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENy-VNbnJUGfK3jq_1eOdZM&google_cver=1&google_push=AXcoOmSJMZG0uti92P098V532VijPjAsmImCWfzn669H6Eyk6NVjH6CGtvyeaDTwb7EZwNVyEil...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFCUUg2SUItMU4tN1dQQg==&google_push=AXcoOmSJMZG0uti92P098V532VijPjAsmImCWfzn669H6Eyk6NVjH6CGtvyeaDTwb7EZwNVyEil443q2VlqQ0pHdhrGyN7RBefXF

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFCUUg2SUItMU4tN1dQQg==&google_push=AXcoOmSJMZG0uti92P098V532VijPjAsmImCWfzn669H6Eyk6NVjH6CGtvyeaDTwb7EZwNVyEil443q2VlqQ0pHdhrGyN7RBefXF

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFCUUg2SUItMU4tN1dQQg==&google_push=AXcoOmSJMZG0uti92P098V532VijPjAsmImCWfzn669H6Eyk6NVjH6CGtvyeaDTwb7EZwNVyEil443q2VlqQ0pHdhrGyN7RBefXF
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame D858 0
238 B 86ms
56ms Image
text/plain 2600:9000:224a:a200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOt8KUHl7Q2E0eZ9S8ckf4s&google_cver=1&google_push=AXcoOmRBlYpsxCKZmYfvOsGULqTMbmjBOi2PgE_7UB9X45urftXji9pCEnjPKxZSuMRQ56EwGlhvjZya49K0JHVAdTC8u3NCHX-n
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:a200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cache-control: no-cache, must-revalidate
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: T88ZYv6EISgCGWFfpe7FVP_q6INqxKiY-4U8vzBh9a2fbC6IZ_RGUA==
x-cache: Miss from cloudfront

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D858 0
59 B 26ms
25ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jf_w5IaOKBPlVU0TGGSl4R92_3bc-tQbrtKZMXWL_xMyUYiuD8qNofuhLxzp_EIYtwApR_

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5220
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDI72KuvzjlX_KbXvPbxlnM&google_cver=1&google_push=AXcoOmSTy6DedUpYiyz70_1r3tn3a5GgLJLxadd4Y8XG773qiUUK9cxd4NuYMPEBa1WzCOmabnPXrBWm7Csal4JZkUCY6pXYbEGC
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1MDQ4NDY1MzEyNjA5OTQ1NA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDI72KuvzjlX_KbXvPbxlnM&google_cver=1

43 B
398 B

13ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDI72KuvzjlX_KbXvPbxlnM&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDI72KuvzjlX_KbXvPbxlnM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5220 35 B
463 B 24ms
8ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFP9Ov8-v9bwaiFF9zXChTM&google_cver=1&google_push=AXcoOmQBwC1vG40APvjGCCJ3BZkfOYqoxTJstrZmtxnDCuiNDmcOYOC7fO3KNCBh6kys391st4NYWOhhcf3hOg-2TaOkSog78sB5fw

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5220
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWVxcHdwTjQxUmZwWTY1&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmQtmYWb7O3wfCcmcgZdJ0FEDN06XLpzbUVz1Ftn3iA...

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWVxcHdwTjQxUmZwWTY1&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmQtmYWb7O3wfCcmcgZdJ0FEDN06XLpzbUVz1Ftn3iANnhZj59sIiNxwGmBcQVWWufGpMfZpx2to9sGyI4v7SRVwBnowWuoDiw

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 02:36:25 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWVxcHdwTjQxUmZwWTY1&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmQtmYWb7O3wfCcmcgZdJ0FEDN06XLpzbUVz1Ftn3iANnhZj59sIiNxwGmBcQVWWufGpMfZpx2to9sGyI4v7SRVwBnowWuoDiw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5220 0
173 B 35ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFH6aFlkscSsUaWsk80GYoE&google_cver=1&google_push=AXcoOmQMqNZKhy7gCdwtmNGqXf3gjHq-slRXDCyhtoE88tN4N7gNM6RY8UN2k3KOGqt1J0VXEitQlAzSRx5muZinipZJgqC-5B3X3A
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5220 43 B
363 B 45ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTqK0JPIFNtufwNok7MdYDroyKKEnjZ6wtvzwdRGtkL-q4H7F6geIitmtMm5-5uXzQIFmBhN2J1zE2mcKhEWJCEWTc9HxvW&google_gid=CAESEAKYTdO1f0VksByHl4Jnl7o&google_cver=1

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 170680
expires: Tue, 19 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5220
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzfNEPz73loLtNFr55ro58&google_cver=1&google_push=AXcoOmR7q6gIUveWtvqc1YH5vHaEIVefABnvPN9vEoh2cJIpz4fzc0s59xZMxinvLrUSJW8g_1aWdDW1...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAzfNEPz73loLtNFr55ro58&google_cver=1&google_push=AXcoOmR7q6gIUveWtvqc1YH5vHaEIVefABnvPN9vEoh2cJIpz4fzc0s59xZMxinvLrUSJW8g_1a...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEyMTY0MDUxOTQ1MjYxMDI4Mg&google_push=AXcoOmR7q6gIUveWtvqc1YH5vHaEIVefABnvPN9vEoh2cJIpz4fzc0s59xZMxinvLrUSJW8g_1aWdD...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEyMTY0MDUxOTQ1MjYxMDI4Mg&google_push=AXcoOmR7q6gIUveWtvqc1YH5vHaEIVefABnvPN9vEoh2cJIpz4fzc0s59xZMxinvLrUSJW8g_1aWdDW1A6nCAaGrudyMjDv5yEEA

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEyMTY0MDUxOTQ1MjYxMDI4Mg&google_push=AXcoOmR7q6gIUveWtvqc1YH5vHaEIVefABnvPN9vEoh2cJIpz4fzc0s59xZMxinvLrUSJW8g_1aWdDW1A6nCAaGrudyMjDv5yEEA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame 5220
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECjI6j-PrhlnPAQTIRRuWNA&google_cver=1&google_push=AXcoOmSOZQiFUGI0NvlcMwR0DjFW364NhnCIlNywpengC_RI7UsI3-wRoAlXOLUxpxKqg7rneTcjFYL34kR...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSOZQiFUGI0NvlcMwR0DjFW364NhnCIlNywpengC_RI7UsI3-wRoAlXOLUxpxKqg7rneTcjFYL34kRktluhB_8trwAKPNh7rl4
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

7ms
7ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5220 0
40 B 25ms
25ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQy1b-1vwHTVa-crqjisDOq0qfXFnJxQVn5mzpbhOhLLxoQQIR0aYmpkm4CoUS3sQUk7mEWw

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame EFB7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62d118d936dc54d3e2d858f8db0108b3f5ef5afe29fd3012c2bbde70ac31c9ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6734 0
119 B 25ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFH6aFlkscSsUaWsk80GYoE&google_cver=1&google_push=AXcoOmSpZZE-Flztt3Xgb4YLbMwuDKgzzrGpu0ev0zgkDoNDEjRrQofDb_WXPTE5fqbdf64jSm-F4HT3ZeK10SUFaSvdqSx_sOnKcQ
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6734
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAzfNEPz73loLtNFr55ro58&google_cver=1&google_push=AXcoOmSNFS3cMafPnjWwh10Pj5vEyX2G9gvnUNl16u7GVk787mJ2apG9gy5ht7ghhdVKyv1XS7bUIv52...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAzfNEPz73loLtNFr55ro58&google_cver=1&google_push=AXcoOmSNFS3cMafPnjWwh10Pj5vEyX2G9gvnUNl16u7GVk787mJ2apG9gy5ht7ghhdVKyv1XS7b...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MzQ2MDQxMzQ3MDYzNjU3Ng&google_push=AXcoOmSNFS3cMafPnjWwh10Pj5vEyX2G9gvnUNl16u7GVk787mJ2apG9gy5ht7ghhdVKyv1XS7bUIv...

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MzQ2MDQxMzQ3MDYzNjU3Ng&google_push=AXcoOmSNFS3cMafPnjWwh10Pj5vEyX2G9gvnUNl16u7GVk787mJ2apG9gy5ht7ghhdVKyv1XS7bUIv52GQaUSBtiW3MncqLS3RBl

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc4MzQ2MDQxMzQ3MDYzNjU3Ng&google_push=AXcoOmSNFS3cMafPnjWwh10Pj5vEyX2G9gvnUNl16u7GVk787mJ2apG9gy5ht7ghhdVKyv1XS7bUIv52GQaUSBtiW3MncqLS3RBl
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6734
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENy-VNbnJUGfK3jq_1eOdZM&google_cver=1&google_push=AXcoOmRzWYvMQpCC85iicsq3DG784Hg9T4pN3II3zqwU-LtvBAuZoiXOftB4-cP2TA6ejisuXtl...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFCUUg2SUItRi1CMkxB&google_push=AXcoOmRzWYvMQpCC85iicsq3DG784Hg9T4pN3II3zqwU-LtvBAuZoiXOftB4-cP2TA6ejisuXtl7phmlmLcbKA-hmHfDmYleZ8xa4Q

170 B
188 B

21ms
21ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFCUUg2SUItRi1CMkxB&google_push=AXcoOmRzWYvMQpCC85iicsq3DG784Hg9T4pN3II3zqwU-LtvBAuZoiXOftB4-cP2TA6ejisuXtl7phmlmLcbKA-hmHfDmYleZ8xa4Q

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFCUUg2SUItRi1CMkxB&google_push=AXcoOmRzWYvMQpCC85iicsq3DG784Hg9T4pN3II3zqwU-LtvBAuZoiXOftB4-cP2TA6ejisuXtl7phmlmLcbKA-hmHfDmYleZ8xa4Q
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9db1556130a9e92b896eecae836f6a70
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6734
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL1PwvR8vhHgoA2jHyiMKuA&google_cver=1&google_push=AXcoOmRkRkpnnGayGWCO-JG4rVNO85hOS_USUcVYoHpZPn4YPXtYAUIM1GnMuYo3CLQrJ5ou4o2XzhnZ3Ruzt5RX6...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL1PwvR8vhHgoA2jHyiMKuA&google_cver=1&google_push=AXcoOmRkRkpnnGayGWCO-JG4rVNO85hOS_USUcVYoHpZPn4YPXtYAUIM1GnMuYo3CLQrJ5ou4o2XzhnZ3Ruzt5RX6...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRkRkpnnGayGWCO-JG4rVNO85hOS_USUcVYoHpZPn4YPXtYAUIM1GnMuYo3CLQrJ5ou4o2XzhnZ3Ruzt5RX674pzeppO7RE&google_hm=H2EcsGZHIJRQppu2Sky9s3ft

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRkRkpnnGayGWCO-JG4rVNO85hOS_USUcVYoHpZPn4YPXtYAUIM1GnMuYo3CLQrJ5ou4o2XzhnZ3Ruzt5RX674pzeppO7RE&google_hm=H2EcsGZHIJRQppu2Sky9s3ft

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 19 Dec 2023 02:36:26 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRkRkpnnGayGWCO-JG4rVNO85hOS_USUcVYoHpZPn4YPXtYAUIM1GnMuYo3CLQrJ5ou4o2XzhnZ3Ruzt5RX674pzeppO7RE&google_hm=H2EcsGZHIJRQppu2Sky9s3ft
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6734
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECjI6j-PrhlnPAQTIRRuWNA&google_cver=1&google_push=AXcoOmSkZMSl8DfDfFQKu53vbAeQO6unYM02OAOsZNXaUV9wA9tbkO9MRNUjhWho1qvckZVbeoptfBI2O67B...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkZMSl8DfDfFQKu53vbAeQO6unYM02OAOsZNXaUV9wA9tbkO9MRNUjhWho1qvckZVbeoptfBI2O67BFryq1yLuZqXQs-EC

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkZMSl8DfDfFQKu53vbAeQO6unYM02OAOsZNXaUV9wA9tbkO9MRNUjhWho1qvckZVbeoptfBI2O67BFryq1yLuZqXQs-EC

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkZMSl8DfDfFQKu53vbAeQO6unYM02OAOsZNXaUV9wA9tbkO9MRNUjhWho1qvckZVbeoptfBI2O67BFryq1yLuZqXQs-EC
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 6734
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECjI6j-PrhlnPAQTIRRuWNA&google_cver=1&google_push=AXcoOmQ6-mSl-cSeLNskTzSHmksJm4Bs2ObmeY48kIOoowY8AzMP8VUt0ASBX3VG34-CjU3ZA3Pzy60uSQ1...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ6-mSl-cSeLNskTzSHmksJm4Bs2ObmeY48kIOoowY8AzMP8VUt0ASBX3VG34-CjU3ZA3Pzy60uSQ1VcNZyxVARttegy_-AJg
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

8ms
7ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 6734
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEADxlDfZxn5X...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRRh693rCT_3AVRJXu3xWT1XYyNvvwzqE2L7eKpTaZRcceQCT3SJ1z1AUOhz1U9g_1z4C3-ySUg0s7MtR4NjCm8dlfYkc3Dag
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

33ms
33ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 19 Dec 2023 02:36:26 GMT
pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6734 0
12 B 17ms
16ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHAy0J91ec7kFl8cBQZufCXfn8Y-YkE_5oy_Yr4WMatSoOFV_DpF34_YCsiwuLLPYRqSo0Xqs

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame E57C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79708903043f6f31258de0acd79a416fc7cee74b70a58abd7be98ed65a4390af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7B70 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6b1173fa8c27906c4b99917b603f3e5bec8f5f899e504858179aa868ffc8b94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B9E6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d37162f37ecb8d57786f733f2a0171b05a26f79721ace7a65c46f850ef026ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B31C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWVxcHdwTjQxUmZwWTY1&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmRZ-eLCQQuVit8URB3upBBfLCDT0gPpCBpHLMeQvmq...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWVxcHdwTjQxUmZwWTY1&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmRZ-eLCQQuVit8URB3upBBfLCDT0gPpCBpHLMeQvmq01Ps1MyjebqoDvfXk8YlCN_SxUIM2GgUf9_xrdQz2EA4yrdZwikQZ8w

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 02:36:25 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WWVxcHdwTjQxUmZwWTY1&google_gid=CAESEOolYWLl-U-rRTpK1ASzRh8&google_cver=1&google_push=AXcoOmRZ-eLCQQuVit8URB3upBBfLCDT0gPpCBpHLMeQvmq01Ps1MyjebqoDvfXk8YlCN_SxUIM2GgUf9_xrdQz2EA4yrdZwikQZ8w
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B31C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPlkej5VVlqxaIW5WPvF_AI&google_cver=1&google_push=AXcoOmQnXh7hHm254rYuzCy0QrR4ukNGrxrx1HqNjx6uaCQUYxOPz6izlj3aOyos3THBMbefr2n4cdeF3c-XI0OqYQi1sQw9tMo7LQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F4378E736DE4964AF66542D80C43E1B&google_push=AXcoOmQnXh7hHm254rYuzCy0QrR4ukNGrxrx1HqNjx6uaCQUYxOPz6izlj3aOyos3THBMbefr2n4cdeF3c-XI0O...

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F4378E736DE4964AF66542D80C43E1B&google_push=AXcoOmQnXh7hHm254rYuzCy0QrR4ukNGrxrx1HqNjx6uaCQUYxOPz6izlj3aOyos3THBMbefr2n4cdeF3c-XI0OqYQi1sQw9tMo7LQ

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Dec 2023 02:36:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F4378E736DE4964AF66542D80C43E1B&google_push=AXcoOmQnXh7hHm254rYuzCy0QrR4ukNGrxrx1HqNjx6uaCQUYxOPz6izlj3aOyos3THBMbefr2n4cdeF3c-XI0OqYQi1sQw9tMo7LQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 18 Dec 2023 02:36:26 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B31C 70 B
149 B 56ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIJjkc6PWkEhyYx55eHz888&google_cver=1&google_push=AXcoOmRL7CyzDEw2V1IMjFE8KtMvBo3wVUsVHs3th4i_RjriPXGXs7hFSeDRMjIk5zBalvuicKZ3m6a5MIiPSRoZgZgZ2IVWHGvtCg
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B31C
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOtXNsirCZhzouHp-RnpO04&google_cver=1&google_push=AXcoOmTLfw4R-h744BOd96hc9zoQtiYm7lQu7HWPw0u5ZwU5dDll6xz33G4v2QVzZJP69N2MT4opoieBa3tm9TaIaSyhSzG...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOtXNsirCZhzouHp-RnpO04&google_cver=1&google_push=AXcoOmTLfw4R-h744BOd96hc9zoQtiYm7lQu7HWPw0u5ZwU5dDll6xz33G4v2QVzZJP69N2MT4opoieBa3tm9TaIaSyhS...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTLfw4R-h744BOd96hc9zoQtiYm7lQu7HWPw0u5ZwU5dDll6xz33G4v2QVzZJP69N2MT4opoieBa3tm9TaIaSyhSzGrfDRYUw

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTLfw4R-h744BOd96hc9zoQtiYm7lQu7HWPw0u5ZwU5dDll6xz33G4v2QVzZJP69N2MT4opoieBa3tm9TaIaSyhSzGrfDRYUw

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTLfw4R-h744BOd96hc9zoQtiYm7lQu7HWPw0u5ZwU5dDll6xz33G4v2QVzZJP69N2MT4opoieBa3tm9TaIaSyhSzGrfDRYUw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B31C 43 B
362 B 13ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmThOcVH_gGU17Hu9iG9Y0u24RIP1lB20ykCHCWxnuy8UhzxgOISUHxot89xVS7YALHdseWtaxwr3imrJ96MnGy__0dnZBzRJA&google_gid=CAESEAKYTdO1f0VksByHl4Jnl7o&google_cver=1

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 202059
expires: Tue, 19 Dec 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame B31C
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEADxlDfZxn5X...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRL5UELKvNACTvSAR_TKVTfZYjAlBGhCi9Ez1lwWaJfbMnQkW0pD1mKlsXYLJbZjNLcrxVpHPLR8o07aB33mqpd_qSm2i13xg
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

32ms
32ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 19 Dec 2023 02:36:26 GMT
pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B31C
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEB4PMXk-ditOKtb-uyXbJtw&google_cver=1&google_push=AXcoOmRF44gT5ZU0j...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA5MDcwOTU2NjM5OTE0NzA2Nw%3D%3D&google_gid=CAESEB4PMXk-ditOKtb-uyXbJtw&google_cver=1&google_push=AXcoOmRF44gT5ZU0jbHMogLX3XPWmTUWLZ...

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA5MDcwOTU2NjM5OTE0NzA2Nw%3D%3D&google_gid=CAESEB4PMXk-ditOKtb-uyXbJtw&google_cver=1&google_push=AXcoOmRF44gT5ZU0jbHMogLX3XPWmTUWLZG3z6fj4Ixng7N-PmhjIr6PYGSVm-Jx4nTbhdlYEJog8Xz5HFJkM0_FaoxKFKCxAMNxxuc

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
an-x-request-uuid: a4162693-2382-446e-af59-1ff364da7c2a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA5MDcwOTU2NjM5OTE0NzA2Nw%3D%3D&google_gid=CAESEB4PMXk-ditOKtb-uyXbJtw&google_cver=1&google_push=AXcoOmRF44gT5ZU0jbHMogLX3XPWmTUWLZG3z6fj4Ixng7N-PmhjIr6PYGSVm-Jx4nTbhdlYEJog8Xz5HFJkM0_FaoxKFKCxAMNxxuc
x-proxy-origin: 138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B31C 0
12 B 15ms
15ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTQREW79j4MU6L00CO7YxiSOC-ZVZtRmTqxjJT9bMaX6xHmlOKOTFiEPuDhst4ACPBDn2zpwE

Requested by

Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B9E6 0
0 49ms
49ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAw7gqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTwAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3COIAkl4jy86PRF7pdP2PdCgD370bWNTsOTxw6IJyoYs-pCijBwBaOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA4AKA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAbIXHAoaEhRwdWItNTExMTA2OTg5NDMwOTk2NhjQuyE&sigh=kyx941sLLBA&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_69B0aTruJTgLhjv1kLExTM55AlQfV1fEXfgNRvav3IxnKZWhVQbRMtGoSimXvtLSvdhRYfoVGAE&cbvp=2&vis=1
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B9E6 0
103 B 40ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gb08gybhtvr2mf0nyefzqca6cbzr6gj6cth0jd21fhtyeqtsn75aq037q6kp5dpw8e692030h0fzk1pdtxj5ft3rnehenbq59jqpj8bzkjan2cxvd5zrpmr8h6ytb4vxz1esfx0zdgeejrcedn4a09br32ktzss940m76fgpn278t2n2h0mbzsa3b09w9zneraktdepr2jetncy82g5sbk9bgh9260d822bfy76jmp2d2rhmcz3x9n06ffwgqkw0xj6961mft4j2atgm8kkg6yxfx1mjznnrce3ybf4dkegq3a7ebz6t11mkez71f05jdbmy1wb1h9ae3hxevrsp53e7tx64eadtv9mk5a8gr5kjc0d1hfzkss00kfmv0aay2fpnw4p8tssca8&b=ZYEBqQAM34kK4BWDAADT2bhvlZsheF6abbxieg&cbvp=2
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EFB7 0
0 51ms
51ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzGCAqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTwAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV2siMssHE7PawKk1AzZP5EEc7TqK60wpltmeimrMD6i1HCchD-DleAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA4AKA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAbIXHAoaEhRwdWItNTExMTA2OTg5NDMwOTk2NhjQuyE&sigh=6kYcHYoigAQ&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_69B0aTruJTgLhjv1kLExTM55AlQfV1fEXfgNRvav3IxnKZWhVQbRMtGoSimXvtLSvdhRYfoVGAE&cbvp=2&vis=1
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame EFB7 0
39 B 24ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hka109f28r1zm3ev2q5pp3a0sk2571rm9h4z2fr9zs33sxz5twscw8x1r2x6zf8zk72y93s6d93agdd3htmhh6c8tcj0t78x8qqb5b7svzc4tavyppfwck11b8a6mxfw7rvzt8ajw80bagmmec3bm7vm6v2hkbr1zas20s81epfnh7vv2288yxdgzdew9pkzt9yvx638ypgbss7hdrxax1n6dgsdk70ygpq90v8z66qgfhf2hb34n4vdcsr98r67n7x1d87d948k4c5chdjw53bn8j9p6b2ggzfsqq34za0hagva7xx5kq2dbrm1zwes2hnj9m0k96zgef2w7heaa2v5zgarj7waqqwsqpk4xthd1a8ewew3vsx6kxvy9vxkm3rx2y328qaya0&b=ZYEBqQAM34gK4BWDAADT2aKi9iF1VyFSF6dbtA&cbvp=2
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6F7E 115 KB
14 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jajz00a1kjzdbdq7ffetex9mke1z179p2f8mxsbcbm759qfzxrg8yqtqx4fxqxnhwpjec144nyc5b17jg285qg36gk210nxwm5mgp4hvg52kqn1b33zf117sweqxd9nk2pv2z4z5k23edswck7k6v4yz7zpdm214phnfvd2r0xajz84k7btphgh5ahvbj2hw9a83gqs0kbpt4qb1091s5atk69zrm9e19w55s3aga9xwc138qtk9dz4f2d7jf5rzgyvet8mtrn9zmv4axah3py6bn3mn90455yx910zw5cd4b05q4x88sdb7bckvs88vxy0nx18gj8j5nm9gx0m7sywq1zs53x7vn37qepd04fcvq36e1pgx8n1g81651pd9r0ezss14bg60q9r7ex1c3ky2b3vgw5qv7xerw90r6wka40yfsv38td3zn18ykft73x4pcp8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%26client%3Dca-pub-5111069894309966%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jajz00a1kjzdbdq7ffetex9mke1z179p2f8mxsbcbm759qfzxrg8yqtqx4fxqxnhwpjec144nyc5b17jg285qg36gk210nxwm5mgp4hvg52kqn1b33zf117sweqxd9nk2pv2z4z5k23edswck7k6v4yz7zpdm214phnfvd2r0xajz84k7btphgh5ahvbj2hw9a83gqs0kbpt4qb1091s5atk69zrm9e19w55s3aga9xwc138qtk9dz4f2d7jf5rzgyvet8mtrn9zmv4axah3py6bn3mn90455yx910zw5cd4b05q4x88sdb7bckvs88vxy0nx18gj8j5nm9gx0m7sywq1zs53x7vn37qepd04fcvq36e1pgx8n1g81651pd9r0ezss14bg60q9r7ex1c3ky2b3vgw5qv7xerw90r6wka40yfsv38td3zn18ykft73x4pcp8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%26client%3Dca-pub-5111069894309966%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1717987
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmRsk6fnhPs1Hil1UHHuZIK0fVT04HnE3lvwa9xgvihSoXDc0fB8ibABKGsyDkMNdCEvRMtEM%2F0KAd0Q6dhnqBFdxUy9pB4v1zL%2FmUfplgaNfcl7exkTaVJdEMmy0i61kcYDnuD9RkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837c4208d9304d1f-FRA
expires: Wed, 20 Dec 2023 02:36:26 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 6F7E 24 KB
9 KB 28ms
17ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jajz00a1kjzdbdq7ffetex9mke1z179p2f8mxsbcbm759qfzxrg8yqtqx4fxqxnhwpjec144nyc5b17jg285qg36gk210nxwm5mgp4hvg52kqn1b33zf117sweqxd9nk2pv2z4z5k23edswck7k6v4yz7zpdm214phnfvd2r0xajz84k7btphgh5ahvbj2hw9a83gqs0kbpt4qb1091s5atk69zrm9e19w55s3aga9xwc138qtk9dz4f2d7jf5rzgyvet8mtrn9zmv4axah3py6bn3mn90455yx910zw5cd4b05q4x88sdb7bckvs88vxy0nx18gj8j5nm9gx0m7sywq1zs53x7vn37qepd04fcvq36e1pgx8n1g81651pd9r0ezss14bg60q9r7ex1c3ky2b3vgw5qv7xerw90r6wka40yfsv38td3zn18ykft73x4pcp8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%26client%3Dca-pub-5111069894309966%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 494497
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8p2vq1cqS0Vh3cwMaMHUNeNB9JMHW4cJpn6dMG5dNpmZghL%2BWbflcnXVjYTpjQdyuuxDm0lZ%2F36pPSxN7lNaFIIjQYFxLyl8V6HsJAprXDk%2B9CPH2yOAObwbTe6qo4CBAJGDNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 837c4208e9414d1f-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 62CA 115 KB
13 KB 17ms
17ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1geen3rb9xdxrxnh6kp0qke7f3atrg7637bwg0mkcyeznc388csayfjcpaknwvbbwj45phqqv4wrfhyfsahk7frs3nerbk963pqwhbkjex4ewvm5qqx34b5ert8hbx5jh3ezze51km9ztedq35cf15dfsxh04fzh5510kwj3mx712dc37j8rc763hg1d4m821pp5tvgrwsjkn4gmh747sn7t6xxhnt7htrf02q0cqmmjc0kjw4red0e80mn24jwneqx8jwrr85yk6188n6e1g087vvhn3xa12nhx21a49q2jmc5f6gbj5dhx94z65dr5n69bvf9nqrz1shh8b046q5y3b26v6x88krhp0xak4zhtq9e9ceg1bee81sdvgchzaqartbh4zbrs7q23ytv3281s9ywfq67td2p11tsgtc4zq7cm855gtjx5gbp2r4sf6nz6n64xaw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%26client%3Dca-pub-5111069894309966%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1geen3rb9xdxrxnh6kp0qke7f3atrg7637bwg0mkcyeznc388csayfjcpaknwvbbwj45phqqv4wrfhyfsahk7frs3nerbk963pqwhbkjex4ewvm5qqx34b5ert8hbx5jh3ezze51km9ztedq35cf15dfsxh04fzh5510kwj3mx712dc37j8rc763hg1d4m821pp5tvgrwsjkn4gmh747sn7t6xxhnt7htrf02q0cqmmjc0kjw4red0e80mn24jwneqx8jwrr85yk6188n6e1g087vvhn3xa12nhx21a49q2jmc5f6gbj5dhx94z65dr5n69bvf9nqrz1shh8b046q5y3b26v6x88krhp0xak4zhtq9e9ceg1bee81sdvgchzaqartbh4zbrs7q23ytv3281s9ywfq67td2p11tsgtc4zq7cm855gtjx5gbp2r4sf6nz6n64xaw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%26client%3Dca-pub-5111069894309966%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1717987
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrPZjSLWs%2F7qkR0MTFa7MXPPdn3YW0OT8xRHkFURTKSM2aGImkKLkFYi2UQ2xzmEcCSA1riEw%2F%2Br1XoXxyczPxaY4wKuRO8Hs%2BXr42wD2C3MNZDDD8UbzaZmswxrxtIi1yBLeDnlsIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837c4208d9374d1f-FRA
expires: Wed, 20 Dec 2023 02:36:26 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 62CA 24 KB
10 KB 22ms
16ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1geen3rb9xdxrxnh6kp0qke7f3atrg7637bwg0mkcyeznc388csayfjcpaknwvbbwj45phqqv4wrfhyfsahk7frs3nerbk963pqwhbkjex4ewvm5qqx34b5ert8hbx5jh3ezze51km9ztedq35cf15dfsxh04fzh5510kwj3mx712dc37j8rc763hg1d4m821pp5tvgrwsjkn4gmh747sn7t6xxhnt7htrf02q0cqmmjc0kjw4red0e80mn24jwneqx8jwrr85yk6188n6e1g087vvhn3xa12nhx21a49q2jmc5f6gbj5dhx94z65dr5n69bvf9nqrz1shh8b046q5y3b26v6x88krhp0xak4zhtq9e9ceg1bee81sdvgchzaqartbh4zbrs7q23ytv3281s9ywfq67td2p11tsgtc4zq7cm855gtjx5gbp2r4sf6nz6n64xaw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%26client%3Dca-pub-5111069894309966%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 494497
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUgc8QMm5W5h00eyTlZFQGsdln6S19wIl0znuwoaFU%2BbXeZ5r%2F5jN0HR7vBHHCvisufUymqq2oQShjB04Bic%2BbZUjorsCLGbnPxlYNaj95dhDmc7u1WOXVRrBvOaZEWS4%2FJgStc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 837c4208e9404d1f-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4180 115 KB
13 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g6k15ez1f11kvj0c9sbbp1gb8thckcjhwqytf8mnfwqwey0xecneay7b52kbp31s7dmz9j19vfza42sxn2nnv60qzr7v9sbb4gp7q5n66xxzd4qt70hqyz50hctkbkft9frh274ysymdn2hq66eq2wjdb423kk683r8d7brwkw536vg8d7ydcjc81xptb1qjnz65g772apwz1ksmr0p18x68kwj44f6rg8gr0yhgxpxdht6vx8xaahkhsd2yfv5qpcp2q339swa91kb2aknmcjjrmv97c37tcm8w160a0sp0rce3t6jswyqjeyhmgm31gvy09zag10jd2p6m3gnmw3935wg2fg47n7t7d5wqajkvy35akesq3gr829mh59vanhqrdv8my6rkysnafsjhkxv8k300nr8mtvs352h6g821b2v9r6qzckrk7ev250z46dc5kjm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%26num%3D1%26sig%3DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%26client%3Dca-pub-5111069894309966%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g6k15ez1f11kvj0c9sbbp1gb8thckcjhwqytf8mnfwqwey0xecneay7b52kbp31s7dmz9j19vfza42sxn2nnv60qzr7v9sbb4gp7q5n66xxzd4qt70hqyz50hctkbkft9frh274ysymdn2hq66eq2wjdb423kk683r8d7brwkw536vg8d7ydcjc81xptb1qjnz65g772apwz1ksmr0p18x68kwj44f6rg8gr0yhgxpxdht6vx8xaahkhsd2yfv5qpcp2q339swa91kb2aknmcjjrmv97c37tcm8w160a0sp0rce3t6jswyqjeyhmgm31gvy09zag10jd2p6m3gnmw3935wg2fg47n7t7d5wqajkvy35akesq3gr829mh59vanhqrdv8my6rkysnafsjhkxv8k300nr8mtvs352h6g821b2v9r6qzckrk7ev250z46dc5kjm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%26num%3D1%26sig%3DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%26client%3Dca-pub-5111069894309966%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1717987
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thXEtSwgm6oXt4ulJ%2F%2Br6I43kqQafmJ1RTeMaXa6bApk%2BxMf5XCXtPBWfLJxuBeNCrmKkmw%2FEHJMTpOiemCGS80Ifp4gXpHhLALMkytk23KpIYfc6vykgm26fAqmtWV9d3EB7kOnyHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837c4208d93a4d1f-FRA
expires: Wed, 20 Dec 2023 02:36:26 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4180 24 KB
9 KB 26ms
23ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g6k15ez1f11kvj0c9sbbp1gb8thckcjhwqytf8mnfwqwey0xecneay7b52kbp31s7dmz9j19vfza42sxn2nnv60qzr7v9sbb4gp7q5n66xxzd4qt70hqyz50hctkbkft9frh274ysymdn2hq66eq2wjdb423kk683r8d7brwkw536vg8d7ydcjc81xptb1qjnz65g772apwz1ksmr0p18x68kwj44f6rg8gr0yhgxpxdht6vx8xaahkhsd2yfv5qpcp2q339swa91kb2aknmcjjrmv97c37tcm8w160a0sp0rce3t6jswyqjeyhmgm31gvy09zag10jd2p6m3gnmw3935wg2fg47n7t7d5wqajkvy35akesq3gr829mh59vanhqrdv8my6rkysnafsjhkxv8k300nr8mtvs352h6g821b2v9r6qzckrk7ev250z46dc5kjm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%26num%3D1%26sig%3DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%26client%3Dca-pub-5111069894309966%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 494497
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRGg3bediAjVpJPhaJkFIde%2FFj%2Fdf3P0qU7y0FeuAxkteELRsICAOfOGc7JUnBFV5ZIZY3fRFs858FKMH7ilOzN9O85GcHIfXTEi0Lb6Gucy9GCaAhKKyYlhqP4nsgtw9Kdi4WY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 837c4208e93f4d1f-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9E64 115 KB
14 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jnjf8r2s0cbk5w2v8qmn7efc1500vnhbnd28t88c293wy5585q55ptkdc5ah2cab15qeehh9pmag3rxdr6mztz3b6cbjz5zxqdxezmak8gb30g2yymk2cq1d041db2qazd2y9w40knye24xcs0er9yznmx9gx43jdyv035vq55wctt43tdkfnj9cyqqyzm4vb02p9bskbgejwce0t1zdjtaqf30zf18qtcg827km9nztsk32j7xrz519zyw5p37hngtv26v43zbwbrxt80e12n66vr6zr5fp8ex82hhdwph1a6gb4sqjn2crh2ve9sj9g2fs373zwnxpvrne39kf26kx5gm8e13xqwecnmge3x80wk3vbtnajrb6dmpwkwh0j3kmk0v3qh8ktkhnrgyyhw40rersa008ysx7bt02cesdrzfwhpgw3wegsv4s96wyzg3jhw5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%26client%3Dca-pub-5111069894309966%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jnjf8r2s0cbk5w2v8qmn7efc1500vnhbnd28t88c293wy5585q55ptkdc5ah2cab15qeehh9pmag3rxdr6mztz3b6cbjz5zxqdxezmak8gb30g2yymk2cq1d041db2qazd2y9w40knye24xcs0er9yznmx9gx43jdyv035vq55wctt43tdkfnj9cyqqyzm4vb02p9bskbgejwce0t1zdjtaqf30zf18qtcg827km9nztsk32j7xrz519zyw5p37hngtv26v43zbwbrxt80e12n66vr6zr5fp8ex82hhdwph1a6gb4sqjn2crh2ve9sj9g2fs373zwnxpvrne39kf26kx5gm8e13xqwecnmge3x80wk3vbtnajrb6dmpwkwh0j3kmk0v3qh8ktkhnrgyyhw40rersa008ysx7bt02cesdrzfwhpgw3wegsv4s96wyzg3jhw5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%26client%3Dca-pub-5111069894309966%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1723584
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjexOvbeexniSVqwQv9AcRrB3Mr2ywiM6wlkWZptAh4cmeSg3sKsIfqiJCEO9p%2BqzOX3Qh79ubV6YuAjDTppyNFs%2BBMEUmT0LkkJi3K3iC2MpVtuXCjU1WCsFmx6HLl6YBzX3Lxuw80%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837c4208ea4a2c55-FRA
expires: Wed, 20 Dec 2023 02:36:26 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 9E64 24 KB
9 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jnjf8r2s0cbk5w2v8qmn7efc1500vnhbnd28t88c293wy5585q55ptkdc5ah2cab15qeehh9pmag3rxdr6mztz3b6cbjz5zxqdxezmak8gb30g2yymk2cq1d041db2qazd2y9w40knye24xcs0er9yznmx9gx43jdyv035vq55wctt43tdkfnj9cyqqyzm4vb02p9bskbgejwce0t1zdjtaqf30zf18qtcg827km9nztsk32j7xrz519zyw5p37hngtv26v43zbwbrxt80e12n66vr6zr5fp8ex82hhdwph1a6gb4sqjn2crh2ve9sj9g2fs373zwnxpvrne39kf26kx5gm8e13xqwecnmge3x80wk3vbtnajrb6dmpwkwh0j3kmk0v3qh8ktkhnrgyyhw40rersa008ysx7bt02cesdrzfwhpgw3wegsv4s96wyzg3jhw5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%26client%3Dca-pub-5111069894309966%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 494497
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QtW3PpF11LIJP%2BqUxTzKCDJ0ErTQr8Z6uMxC1c4b0BrmAX7fesxhU7szY9mLvjR0Yvtcm%2FmFGAomRnXDnJY40b7fPUQMXe47J8bLhTJDcnO4H6PN3TLXQbgkhYNBZ53GwynIc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 837c4208e9454d1f-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2082839859&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.dafiti.com.co%2F&dp=https%3A%2F%2Fwww.dafiti.com.co%2F&ul=en-us&de=UTF-8&dt=dafiti%20Colombia%20%7C%20Moda%20Online%20-%20zapatos%2C%20ropa%20y%20accesorios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB-Discovery&ea=AB-Recomendaciones-Bob&el=Variacion%20-%20Multimarca&_u=aCDAgEIJAAAAAGgMKAC~&jid=&gjid=&cid=122775227.1702953386&tid=UA-30747187-1&_gid=615907393.1702953386&gtm=45He3bt0n51HHB6v6125902&cg1=home&cg4=Home&cd1=&cd3=Home&cd4=&cd5=&cd6=2023-12-19T03%3A36%3A26.402%2B01%3A00&cd7=&cd8=1702953386402.t4jcnbyr&cd9=No&cd10=false&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd11=122775227.1702953386&z=1579810107

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 07:51:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67468
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 var
async-px.dynamicyield.com/ 0
384 B 103ms
103ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: tmA9zirwxgjyZz93iEUZonHdqw98wyfwx0Jz0nLjXiCZkE9jGMxRaQ==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 290ms
289ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: _V7-DQDkqQlh0mfrivUE2LFfzmAqCLCODE88-84S7vSoagpmYd4qiQ==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 289ms
288ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: RffZ83X4QDCgiqQm2lRY9WuIg0qcEOfghLAuIyCOMse1g05NmTjNiw==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
382 B 290ms
289ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: _XJlBq6_OoS1sJIVZ26w3AaksiQIrCcQcZdfULXu5cTinl4_lFh9VA==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
384 B 296ms
295ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: GN_7zzUBM8bpD4dfcJfNU8mWrJgR6GPv_smNZQZ0MXss9z0z2XtxBw==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
382 B 299ms
298ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: fw-25nTrSuaBOHg0GYB1daLl-GI5dhF-zePY7lh-rbR8trq3ioslJQ==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 297ms
296ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: RX6wMyzGg3DHY1tD5rI4NYqtZdsJg-oAtK27K4nosLlzojFhWpgwEQ==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 298ms
295ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: XHwY10P-bGn5BSkcpFPPTCRhnpF4-79eZb476alEwdE6fg2DqGjTVg==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
384 B 299ms
297ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: xQZqBMEb0o3L96YNtgw2rB5ShimYJhnDYRxOPE_QNMS-HcfsuFkyxg==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 300ms
297ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: OHANjgk0p5ApHgPPfeAp-DAHspOfzjvkIIjyoeL7A5u6_FHNqH0nQA==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 301ms
297ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: LRw1-8UP9QGJAm1FXRUUfypm6LFsmtJL0ylqD9wiHT8jnFQaoin51Q==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 297ms
294ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: hEloZqcCvxdqQVKMiXsWdRI0WehJ1nEOsiiKV8HMZXTj4yrAuwtoOg==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 298ms
295ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: i8vuazL1CSVF-5htTRVr9z283wWWN9pVxX0zFrfWlJJr2IcxJH3rzw==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 298ms
295ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: OEnuYiL7cK1MwS_xaMgwx3TRO2FUmp4S5czLMs6JKWQUkRK04srC5g==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
384 B 300ms
297ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: HYqcN5XsHC7pAGcjZVRpnXfBu5sZCfI_LykmyQmV-HfU3ONRcILiHg==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 297ms
295ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: S8rUDFug7sxCpPouiRuUpVzf43PbMlAUxBs74fes2XSK-VxOGOIOyg==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
384 B 298ms
296ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: oG4i_-yQUvAvubkk1ADwLiYhUaxqMW3fkDpyT7GNwWz-LJKT1ANdZg==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 299ms
296ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: cKCMujb6eA4HAiip25JFgB7ZgpFh6FjCnjSVUvIuG5x3bvIPUPH6Bg==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 295ms
293ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: VLMTB7wNliD9m0ayebNrZcSskjBpZe4O-_ytLw3wL6wvdKBVwVsiIg==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
384 B 295ms
293ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: MYFDEIel9yJCAoxEuDDU_wQQ44_QfkKzDbsNbSa5W6YKyLyg3BQDqQ==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
383 B 297ms
296ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: ajh1N5mnWPOk6JN2Pq_HM203zlN5vYCOGo4jnuEN72S9eYeMSkL8Kw==
expires: 0

POST
H2 200 var
async-px.dynamicyield.com/ 0
382 B 297ms
296ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: ql4a77syj-pt3P0uOCAqsLIjz5rdOdl1LR7tAH_kegXyqB9J5MtUuA==
expires: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 62CA 350 B
912 B 44ms
16ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1802141
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o48tHRbzDczbxzO9jABRL0wymj6wlxmGVvMstdyYnkLrKoLv5%2BYAk%2BZZE%2BOss8Pk80vSQO2xVmVXysigaEMPpQglpG6WH8chK%2FJxyvMua%2ByyQ106K91yqckaNJByoxQTcFk728wGOSVNrMjBGWsqcQkP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c42096ffd2bf7-FRA
expires: Wed, 27 Nov 2024 05:32:27 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6F7E 350 B
645 B 45ms
17ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1802141
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXOh1WRqoLZUcszRPZbcdiV8V%2FLw8sDUEsvAe1FrcrNRt%2FTdmd3V9CurCFuxPoVm1LKUD3B%2Bw%2FKX%2FrGMz6FOToqk5cuHXFAJen3KQ%2BfZe7J9lcmyFaGl%2BJ0Vw6uAVzwGQUzS1LRU8OI5JZwYmoaA%2BBL%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c42096ffe2bf7-FRA
expires: Wed, 27 Nov 2024 05:32:27 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9E64 350 B
638 B 47ms
20ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1802141
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnJdHgs3UgZw1yETAvEQRpLCUG7Qvz5hbmsaTU4eZdv%2FF6kzadaqftrf0M7BkRhFFzawM2UhP4T0LDstR1S4J1aarK%2BJW4nT39gmlandZ5wULLfEdU%2BsA2IxGGGpOw%2FITMD7%2BxHyriWtIU2OikP9Ubjp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c42096ffc2bf7-FRA
expires: Wed, 27 Nov 2024 05:32:27 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4180 350 B
643 B 45ms
18ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1802141
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9HGiV2Bo1gtelcEjbxGJtXFwzGBtdn3u2u6T%2F%2BBGmK53mzBc8vAS%2FmsjRf4iLX1BYf%2B3Z18Q77%2BZvlT6hwc3bhvf%2FxnURPz3%2B59a%2BJgAA9t7bKot3iI5hGMQN%2FiupNkUR55ol5iTcXr9aGXgOSXBqei"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c42095ffa2bf7-FRA
expires: Wed, 27 Nov 2024 05:32:27 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 4BF4 2 KB
1 KB 17ms
15ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1638473
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 837c42093a6f2c55-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: Thu, 30 Nov 2023 03:29:52 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OF1xBQLDlOUqxtWSPq5OfrxRNo%2FzN%2F5EuFU3kQ7d5QLavXlzey1S%2FXXYa82Zh1g7VrmE4afiu4T3tdMYs9A9VbMiFGVmTucghgDfV0IEhXURcxY7GLkNOvEGeM3jC2FESkkmu2o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 080C 2 KB
1 KB 18ms
17ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1638473
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 837c42093a702c55-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: Thu, 30 Nov 2023 03:29:52 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4hQkoIgD%2FkWaiTPFA0v7jank9x99ZSLfqpBoTl%2F%2F0LSx2SIwvcQ3LltYYJ%2BHUhffjKhC5wexV7cPRA%2FgpX5zRYDUZXMug2i8n85BfXVN6reQfMRTshoS3AOc68VfxhSjezjmkU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 60C8 2 KB
1 KB 19ms
18ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1638473
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 837c42093a712c55-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: Thu, 30 Nov 2023 03:29:52 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EquWuoin7msH4oYRRxe9gOzh6ef3IgY587JOh7MWYiaLNcph9eYkGSwFlM46YhUzk1Rz1GVIgNCyfmbUO9KHtHHanVGzrasJbjOGMTC%2BN2uJByWcC9Gpk4XL2miwSYZ%2Fy9AfYks%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 96F1 2 KB
1 KB 20ms
20ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1638473
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 837c42093a722c55-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: Thu, 30 Nov 2023 03:29:52 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOhrjP8ENuW%2Fr4Q%2Bb1yem4mInB8tjfuoJ%2FyXKcXxVfWiS0YHmTAZNgLQbv6U4h5TGsLEQ8wNgITBYw0HiLNHI8YvU5%2BJ1EBQrVKSQVJonOL1acqdfy4EoSIx0hnfzNxCpPG4Zyc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 62CA 2 KB
2 KB 29ms
29ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3df1241c1a031617bc77ccfff53eb36866a34d807445d3092b6200db041843a3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWmzRVV6O5Lpj0jyIaPkUrcrBgXcf%2BSMLOz5ADaf3BGIzW56XUVj34aP9z4X6Guwyh7vzi1uBi17IPGVE8kZNdD3kiL2SLGHT1DquhCGkgYUXh97%2BYHJjxErYdGC6w39XVhqVzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 837c4209b9689164-FRA
x-backend-server: aa-reachservice-group-europe-west1-5n3w
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 41ms
31ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 837c420989579164-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Dec 2023 02:36:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ayk1LommlU0qk458nlIRkqmI2EI3utaEThdYW8nQ1XiC8UFam2s%2F44pyVHRXSuafKFhmIifVFwcNjJkS%2B3jVcIqx6xb31xQ8%2BEf2iGbCk0KtujOaB4la00kD1KktRRpYxnVHWgY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-593w

POST
H3 200 rs Show response
ad4m.at/ Frame 6F7E 1 KB
2 KB 30ms
30ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76bef427ff208f0c217ba6c91c4a3aa67389d7afee36c358fafed7b7026232d8

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6N2CcMg4LJWpo7m5aQ4%2BY%2F4DW8KEf%2FzD6FxsFMQbLImBgQpQHh8cFF2OZCUo9ellc9kM147pgOhXwG0MT4RHHty3THGFIU1%2BnKA1XqGZYZ9tJhvR%2FH6Uzz4pa9hmj44rk5UzAVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 837c4209b9649164-FRA
x-backend-server: aa-reachservice-group-europe-west1-593w
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 37ms
28ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 837c420989589164-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Dec 2023 02:36:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTK9B%2FzNC%2FOCsav6H3kfVdxxCatOJl3yg8dfRxPCUJL6oSo9YLurTaCbw0Og7jw0CctbV9StyPJ%2BQUlPB%2Bxg0ZdOKN81djL7obsGgrWDLb0FmL9IN7U1V6jDPyssliX9QOA4ZvQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-593w

POST
H3 200 rs Show response
ad4m.at/ Frame 9E64 1 KB
2 KB 33ms
32ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79fad6641a6713cdb48b32b7c2db073b3cc7eebb83465b63ebc6016c9b4b28ac

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vV4qRdHFuQV%2FvpCYCcDaClcKUI6nw1UGtKKBNh3ps1cpKE0vv3ARl37yj%2B70feT1hC%2Blv61cRDLDuorkMKymUyNMH2Ll3d5GR4fuoG%2FvgUWmZk9%2Bi5%2F4cqSUVRMsj6dtf9ScGgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 837c4209b9669164-FRA
x-backend-server: aa-reachservice-group-europe-west1-593w
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 39ms
31ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 837c420989549164-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Dec 2023 02:36:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGTMtv8d%2F2uhfV489lEoqRZHHsaI20mJJ96uINKJ8PiG1lePFV%2FMXlxnMVqvZOx2VPWPaO5Ym1FqjkKc8%2BN05nG%2FXetZGN%2FspCp%2FC%2FHq64KYt%2FV46fGhvqTIP88T6PaE4WRA4H4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-5n3w

POST
H3 200 rs Show response
ad4m.at/ Frame 4180 2 KB
2 KB 29ms
28ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7c377931182c76fd2003c5cacf04b65a36b68587594316f112c9426585c5fa

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muJnEtyKPUnINh%2BCwdMw4zf6NzxKcsaTi9pRqCHKIXesrYolJGM5IzPF7WoSvvGj3owU1CgVhK%2Fm2z1V9Uft9tBq9fGH6E%2BoxpUsH%2BDcEKi1pocYuM0gtMXuwrT9RAGWHEJV9lQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 837c4209b9639164-FRA
x-backend-server: aa-reachservice-group-europe-west1-593w
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 35ms
27ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 837c420989569164-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Dec 2023 02:36:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0J2fEBADMXLK%2BqbMoIoLRFJn7KH%2B99hTxx8HAhIo3o%2FoDabnPvkH6pVtJgdCi%2Bi4POSVbafRKPdAFhuTgCeFGk9rNSJCMyNHbjME0CNiz4hl%2F4Lvg0X5wIL63gh%2FJTQgeywt%2FA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-593w

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7B70 0
0 52ms
50ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeTS6qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTwAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI98t96rdzSWTIgvfxzIeYufBmlli2zc0zr8xFtjqsZ1WW_jQ72ROuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA4AKA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAbIXHAoaEhRwdWItNTExMTA2OTg5NDMwOTk2NhjQuyE&sigh=UH-gZqCj9K8&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_69B0aTruJTgLhjv1kLExTM55AlQfV1fEXfgNRvav3IxnKZWhVQbRMtGoSimXvtLSvdhRYfoVGAE&cbvp=2&vis=1
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 7B70 0
39 B 19ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kke61e32bnprwd5sjyb4xsn7tgzx3ve1gddbc84djvazwjne6w4aphbwnpmz4nyjbyqdqv4ewdfhnczxqb1n590rnwqtq5fchwh8fagg9nvf1xeanzr1s5qf66a77fbmhqn59tx7p1jf7wthvv7evm4jw7r2k2fn02pcakhbrvkqgynk087ya4xpw6s36dxpgwyft651r7vxpthh1xyhbyagcb2yhxt0h0ysj5gft7p7859z19yrzk4jqw6cygwxft2159stv5hsdqkak247j4b8cxd1dctf4hpk20thy1dfz4kp3n3y0767pyc26e1jr70gakbpj96ywzczz1bzyvsyydpt55qsqn3fvby05ebbjcacdftc2fme7pbm97w6q6n6qj1efbzcb8&b=ZYEBqQAM34cK4BWDAADT2awa4lzFzpwnvCiA8A&cbvp=2
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E57C 0
0 52ms
51ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CetnfqQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTsAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVrtCUwOlGNrnvKtLKyRaNQDJjUa80p3e1MwGwOm-julMn7TrsIA84AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMDgAoD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcBshccChoSFHB1Yi01MTExMDY5ODk0MzA5OTY2GNC7IQ&sigh=3xJ77IP7Co8&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_69B0aTruJTgLhjv1kLExTM55AlQfV1fEXfgNRvav3IxnKZWhVQbRMtGoSimXvtLSvdhRYfoVGAE&cbvp=2&vis=1
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E57C 0
39 B 19ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j1ned0zadqtw1hr66petzv3a8t81wj4b1g2hhp8ewmyy2y8nczt6ptbx8vh4j5wj3bbqsyb4qyg56pw11gdh04pbfe4fpb0b7q424bfzka71mfzm8wptfzt9pkkye4v07ygqbc8x35b069xkfs6bgxhmtghk4hkwbddv7mtcqd1g5es7q1sjvnbnhmx4qfhypf92cwbdervxjrcankntx35t3f03vwtwkqvma7ftjjyytk7aqfxp0vjzqta48vmdbnbhhz3ewamfmv4rmemdvb3w7b70an1f49db2vryqfs2cxhhh1e7sa792v9hhkxee5j0hhvbyv4dqmrdk924msetambr94p20k1jebyfy2n7e2gcsw34q7b1zvkc56fprd6vw27qhdem58&b=ZYEBqQAM34YK4BWDAADT2f50mX2ZuCsn6k43Ow&cbvp=2
Requested by: Host: 4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
URL: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 02:36:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1322168891264652&bg=!0tGl0Z7NAAY3kmNgF5I7ADQBe5WfOPMbMz4iUUQIh4N7PgW0_T319aNOyy8nDHxtwNHE-rlc4RBEQ6iZxnyEwjHyYsApAgAAADJSAAAAAmgBB5kC7r0ylGXpl3irUVKOPJ-1RE7Uok3C2EPHLDw4sbb375n-tacPT0TJoRKGZ6mkuqKo9nQDUIsY3r9FYdqCGk1SDCh1Yw1uBLZLS4ofIHCGl4V9j6vio-H8jgRKURKNkpOhibYNMUNhfCY-ASXjddlZ-FQlM_Jx_6P3yhDjnTM6JNBhErXJG0sF_6wfMOqejw5NWhdqBe-XC_MXG12340xxJqR-8gl6OIHrYqGsTAg4SaGntp94xxitRCMAunSgdrah6iPSFdQdSj3P8EAJm_5IVrAVfl6PiOMvXvYjdGJbQ78ho0C62soOBgx_Ge-l8NGBiUfjU52C7DxCrYwe9KQk1a-LVmtGCR_kh2oQk1qCXTajdM4Mz4r_l6hyvBS6_aqvPMoUho_44Xs52jE_XB1XFNE6VPDQfiZl-amFndGnqoEz8XC1aP9gzPwWr3XPYfrrgjaf81qoCdsW6XvL0gOkJ8-Rz9ZNqb2ph9sNhlZfNvhaxruCgTxN3Kr9Qav6rA7o-kOL8I479XZnyn-q_dtC7oiKkyXbSgmxo-P52wsjN8EDD0TZPElkINip6JscWnpBJlnwOMW8xm3vKHQEvC5fDtLT3zCpF5Ih958Fb-34sL4EEwarYBCuJ9YSrEkKBD3Gsmw5yIXurVyPxowz6ybmrlTkRlD_JvbLv0bYwP1wLbX6JR8cT2xBE2NPgBqBNkJdqOc6EL0tmdwu8bkfhseMq_tWvU1FRGgYWNsJwmPqjglX01s9hXsr_EQT7S_E6ji07pgnEnFKsl0wmFpCzDBKNj9hxVrf41cmEqOvtc3WvCQlVZuTRBT2yVzd5TQPQaQJ9iVwGGf2lwkMasz6zHj_MO2YCNH4Ox2cYqxQDQLfZuHarBGLIFqst9alS9DLyPe41UV6wCLvmTPuI5RvyPRfd0hM5egJYC4vWJSYC3ioONUC4ZLLnpLnDNxNTm9Z2ACRBp8osVq91clJF7P3hxhZKTC9hwrPlQVJv_ULAEDAWg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9360 9 KB
4 KB 27ms
27ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e62e921fcdb419bc060b60b850107629031579a56cd6e5097f2565a2ed76ad6f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g6k15ez1f11kvj0c9sbbp1gb8thckcjhwqytf8mnfwqwey0xecneay7b52kbp31s7dmz9j19vfza42sxn2nnv60qzr7v9sbb4gp7q5n66xxzd4qt70hqyz50hctkbkft9frh274ysymdn2hq66eq2wjdb423kk683r8d7brwkw536vg8d7ydcjc81xptb1qjnz65g772apwz1ksmr0p18x68kwj44f6rg8gr0yhgxpxdht6vx8xaahkhsd2yfv5qpcp2q339swa91kb2aknmcjjrmv97c37tcm8w160a0sp0rce3t6jswyqjeyhmgm31gvy09zag10jd2p6m3gnmw3935wg2fg47n7t7d5wqajkvy35akesq3gr829mh59vanhqrdv8my6rkysnafsjhkxv8k300nr8mtvs352h6g821b2v9r6qzckrk7ev250z46dc5kjm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%26num%3D1%26sig%3DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%26client%3Dca-pub-5111069894309966%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837c4209eac12c55-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 11B9 3 KB
3 KB 27ms
27ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=0342cb3e74445ca9da638e41fddb9d33%2F6177627442614147421&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khfj13c25v0z89kgce8050wxahkwfzck3x2qa735fefaj9r52t3yegt0mazp3krfs4qwmkdcazj1tj490d8qy8caaxx8ccjjx4msw2h2qgm1kjejnseexcd8kzt36cp8rwqtg6gyd4gjzb1f94wdwx7y1aptjfb08z62ysvsk75e9yv6cw5t7jnkgy9fxwbypesrfzkbxpy3rd0twbbvh72vdwjrx39jqc1dakzkby1htw96xdyyp264kykzqac6kgens3mbd5xgjsekzmvvqnk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d937fd336e2ddc8ff9dc698c4de49db069d5877f7966119ce86aa985d74d0d7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jajz00a1kjzdbdq7ffetex9mke1z179p2f8mxsbcbm759qfzxrg8yqtqx4fxqxnhwpjec144nyc5b17jg285qg36gk210nxwm5mgp4hvg52kqn1b33zf117sweqxd9nk2pv2z4z5k23edswck7k6v4yz7zpdm214phnfvd2r0xajz84k7btphgh5ahvbj2hw9a83gqs0kbpt4qb1091s5atk69zrm9e19w55s3aga9xwc138qtk9dz4f2d7jf5rzgyvet8mtrn9zmv4axah3py6bn3mn90455yx910zw5cd4b05q4x88sdb7bckvs88vxy0nx18gj8j5nm9gx0m7sywq1zs53x7vn37qepd04fcvq36e1pgx8n1g81651pd9r0ezss14bg60q9r7ex1c3ky2b3vgw5qv7xerw90r6wka40yfsv38td3zn18ykft73x4pcp8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%26client%3Dca-pub-5111069894309966%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837c4209eac52c55-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8CA6 11 KB
5 KB 27ms
27ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

331e525c26eff3ecea3256ab07678ceb93eeca775dd7958fc3b5b0211e4a01ed

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1geen3rb9xdxrxnh6kp0qke7f3atrg7637bwg0mkcyeznc388csayfjcpaknwvbbwj45phqqv4wrfhyfsahk7frs3nerbk963pqwhbkjex4ewvm5qqx34b5ert8hbx5jh3ezze51km9ztedq35cf15dfsxh04fzh5510kwj3mx712dc37j8rc763hg1d4m821pp5tvgrwsjkn4gmh747sn7t6xxhnt7htrf02q0cqmmjc0kjw4red0e80mn24jwneqx8jwrr85yk6188n6e1g087vvhn3xa12nhx21a49q2jmc5f6gbj5dhx94z65dr5n69bvf9nqrz1shh8b046q5y3b26v6x88krhp0xak4zhtq9e9ceg1bee81sdvgchzaqartbh4zbrs7q23ytv3281s9ywfq67td2p11tsgtc4zq7cm855gtjx5gbp2r4sf6nz6n64xaw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%26client%3Dca-pub-5111069894309966%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837c4209eac92c55-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 573B 3 KB
3 KB 34ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=50&e=&g=cf5f2c49225bc88e316a8caf48488c85%2F2074465583183754607&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386529&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr62hs3ph0t6dpg41mvkbkqagt75j73jwh2pbhkqab6ay0ptt50kttfh8xxwd3xjt3877kx63akj2w8r36ez6x5j7h4z94jhn3q9ra7t4g9474w1cm31a1stypdz4t19watfgm1ttad88hykhaqzt2jp3vgd5rp307na72fv09xwd5ekj4k8ey1718gyf4pm9rtesz3dbrt5yje5bkspj59adwrpnzkya2p5nzdbzpe8nvy0854dk4c6dmbbpzgs19jwn4gys3a7ftgskjzjhth%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5887d5cabe1c8ab78d84bcd7769f9c2c70473480e2e31b73dc9cbd3b02c7b1bf

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jnjf8r2s0cbk5w2v8qmn7efc1500vnhbnd28t88c293wy5585q55ptkdc5ah2cab15qeehh9pmag3rxdr6mztz3b6cbjz5zxqdxezmak8gb30g2yymk2cq1d041db2qazd2y9w40knye24xcs0er9yznmx9gx43jdyv035vq55wctt43tdkfnj9cyqqyzm4vb02p9bskbgejwce0t1zdjtaqf30zf18qtcg827km9nztsk32j7xrz519zyw5p37hngtv26v43zbwbrxt80e12n66vr6zr5fp8ex82hhdwph1a6gb4sqjn2crh2ve9sj9g2fs373zwnxpvrne39kf26kx5gm8e13xqwecnmge3x80wk3vbtnajrb6dmpwkwh0j3kmk0v3qh8ktkhnrgyyhw40rersa008ysx7bt02cesdrzfwhpgw3wegsv4s96wyzg3jhw5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%26client%3Dca-pub-5111069894309966%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837c4209eaca2c55-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9360 115 KB
14 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1723584
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qDfYj7SmDnDIGZlwYi8So2CP%2ByXGwsDIh4aFq8%2BT3GMuVpxk3SFlKGqB1AexZXgikLdbDqShlAyVqI8x9FdnzGnOldqB8VRyXnEn7Xwj1doMSxVyA2hh%2BFzClStgpqDLhdtuFZy4%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837c420a0add2c55-FRA
expires: Wed, 20 Dec 2023 02:36:26 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 9360 9 KB
9 KB 33ms
23ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1718184
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKX5l1gjpCKpJei93IIF34fQjJKrTyLrToq4tRt%2F0pxFRGMeIwqc2cDDBLLhxzTj7qGkTtMZCb21HRnYOEM2soQ7Hn1KC%2FQqbCnbRgCmgQY%2FaC0QZpTRKteto8Ni4W82r%2FJ8bGhecM%2F5UjC6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a384d1f-FRA

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 9360 32 KB
33 KB 30ms
20ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3277663
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33043
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:07:19 GMT
server: cloudflare
etag: "4248eb804269666620fb86952a326d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZ6OpSDtSHxpNIvgy4CG8aQ55jOYNF6S1NnGmOnGz5zzUbM2TYasciqgI6bKaKpqiSnoG3bJ9yrbtS2R4sP9kKR9xYKcke9sMFOvW43gjpSQItjJhwZ0pOOnQNgyqgCgrYOob1G10onchgrX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a1a294d1f-FRA

GET
H2 200 2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame 9360 0
326 B 55ms
16ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 9360 4 KB
5 KB 26ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 379879
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BJZWB51La0GhYed8FkTGQVXjV6fHG6tm%2FXS4b34%2FkCCEld4I7rtek6t4B5rlSqIYuH9S0g0Cmi5dWbRL4ThdrlpiJTUOhJV30GizOfC%2FVIa3Y8caof2N2fFNx7CeAC7YVCgX%2FGhMEAUcLHn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a1a2a4d1f-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 9360 15 KB
16 KB 28ms
19ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3282014
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2Fo0NAuO6kfK%2B29bp6J5xZs6tn6MnT3XFigIeBHZmfsVnF%2FRLh6zdGScb6LFMbDr5STpNBq9CqrOSrbHnavLYXVTqfLYqnpvcBPyJegdUO1knx6CrC14A0moU3JL7FFW0%2BhNnjdjh3QSKPFi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a2c4d1f-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9360 43 B
704 B 86ms
51ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 02:36:26 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 9360 2 KB
2 KB 36ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 374224
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WnZ4tLAKGTdStqizNMaWMMgqMpgHTMLVWq9HZBlCvBn5iTBoCv62QkaZZNzQbXnTsvmg6IXdGLQUucsMqRuhiB68X9o2F0ecsUKw1Y7VKMDaUaB890qXEbymm2ujlZ%2BAVigNg%2BU8NcNcEa4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a374d1f-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 9360 23 KB
23 KB 37ms
28ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=eafaee405d9e147405520b4a1409b27a%2F16313501233285430047&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386526&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k61n5yf99fq2afvy5ha72hc7v73tgv3756s04axkma1cpva2kk9b5t8qzbtsfwzaq5g8whs042rnnqf92mqfhc7wdw1g88nqa827p6tnma2q1yps7ka0yy66vcwm113yx9d5kwwda280bdhdnn8jd4zmhh4073yy31x5jpmywd984n4xxpghy90ar8agg9ay9bndcetmkav1gj0610hrezy2hj88y4nvd1enf3hmm847qp4rj7hah8ee8yrk0q10n62p7vtd0nqzbyc68b6njbn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7lE6qQGBZYa_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTvAU_QS2FW1ntoydhXCzrNe47tyP4pTgSiFHdcU2vB7cLEG8FXRy9uR5HP8ARAsFJECDDJX5QMhY3nCOHNvgH4AL69fVcQLc6KlqeX7JmyJL_w_nqaSgXyymFr1NXABQs7v1S-XpR7XH4CYIaeBw--AW9C_vMrJsBhU2Hp1Uewls_4phkNR-h6ZxcLIzwACLNpRUDtA7WSD0On7ebZXVlkeN1epkusR1D7uydhnZPytcb5n_Volzb8--I-QC_w48lQ0y8B67aQVvlAcpFy4V2ndCwDvf4Tp_LwmUwR2LPGCUzEiXtGGvdgh2E3L8D074MT4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKX_hd27moMD-gsCCAGADAHiDRMI77eG3buagwMVgxXgCh3Z0wBd0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3yPnlpxaYEPEyqguVYiqCkV7bRsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1712629
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Blsl8PeKuSDxUeUTLcFF0QZJEg8CpVc1lxnjSdLOTsvnA2%2Foqxalyn7rVfl7dr%2BmBOixBGudqQoy0T98Lb5OzKuj5aIz4rEJ5%2BwgqyKnt23llitcWf%2FtVkosKQGoa2xJB44jY%2Fb3xgRvI5u"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a3b4d1f-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9360 43 B
704 B 80ms
46ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 02:36:26 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 11B9 115 KB
14 KB 17ms
17ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=0342cb3e74445ca9da638e41fddb9d33%2F6177627442614147421&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khfj13c25v0z89kgce8050wxahkwfzck3x2qa735fefaj9r52t3yegt0mazp3krfs4qwmkdcazj1tj490d8qy8caaxx8ccjjx4msw2h2qgm1kjejnseexcd8kzt36cp8rwqtg6gyd4gjzb1f94wdwx7y1aptjfb08z62ysvsk75e9yv6cw5t7jnkgy9fxwbypesrfzkbxpy3rd0twbbvh72vdwjrx39jqc1dakzkby1htw96xdyyp264kykzqac6kgens3mbd5xgjsekzmvvqnk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=0342cb3e74445ca9da638e41fddb9d33%2F6177627442614147421&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khfj13c25v0z89kgce8050wxahkwfzck3x2qa735fefaj9r52t3yegt0mazp3krfs4qwmkdcazj1tj490d8qy8caaxx8ccjjx4msw2h2qgm1kjejnseexcd8kzt36cp8rwqtg6gyd4gjzb1f94wdwx7y1aptjfb08z62ysvsk75e9yv6cw5t7jnkgy9fxwbypesrfzkbxpy3rd0twbbvh72vdwjrx39jqc1dakzkby1htw96xdyyp264kykzqac6kgens3mbd5xgjsekzmvvqnk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1723584
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPJq51IWVi%2F8UoSBSJMGRM4b5kNdjDOLOpmbxCAIDYLDCJ4Oy%2BgB8n1aJMvKvyNq7sO%2FuTkjGeugun%2FJwBEKdXpjWfrURTfiD%2BPForCj0jl2rijRgkNvmeI0PYeqQd1V2gEFz%2FacwYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837c420a1ade2c55-FRA
expires: Wed, 20 Dec 2023 02:36:26 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 11B9 9 KB
9 KB 27ms
19ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=0342cb3e74445ca9da638e41fddb9d33%2F6177627442614147421&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khfj13c25v0z89kgce8050wxahkwfzck3x2qa735fefaj9r52t3yegt0mazp3krfs4qwmkdcazj1tj490d8qy8caaxx8ccjjx4msw2h2qgm1kjejnseexcd8kzt36cp8rwqtg6gyd4gjzb1f94wdwx7y1aptjfb08z62ysvsk75e9yv6cw5t7jnkgy9fxwbypesrfzkbxpy3rd0twbbvh72vdwjrx39jqc1dakzkby1htw96xdyyp264kykzqac6kgens3mbd5xgjsekzmvvqnk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1718184
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnfh08B3Stkp8HetXrCtG9Yqf%2FK1PqkY%2Bd5bJIOQA5vHU0E3evNPBcPOEw28ZVOrYjeFoL%2FlbC9jA9eAYz08KKY%2FdZbT1ZGwc0hmMipRl5qTBlh57ocTTzU8Ny2BSbwCwle1Kg0WXv%2BKZda%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a2f4d1f-FRA

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 11B9 32 KB
33 KB 27ms
20ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=0342cb3e74445ca9da638e41fddb9d33%2F6177627442614147421&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khfj13c25v0z89kgce8050wxahkwfzck3x2qa735fefaj9r52t3yegt0mazp3krfs4qwmkdcazj1tj490d8qy8caaxx8ccjjx4msw2h2qgm1kjejnseexcd8kzt36cp8rwqtg6gyd4gjzb1f94wdwx7y1aptjfb08z62ysvsk75e9yv6cw5t7jnkgy9fxwbypesrfzkbxpy3rd0twbbvh72vdwjrx39jqc1dakzkby1htw96xdyyp264kykzqac6kgens3mbd5xgjsekzmvvqnk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3277663
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33043
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:07:19 GMT
server: cloudflare
etag: "4248eb804269666620fb86952a326d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWrTogzjGWlT4cNU2gkgpPiEpPgCKOXoNQcVukh5ivo3Hi7cYURS79qgBw4GlVRDk4spylzdRumXgFImOVkQ3WVv%2FOXYzOByj08Bbwsr9CTmnwjqV4oTHiXjY4qoiSjWAz1WF3YZpYZvhmZb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a314d1f-FRA

GET
H2 200 2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame 11B9 0
326 B 53ms
16ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=0342cb3e74445ca9da638e41fddb9d33%2F6177627442614147421&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khfj13c25v0z89kgce8050wxahkwfzck3x2qa735fefaj9r52t3yegt0mazp3krfs4qwmkdcazj1tj490d8qy8caaxx8ccjjx4msw2h2qgm1kjejnseexcd8kzt36cp8rwqtg6gyd4gjzb1f94wdwx7y1aptjfb08z62ysvsk75e9yv6cw5t7jnkgy9fxwbypesrfzkbxpy3rd0twbbvh72vdwjrx39jqc1dakzkby1htw96xdyyp264kykzqac6kgens3mbd5xgjsekzmvvqnk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-mnxqQGBZYm_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_QrrQkrcHfe4khmDQrdP89lzV6Cd145GZ4qHaCxAypCfQIrQ1Q8RL6nNVrjD4sRcnaS4TnmD2a1GdzcgM4boYaY1iv8GdYZmpVBsvKPLBXtHwiPN5o3fe5VMkr4ob24cRuhZZpWWo41w_cxkyiZDu1s0aky1f9v_5sx7wL9YqMuaC0UpIvyo8FfRZL9DFbM0gaMBso5DrpcJTHHjw2gJB2jNYIeRcxIKIy5WYcMFsZneVFYr_94i8wGBMo4yE3U9Sjs1KiSPOr3CPKAGjqWNa9fdn87UUsdEJSNmr-wGl9qDlxAeubMhIy1oh3UINBoD9haOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPK3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3qpDhQJdI9eF7a2YQVE1BxMNLHsQ%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 8CA6 115 KB
14 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1723584
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJkiO0yqtyke8qMd3STiq2M6V1Ds4NuVZanBg2ERxg2xqIjqH3hxqTZ2Sl%2FB%2FVUKZS82goyrd2PGR3xk8QLmX6VmP%2Bt7q14imMhTAIk7XYlyqVmDDfZ0PvxYbUFC%2FLZpsWQA05V7bqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837c420a1adf2c55-FRA
expires: Wed, 20 Dec 2023 02:36:26 GMT

GET
H2 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 8CA6 5 KB
5 KB 30ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 370631
cf-polished: origFmt=png, origSize=5231
alt-svc: h3=":443"; ma=86400
content-length: 4680
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:43:53 GMT
server: cloudflare
etag: "f16f7910a6ef14de318e485901cfa4a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTVCh3UxudRlsGnyx5eRg8UGeDewrEICzh%2BoncLg2lsFZmJOvTgDbNBbGoKO8DCmT3xQBp4oFyPLjFb65OfKFZ%2FIbsQDnnQw2tJKBE%2FxNJgt1KopcwzbbeH4OnKJ7JMooTXWXrL6aRRpQZYJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a324d1f-FRA

GET
H2 200 FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame 8CA6 29 KB
29 KB 29ms
24ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b170f93a0f60699bb90efeeb218ef113e88a1025522c3a3d2e297f3540d895f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2312134
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 29459
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Nov 2023 08:20:52 GMT
server: cloudflare
etag: "3a2c3db25419881df77e88816547f105"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXU3NVrm1WE1YVs5b4dAuD88HNwjlzOD8CWHHqS6RU58oPR7b44U3QhXb3UHZE23bfUCpUSx%2FGjPMJaHOD%2FCSjTbfq8wja9cwHemyEzszGTH0499AWMSKO8Lg8g52ecESw3iu%2FImd9gOYXN2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a344d1f-FRA

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 8CA6 8 KB
8 KB 29ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466829
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIOKh%2BM7YKje%2FfNzEtDrAy3clsRQquLC3sovmo158C8nxSQiXN%2BifqYkad%2BaxfhldB9YX2m1XOO0fHaQ8agkUmcYedNnZVpp%2FZ5L0btDeY%2Bf1pI%2F1aTXck8u3BKYp1ez035Lm%2B0gb4Rr2RK4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a354d1f-FRA

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 8CA6 20 KB
21 KB 28ms
23ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 374488
cf-polished: qual=85, origFmt=jpeg, origSize=23329
alt-svc: h3=":443"; ma=86400
content-length: 20802
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:54:32 GMT
server: cloudflare
etag: "e320c43993ae8577c544483e96756c59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8hQg0ECh8shTRsGU3oopStbdLTk0EKpnlDlBg3kmJwUJfCJjWpLCOlqcYIEVVe4ixYrdLlEauZmbRG1Wz5UywkISk17i8FcUuYfg6QDYedVvvcE5KxP8A4W4KRs3LC%2FnZQubSiE%2F521Btvn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a364d1f-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 8CA6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKK1tt27moMDFbbtEQgdLIMMkw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023121903362691421156855X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...

49 B
1 KB

59ms
19ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023121903362691421156855X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023121903362691421156855X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 02:36:26 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023121903362691421156855X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023121903362691421156855X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
date: Tue, 19 Dec 2023 02:36:26 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 8CA6 7 KB
7 KB 24ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 375384
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rCBwLAH%2FNMu6Wj1Wun0OWdpGw1qGlRxYNrUPNTUiuis5ZUm7INmDfADqa7aoL8XYEH6TIuT0fmdixmcEo%2B5HTvXZr9xTIlS6TXX9gDLS80Mfj56vTF8AwObmp%2FZSBxZcBpY2V%2FGCcec0ld9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a2e4d1f-FRA

GET
H2 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 8CA6 25 KB
25 KB 32ms
28ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1102329
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MYaEcOpHu9JdMBkg4Y3yxXwExrg5Av6%2B7kHd2FIgw2M0IfF0%2BWnUfboXSUtViQEzOUwgtvogsjj60t0n%2FgELsPUt9B9qHxVnZvWmTjUrf7fqrwJudiRCLs3zBK6j5dRRJlOP85ObXr6K%2Ffg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a394d1f-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 8CA6
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1702953386_684d8010-9e17-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=

0
493 B

41ms
17ms

Image
text/html

2606:4700::6813:afbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1702953386_684d8010-9e17-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6813:afbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 837c420adb337185-FRA
content-length: 0
expires: -1

Redirect headers

Date: Tue, 19 Dec 2023 02:36:26 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1702953386_684d8010-9e17-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 573B 115 KB
14 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=50&e=&g=cf5f2c49225bc88e316a8caf48488c85%2F2074465583183754607&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386529&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr62hs3ph0t6dpg41mvkbkqagt75j73jwh2pbhkqab6ay0ptt50kttfh8xxwd3xjt3877kx63akj2w8r36ez6x5j7h4z94jhn3q9ra7t4g9474w1cm31a1stypdz4t19watfgm1ttad88hykhaqzt2jp3vgd5rp307na72fv09xwd5ekj4k8ey1718gyf4pm9rtesz3dbrt5yje5bkspj59adwrpnzkya2p5nzdbzpe8nvy0854dk4c6dmbbpzgs19jwn4gys3a7ftgskjzjhth%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=50&e=&g=cf5f2c49225bc88e316a8caf48488c85%2F2074465583183754607&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386529&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr62hs3ph0t6dpg41mvkbkqagt75j73jwh2pbhkqab6ay0ptt50kttfh8xxwd3xjt3877kx63akj2w8r36ez6x5j7h4z94jhn3q9ra7t4g9474w1cm31a1stypdz4t19watfgm1ttad88hykhaqzt2jp3vgd5rp307na72fv09xwd5ekj4k8ey1718gyf4pm9rtesz3dbrt5yje5bkspj59adwrpnzkya2p5nzdbzpe8nvy0854dk4c6dmbbpzgs19jwn4gys3a7ftgskjzjhth%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1723584
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bkq1WBgMtWePAGkhkkq8pYC%2FFLVyEd1lm6R9uAuAMiHhg3vKwmgukKaTCFJjlnQAHn2LfOuzUM3Yhyzg1kAI6SMh5KDXRlentLL2lt7d2WbRiBy1vbgcMC7HnJ4nLrZKj2L8TUQEIOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837c420a2ae42c55-FRA
expires: Wed, 20 Dec 2023 02:36:26 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 573B 9 KB
9 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=50&e=&g=cf5f2c49225bc88e316a8caf48488c85%2F2074465583183754607&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386529&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr62hs3ph0t6dpg41mvkbkqagt75j73jwh2pbhkqab6ay0ptt50kttfh8xxwd3xjt3877kx63akj2w8r36ez6x5j7h4z94jhn3q9ra7t4g9474w1cm31a1stypdz4t19watfgm1ttad88hykhaqzt2jp3vgd5rp307na72fv09xwd5ekj4k8ey1718gyf4pm9rtesz3dbrt5yje5bkspj59adwrpnzkya2p5nzdbzpe8nvy0854dk4c6dmbbpzgs19jwn4gys3a7ftgskjzjhth%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1718184
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIV8HAgo94h19LkWSPYUmVGfPrcIS2eM6ClenW%2BNRB6OdH4wKJIFJVIAOk7kDlJK%2FQLKsePYeNkXVR29UR9PJeT%2FpKrlaaPtxJjrzlSMY4wmZkT2z9hZ9wPPD1DnEeoi9Q4iJSTsiXI9LIpo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a3c4d1f-FRA

GET
H2 200 60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame 573B 28 KB
29 KB 25ms
25ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=50&e=&g=cf5f2c49225bc88e316a8caf48488c85%2F2074465583183754607&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386529&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr62hs3ph0t6dpg41mvkbkqagt75j73jwh2pbhkqab6ay0ptt50kttfh8xxwd3xjt3877kx63akj2w8r36ez6x5j7h4z94jhn3q9ra7t4g9474w1cm31a1stypdz4t19watfgm1ttad88hykhaqzt2jp3vgd5rp307na72fv09xwd5ekj4k8ey1718gyf4pm9rtesz3dbrt5yje5bkspj59adwrpnzkya2p5nzdbzpe8nvy0854dk4c6dmbbpzgs19jwn4gys3a7ftgskjzjhth%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3436188
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28958
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:06:38 GMT
server: cloudflare
etag: "346e75cff96234b45fe664b527c7c88d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fjYE6hXfN5%2Baxyey9EA0Mk%2FRMwNvmR5881pYOkww5Ec%2BCKfnHlCLcCy77DS3V7A2%2Fk1LfHWJ%2BICQNfGaDSPm8z0J%2BiybYGrjhyq16OudUw9MCvivKKU3D2r%2B4zm9R%2FhRybivAVDUkf7ZMiW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837c420a2a3d4d1f-FRA

GET
H2 200 2aed39855b5f46b7d90f959867be60f8
pv.medialead.de/trck/epv/ Frame 573B 0
327 B 41ms
15ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=50&e=&g=cf5f2c49225bc88e316a8caf48488c85%2F2074465583183754607&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386529&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr62hs3ph0t6dpg41mvkbkqagt75j73jwh2pbhkqab6ay0ptt50kttfh8xxwd3xjt3877kx63akj2w8r36ez6x5j7h4z94jhn3q9ra7t4g9474w1cm31a1stypdz4t19watfgm1ttad88hykhaqzt2jp3vgd5rp307na72fv09xwd5ekj4k8ey1718gyf4pm9rtesz3dbrt5yje5bkspj59adwrpnzkya2p5nzdbzpe8nvy0854dk4c6dmbbpzgs19jwn4gys3a7ftgskjzjhth%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwz0HqQGBZYi_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q6V1P7lSn11r8ryEa4WoVskW_3golN3FZjcYMBnfslGUZGiNeyidClQrgF4OEEeW9SI2uFUtUW5b_MVnLBYxG42l_mBo_57s6qJAhaXboM8VrzKHS-nSprzCLtHEtGjgxD4YpXQTT_5N-zFt167_1nDAbuuzP2qRvDnw0NdmHxH4SeSur8XmWndgOjVUXnvF3ZbFmlHcx4e46EvGFkYhbtFHSKPRYqeJLnEVIVeu9di7QqGcptShcxBunNmKKut8p5kebGh7jsV3uiuq-y7dIK8ojnJoDdgP2SqDghqcevobmuGA5yKq8-GhJWKDDXTWMn-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPG3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2idGW-6DEIqPe1sA2pIZiQ3esAPw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720104426","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8CA6 2 KB
2 KB 129ms
66ms Script
text/html 18.132.158.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hvtmxexn34ryqsfpjk3pna262wn5xznwmg674t3strb07phf4xa1b73hdp5ftsgcv3tmmde60vffy2yznxaw7g1esct82qqycb6w71ns2ykjhhxqwgsy9hmjrpm0zhgya082mbe54qmywc1n5q4tpybqaaaprwbjr3mmb6y8b97azdjr20k7bt5kct07zjga49a0e9cvak6saesjsgqyjs8xgtzz6153wx1vh7r98af1g3sgm0cww8b2ft7ktvh4gd0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%252526client%25253Dca-pub-5111069894309966%252526adurl%25253D&clickref=oneidWPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.158.37 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-158-37.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: c2ce2b7620b4c32791ebd2f84362f8430e1fd355efad3d17da0bbda9e47d9fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
last-modified: Tue, 19 Dec 2023 02:36:26 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 19 Dec 2023 02:37:26 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame 48C4 44 B
891 B 96ms
44ms Document
image/gif 46.4.101.115
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.101.115 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.115.101.4.46.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Tue, 19 Dec 2023 02:36:26 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

POST
H2 200 collect Show response
stats.ptengine.jp/ 0
265 B 511ms
466ms XHR
text/plain 169.197.104.68
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.ptengine.jp/collect?traceId=3264829d7c926497673097079d518450&deviceId=a0b7b010-b66b-4caa-bd74-035f37171206
Requested by: Host: www.dafiti.com.co
URL: https://www.dafiti.com.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.197.104.68 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS: comms.expectation.cc
Software: ZenZGA/1.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 02:36:26 GMT
server: ZenZGA/1.12
access-control-allow-headers: *,XFILENAME,XFILECATEGORY,XFILESIZE,content-type,origin,strict-transport-security,x-requested-with,DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control
content-length: 0
access-control-allow-methods: GET,POST,OPTIONS

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 292E 14 KB
6 KB 528ms
96ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.dafiti.com.co&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dafiti.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 02:36:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 372840
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
BLOB 200
OK 470f24eb-dcb9-470b-b165-48b58271ae7e
https://www.dafiti.com.co/ 193 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.dafiti.com.co/470f24eb-dcb9-470b-b165-48b58271ae7e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cf0618b9606b0afef9d5ccd987c84d048e9d0f416c28d8ad0920c44743d0585

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 193
Content-Type: application/javascript

POST
H2 200 collect
stats.ptengine.jp/ 0
265 B 284ms
249ms Ping
text/plain 169.197.104.68
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.ptengine.jp/collect?traceId=398193db600275d76fee3ffa788ab376&deviceId=a0b7b010-b66b-4caa-bd74-035f37171206
Requested by: Host: cjs.ptengine.com
URL: https://cjs.ptengine.com/4112a7e5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.197.104.68 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS: comms.expectation.cc
Software: ZenZGA/1.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 02:36:26 GMT
server: ZenZGA/1.12
access-control-allow-headers: *,XFILENAME,XFILECATEGORY,XFILESIZE,content-type,origin,strict-transport-security,x-requested-with,DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control
content-length: 0
access-control-allow-methods: GET,POST,OPTIONS

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8CA6 53 KB
19 KB 56ms
10ms Script
application/javascript 108.157.4.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hvtmxexn34ryqsfpjk3pna262wn5xznwmg674t3strb07phf4xa1b73hdp5ftsgcv3tmmde60vffy2yznxaw7g1esct82qqycb6w71ns2ykjhhxqwgsy9hmjrpm0zhgya082mbe54qmywc1n5q4tpybqaaaprwbjr3mmb6y8b97azdjr20k7bt5kct07zjga49a0e9cvak6saesjsgqyjs8xgtzz6153wx1vh7r98af1g3sgm0cww8b2ft7ktvh4gd0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%252526client%25253Dca-pub-5111069894309966%252526adurl%25253D&clickref=oneidWPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-75.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:58:52 GMT
content-encoding: gzip
via: 1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
last-modified: Sat, 09 Dec 2023 12:01:22 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 2254
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: P6h-9n9d8oUv6v2_BGcaOOlWKYd8w0UI5Qo6DBOrswhW-46rD5pyAQ==

GET
H2 200 1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png
cdn.track.production.webgains.team/287405/ Frame 8CA6 5 KB
5 KB 37ms
8ms Image
image/png 18.154.63.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png?Expires=1702953686&Signature=CiUJj12-CAbfPeoTdJKcjByHHlhmR0f-4IfNePOft-NXB~ALRXtT7UgiSO3kYTaq-uRrAJ-OFS27lntyLvE5dFykYLLQRm85pUOHvE~c28XHbgF~H1YlDEzRI8e2KqJg5FwEjeM0dCvwZV~U-0MQ4eKPW7HbgIpo56-5ccnm1cinO0LMrrIPdkZ6so~UN-vmnhcuIf70b4Ej4O741p-aQTIi4PhcM8yxLaMyUnLPCFyUizm9vD~7Ei26gFWrTGowVsJStYIXH-CsCQeQNw9hTQt13fGLo7UERDbvTDazawaFTA8teivvtAU3HAzxNdnAMQgM2T3V9KITkYA66ZkzWQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=8152ecd501f1da77931813427a0b6b10%2F9563419974217691073&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702953386528&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k98z733fxt6makc1ncdcw0tjm317kvrdmycwpmgj695w14cpdy0g4tdn6yavhex58x2c72ghxe8sh29j73ct17nynhva360d8g3j4fh6encz0zx8v7t6jjvyt8b7047yc32m82y9nq4h04ecmgxnfcf9tpyexfj01c8p8r4dp3ghx299dv2fckpb1g5jreywkqm5m2ft3nrvvtwx3fd3xz80hwe0w1g0fzj6p0wctyd5z99mx16pevp64j3hc02pfcmt2z4jzhvtbeyt3fga5dq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiKu9qQGBZYe_M4OrgAfZp4PoBZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMTEwNjk4OTQzMDk5NjbIAQmpApO9qMyYUbI-4AIAqAMByAMCqgTzAU_Q-BOozU7-F6faDZsIg7Or5vaj5c_uk-4T3O_70zdvaRJDYKi5FVkkcOq4Z2o2uCja13O7moW6q6YZdNj2bc0a0H0Y5bnYbKH3NeVGNz7qwccAUdNNST4RTh3_e1OuJToz9c3y8B3AYd-mKWEa22oiAB6BHg-OTGV74CLuaYIhHP9JNZSse53TTrh1V5UrZhOr1_1ShjQMbGNE__VdC3RloQ-uTzt9XKeBoUtkIN0U3VNCKh7UxgvGLBOr2agdagD9ham5T-mJnI8-tf85oM0RDECoN4oSMBltP31vJmbyy-d8BhLxUlJrdXc2nyLR8luTk-AEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlil_4Xdu5qDA_oLAggBgAwB4g0TCPC3ht27moMDFYMV4Aod2dMAXdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rPav7OEdTi-AiR7bM-j9IwFWtbw%2526client%253Dca-pub-5111069894309966%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-57.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 18 Dec 2023 06:32:25 GMT
via: 1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 72242
etag: "252bcf3942798a64e6a899b7c6e034d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 5216
x-amz-cf-id: iP9BjvHjuz-VtjIs_TNuEaqrEhPoO7kKEZDck5HxM20p4LHuTRAxjA==

POST
H2 200 /
eum-orange-saas.instana.io/ 0
130 B 133ms
111ms Ping
text/plain 34.120.4.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-orange-saas.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.4.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 02:36:27 GMT
cache-control: no-cache, no-store
via: 1.1 google
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 292E 433 B
556 B 91ms
91ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=onetag&domain=dafiti.com.co&sn=ChromeSyncframe&so=0&topUrl=www.dafiti.com.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.dafiti.com.co&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7b276020f0190cfd314a51906405be4b7fe6517a8d084541f9d4e4559147375b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?topUrl=www.dafiti.com.co&origin=onetag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1174428
expires: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=5844&v=5.20.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd&p1=e%3Dvh%26si%3D0&p2=e%3Ddis&adce=1&bundle=Hz3dbl9hNlI1dVMwMEI1UUhnWHlscldWcDhwd1NlVVBPJTJCbzJoM2Ftbk1kU2JxSjV...
https://widget.us.criteo.com/event?a=5844&v=5.20.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd&p1=e%3Dvh%26si%3D0&p2=e%3Ddis&adce=1&bundle=Hz3dbl9hNlI1dVMwMEI1UUhnWHlscldWcDhwd1NlVVBPJTJCbzJoM2Ftbk1kU2JxSjV...

10 KB
5 KB

297ms
101ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=5844&v=5.20.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd&p1=e%3Dvh%26si%3D0&p2=e%3Ddis&adce=1&bundle=Hz3dbl9hNlI1dVMwMEI1UUhnWHlscldWcDhwd1NlVVBPJTJCbzJoM2Ftbk1kU2JxSjVRYnNHaG5DeUtTWktHVlVwY2Q2MHUlMkIxZTVsOWpsbnVMM202U2l4ZndhQmhxUGJXWDBmSkVRd09mNFpqeVVJQXRzNExmcXZwJTJCQW5BRSUyRktVVWc2TnJ3UVpqYzZtTDNMMDc5amwlMkZDJTJCc3huU0ElM0QlM0Q&tld=dafiti.com.co&fu=https%253A%252F%252Fwww.dafiti.com.co%252F&ceid=400d1725-3657-47d6-8870-7dd5c7506cd6&dtycbr=16742

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

646e098a1643dbfc5a5ba4fb05ded0fa27083036a30c3b382071c4832dfbab1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafiti.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9308463
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=5844&v=5.20.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd&p1=e%3Dvh%26si%3D0&p2=e%3Ddis&adce=1&bundle=Hz3dbl9hNlI1dVMwMEI1UUhnWHlscldWcDhwd1NlVVBPJTJCbzJoM2Ftbk1kU2JxSjVRYnNHaG5DeUtTWktHVlVwY2Q2MHUlMkIxZTVsOWpsbnVMM202U2l4ZndhQmhxUGJXWDBmSkVRd09mNFpqeVVJQXRzNExmcXZwJTJCQW5BRSUyRktVVWc2TnJ3UVpqYzZtTDNMMDc5amwlMkZDJTJCc3huU0ElM0QlM0Q&tld=dafiti.com.co&fu=https%253A%252F%252Fwww.dafiti.com.co%252F&ceid=400d1725-3657-47d6-8870-7dd5c7506cd6&dtycbr=16742
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 24994387
timing-allow-origin: *
content-length: 0
expires: 0

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 78ms
20ms Preflight 3.9.60.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.60.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-60-26.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 19 Dec 2023 02:36:27 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8CA6 16 B
209 B 75ms
75ms Fetch
application/json 3.9.60.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.60.26 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-60-26.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 02:36:27 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DC9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-WOamGdAkHa-ESNzkgfw0sByfEElGtgDIXuZKsQ&google_cm&google_hm=ay1XT2FtR2RBa0hhLUVTTnprZ2Z3MHNCeWZFRWxHdGdES...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-WOamGdAkHa-ESNzkgfw0sByfEElGtgDIXuZKsQ&google_gid=CAESEAKYTdO1f0VksByHl4Jnl7o&google_cver=1&google_ula=913071,0

43 B
369 B

13ms
12ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-WOamGdAkHa-ESNzkgfw0sByfEElGtgDIXuZKsQ&google_gid=CAESEAKYTdO1f0VksByHl4Jnl7o&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 687780
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-WOamGdAkHa-ESNzkgfw0sByfEElGtgDIXuZKsQ&google_gid=CAESEAKYTdO1f0VksByHl4Jnl7o&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame DC9D 43 B
145 B 11ms
6ms Image
image/gif 3.69.190.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-HFwvKtAkHa-ESNzkgfw0sByfEEnAkml5PMkxsQ&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.190.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DC9D
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7090709566399147067

43 B
370 B

14ms
13ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7090709566399147067

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1213868
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
an-x-request-uuid: fc62d4c2-139a-4f21-a322-795012ac6502
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7090709566399147067
x-proxy-origin: 138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame DC9D 57 B
790 B 73ms
38ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-4_x4W9AkHa-ESNzkgfw0sByfEEm2LuQkMgZPNw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 02:36:27 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Tue, 19 Dec 2023 02:36:27 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame DC9D 0
239 B 12ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-OaCkMtAkHa-ESNzkgfw0sByfEElKb_v-Sn3XKA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 9db1556130a9e92b896eecae836f6a70
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame DC9D 43 B
163 B 51ms
15ms Image
image/gif 164.132.25.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-fCrHotAkHa-ESNzkgfw0sByfEEkjHRvOdGz5bw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 164.132.25.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ip185.ip-164-132-25.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:26 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DC9D 0
99 B 45ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-m7ypg9AkHa-ESNzkgfw0sByfEEmkX5PHDMW-uA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11968

GET
H2 200 um
criteo-sync.teads.tv/ Frame DC9D 23 B
163 B 40ms
32ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-3DQ5jdAkHa-ESNzkgfw0sByfEEnogk1hiOx2hQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 19 Dec 2023 02:36:27 GMT
pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame DC9D 37 B
140 B 27ms
7ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-xInFBdAkHa-ESNzkgfw0sByfEElS9yuj3lm31g&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame DC9D 0
125 B 33ms
10ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-HOuwWNAkHa-ESNzkgfw0sByfEEkv4u-fl8kE4g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame DC9D 43 B
164 B 66ms
19ms Image
image/gif 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-fC6ukdAkHa-ESNzkgfw0sByfEEn8IDHzzlF9Kw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:27 GMT
last-modified: Thu, 11 May 2023 07:59:59 GMT
server: nginx
accept-ranges: bytes
etag: "645ca07f-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame DC9D 49 B
385 B 109ms
35ms Image
image/gif 63.33.18.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Vb8cG9AkHa-ESNzkgfw0sByfEElPCPUVdqC2aw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.18.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-18-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 2
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame DC9D
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1FkVsdAkHa-ESNzkgfw0sByfEEl9kqBsiT-mlA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1FkVsdAkHa-ESNzkgfw0sByfEEl9kqBsiT-mlA&C=1

43 B
326 B

19ms
19ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1FkVsdAkHa-ESNzkgfw0sByfEEl9kqBsiT-mlA&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0aCABGMnGKxD6hxg6KYbcBN4wE1baRymcZEJXICbdraVfoKuPbCd3QBIjx3%2FaQg3h2J7ydp3l4rnPyz01S1Ex5F4C7MY%2FC965guTVZ2%2B8QuBlwx%2BClCzeaxOhYY6f3d5G91"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 837c4211ea842c36-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FXJeFnr2r65Ue92hSYCkgrmfiK%2BiDMo8PhxpMO2RDzzR4VxDw4Ci8MdP93%2FmkQFfP8kTj%2BMihUt9wNGkyyIHkmgw%2B7GosZXQ52lHvB9R%2BjLRuI3N63FuuYghA%2F9hmbdhxuB"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-1FkVsdAkHa-ESNzkgfw0sByfEEl9kqBsiT-mlA&C=1
cache-control: no-cache
cf-ray: 837c4211ba732c36-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame DC9D
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=YzgCD4AmEoZxehd92dM8IYdxP0-_GGEP
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YzgCD4AmEoZxehd92dM8IYdxP0-_GGEP

42 B
717 B

31ms
31ms

Image
image/gif

54.75.61.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YzgCD4AmEoZxehd92dM8IYdxP0-_GGEP

Protocol

Server

54.75.61.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-61-252.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-09a33b2f9.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 2VBqhNhiQP8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-0a8bf9e4f.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: OkTBnejhROw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YzgCD4AmEoZxehd92dM8IYdxP0-_GGEP
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame DC9D 43 B
921 B 29ms
9ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-CuqDNNAkHa-ESNzkgfw0sByfEEmWDPfoiupz9w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 19 Dec 2023 02:36:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame DC9D 43 B
199 B 102ms
33ms Image
image/gif 52.18.145.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YBpjpNAkHa-ESNzkgfw0sByfEEnMN4owiU5CJQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.18.145.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-145-191.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 02:36:27 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame DC9D 42 B
265 B 40ms
16ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k--nEH2dAkHa-ESNzkgfw0sByfEEkvX9yYDO9JQw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:27 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame DC9D 0
884 B 328ms
117ms Image
text/html 35.157.70.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-2C9MsNAkHa-ESNzkgfw0sByfEElrtwgGw3K1_w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.70.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-70-183.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:28 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame DC9D 43 B
422 B 573ms
196ms Image
image/gif 52.25.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-2XYVvdAkHa-ESNzkgfw0sByfEEkHbQrWSIVm_w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.95.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-95-187.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:28 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame DC9D 0
145 B 376ms
84ms Image
text/plain 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-lEA5btAkHa-ESNzkgfw0sByfEEnopCVwjMGp1g&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 02:36:28 GMT
Cache-Control: no-cache
X-TraceId: fb396624b631e6c09a36640b087f11c3
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame DC9D 0
225 B 59ms
18ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-74TQrNAkHa-ESNzkgfw0sByfEEkwtvBWenMgRw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 02:36:27 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame DC9D 0
35 B 28ms
7ms Image
text/plain 52.58.18.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-KPwus9AkHa-ESNzkgfw0sByfEEkSi9Ixm07LRw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.18.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-18-253.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:27 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame DC9D 43 B
400 B 359ms
118ms Image
image/gif 2600:1f18:612b:4264:cd63:6b3d:4f30:16c6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-pDwdXNAkHa-ESNzkgfw0sByfEEnk9l5u9kkvSw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:cd63:6b3d:4f30:16c6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 19 Dec 2023 02:36:28 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame DC9D 43 B
153 B 67ms
26ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-bbLgjtAkHa-ESNzkgfw0sByfEEnyQyJ5zQJT2g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 02:36:27 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame DC9D 0
235 B 37ms
15ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-sqTZbdAkHa-ESNzkgfw0sByfEEnShNPm9jIpww
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 02:36:27 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 18 Dec 2023 02:36:27 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame DC9D 0
38 B 192ms
34ms Image
text/plain 34.250.71.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-9TzcsNAkHa-ESNzkgfw0sByfEEn6pGpaZkXIwQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.71.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-71-117.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:28 GMT
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame DC9D 0
15 B 10ms
10ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-HOuwWNAkHa-ESNzkgfw0sByfEEkv4u-fl8kE4g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:36:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame DC9D 43 B
919 B 13ms
13ms Image
image/gif 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-SmnL-tAkHa-ESNzkgfw0sByfEEkdsTXjjy1lgA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
an-x-request-uuid: 07563ed7-151b-4253-a118-198df47b6db7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 var
async-px.dynamicyield.com/ 0
382 B 104ms
104ms Ping
text/plain 18.173.233.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-48.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dafiti.com.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:27 GMT
via: 1.1 7b1a6e7eb0043d355ab110185f1d0446.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: eSTKFYr3LoqRxDadtt-3K0yTQn4fb22tZfxBwfdb-_3S_tpJelHwVw==
expires: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame DC9D
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=UhPRW0Lz_xNqvZMSzqFZfDiTRq6SaC-_

0
338 B

197ms
32ms

Image
text/plain

54.217.28.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=UhPRW0Lz_xNqvZMSzqFZfDiTRq6SaC-_
Protocol: H2
Server: 54.217.28.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-28-190.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n020-dub-prod.krxd.net
date: Tue, 19 Dec 2023 02:36:28 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1702953388
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=UhPRW0Lz_xNqvZMSzqFZfDiTRq6SaC-_
date: Tue, 19 Dec 2023 02:36:27 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 999146
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame DC9D
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=4BOsQtAvw7kx0nMz5v0a1Fgp39eMNvkw

35 B
268 B

312ms
102ms

Image
image/gif

3.18.227.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=4BOsQtAvw7kx0nMz5v0a1Fgp39eMNvkw
Protocol: H2
Server: 3.18.227.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-227-110.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 02:36:28 GMT
x-bt-requestid: 696fe000-9e17-11ee-a3ee-0000ac170230
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=4BOsQtAvw7kx0nMz5v0a1Fgp39eMNvkw
date: Tue, 19 Dec 2023 02:36:27 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 667984
content-length: 0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

104 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:45:45	Name: userId Value: jG8jAYp5eGRwEwgwJj19LVV0NKDhJhoB
.dafiti.com.co/	1970-01-20 17:45:45	Name: _dy_ses_load_seq Value: 68804%3A1702953384980
.dafiti.com.co/	1969-12-31 23:59:59	Name: _dy_csc_ses Value: t
.dafiti.com.co/	1970-01-20 17:45:45	Name: _dy_c_exps Value:
.dynamicyield.com/	1970-01-21 01:49:35	Name: DYID Value: 6741888884394754473
.dynamicyield.com/	1969-12-31 23:59:59	Name: DYSES Value: 450b0c7384dc50e61f7effb5cdaf9a8d
.dafiti.com.co/	1970-01-20 17:45:45	Name: _dycnst Value: dg
.dafiti.com.co/	1970-01-20 17:45:45	Name: _dyid Value: 6741888884394754473
.dafiti.com.co/	1969-12-31 23:59:59	Name: _dyfs Value: 1702953385370
.dafiti.com.co/	1969-12-31 23:59:59	Name: _dyjsession Value: 450b0c7384dc50e61f7effb5cdaf9a8d
.dafiti.com.co/	1969-12-31 23:59:59	Name: dy_fs_page Value: www.dafiti.com.co
.dafiti.com.co/	1969-12-31 23:59:59	Name: _dy_lu_ses Value: 450b0c7384dc50e61f7effb5cdaf9a8d%3A1702953385370
.dafiti.com.co/	1970-01-20 17:45:45	Name: _dycst Value: dk.w.c.ws.
.dafiti.com.co/	1970-01-20 17:45:45	Name: _dy_geo Value: DE.EU.DE_HE.DE_HE_Frankfurt%20am%20Main
.dafiti.com.co/	1970-01-20 17:45:45	Name: _dy_df_geo Value: Germany..Frankfurt%20am%20Main
.dafiti.com.co/	1970-01-20 17:45:45	Name: _dy_toffset Value: 0
.dafiti.com.co/	1970-01-20 17:08:18	Name: recommendation_ab_test Value: two
.dafiti.com.co/	1970-01-21 01:48:09	Name: _dy_soct Value: 160840.228914.1702953384658537.1266436.1702953385852815.1718477.1702953385
.dafiti.com.co/	1970-01-21 00:06:21	Name: www_dafiti_com_co_referrer Value: www.dafiti.com.co
.dafiti.com.co/	1970-01-20 19:12:09	Name: _gcl_au Value: 1.1.1821598447.1702953386
.dafiti.com.co/	1970-01-21 01:48:09	Name: _dyid_server Value: 6741888884394754473
.dafiti.com.co/	1970-01-20 17:45:45	Name: dft-redirect-home-gender Value: dep=0,fem=0,masc=0
.dafiti.com.co/	1970-01-21 02:38:33	Name: _ga_2MJMQ15YLT Value: GS1.1.1702953385.1.0.1702953385.60.0.0
.onesignal.com/	1970-01-20 17:02:35	Name: __cf_bm Value: 81y.U6nN88W_XAcrRJOsDw8mL8STcU_EQz7NIxRFgvc-1702953385-1-ARSo5edNjiVpFSZ0RJyc50nZ7oI0ARncSyGEJp0WkvQoTdZJIdzny7dL8rWzf6lVa6rKERWIwxGZ7AUKdbKQHjw=
.dafiti.com.co/	1970-01-20 17:03:59	Name: _uetsid Value: 67ada5609e1711eea16f7fecbe2743c0
.dafiti.com.co/	1970-01-21 02:24:09	Name: _uetvid Value: 67ad9d309e1711eebd1579ab8eb05c6f
.dafiti.com.co/	1970-01-21 02:38:33	Name: _ga Value: GA1.3.122775227.1702953386
.dafiti.com.co/	1970-01-20 17:03:59	Name: _gid Value: GA1.3.615907393.1702953386
.dafiti.com.co/	1970-01-20 17:02:33	Name: _dc_gtm_UA-30747187-1 Value: 1
www.dafiti.com.co/	1970-01-21 01:48:12	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22JklvMwZvNZe2oXYL9ppv%22%7D
.dafiti.com.co/	1970-01-20 17:02:33	Name: _gat Value: 1
.tiktok.com/	1970-01-21 02:24:09	Name: _ttp Value: 2Zk5lFzjt6fAl5xzII3JODmBgCW
.bing.com/	1970-01-21 02:24:09	Name: MUID Value: 25C0048877D16EFF2CF31764765A6F11
.dafiti.com.co/	1970-01-21 01:48:09	Name: _hjSessionUser_1793197 Value: eyJpZCI6IjNiY2ExZWViLWE4OTQtNWM0NS1hNjk4LTkwMGQwZGM5N2RhNSIsImNyZWF0ZWQiOjE3MDI5NTMzODU3MjQsImV4aXN0aW5nIjpmYWxzZX0=
.dafiti.com.co/	1970-01-20 17:02:35	Name: _hjFirstSeen Value: 1
.dafiti.com.co/	1970-01-20 17:02:35	Name: _hjIncludedInSessionSample_1793197 Value: 0
.dafiti.com.co/	1970-01-20 17:02:35	Name: _hjSession_1793197 Value: eyJpZCI6ImZiMzY4ZDQzLTYxZmEtNDhhMC1hMzY4LThmMGU2MmE4OTQxYiIsImMiOjE3MDI5NTMzODU3MjQsInMiOjAsInIiOjAsInNiIjoxfQ==
.dafiti.com.co/	1970-01-20 17:02:35	Name: _hjAbsoluteSessionInProgress Value: 1
.dafiti.com.co/	1970-01-20 19:12:09	Name: _fbp Value: fb.2.1702953385750.586025185
.creativecdn.com/	1970-01-21 01:48:09	Name: ts Value: 1702953385
.creativecdn.com/	1970-01-21 01:48:09	Name: u Value: SSFFoafWCrlvZe1IJeYe
.creativecdn.com/	1970-01-21 01:48:09	Name: g Value: SSFFoafWCrlvZe1IJeYe_1702953385803
.creativecdn.com/	1970-01-21 01:48:09	Name: c Value: SSFFoafWCrlvZe1IJeYe_dbHfLLzNJzzUn3Ibqx7K_1702953385803
.dafiti.com.co/	1970-01-21 02:24:09	Name: _tt_enable_cookie Value: 1
.dafiti.com.co/	1970-01-21 02:24:09	Name: _ttp Value: VEgSW3fkIumWbOVqrU0DHYzhqnb
.creativecdn.com/	1970-01-21 01:48:09	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 19:12:09	Name: uuid2 Value: 7090709566399147067
.doubleclick.net/	1970-01-21 02:24:09	Name: IDE Value: AHWqTUn4bWiYQ7fY-4JNNNHqVRjDAaUkcmAmLgyQZ1ZiDjjNXS2YMWru_qjTyfe9yNg
.dafiti.com.co/	1970-01-21 02:24:09	Name: __gads Value: ID=2cc43610d7f49a46:T=1702953385:RT=1702953385:S=ALNI_MZeZmisDHlh8p87Brj0a3Vwc4ypzA
.dafiti.com.co/	1970-01-21 02:24:09	Name: __gpi Value: UID=00000d2189fc6f9a:T=1702953385:RT=1702953385:S=ALNI_MZSn97ro5PCJYfdUGOVhO-Eo0o2xg
.udmserve.net/	1970-01-21 01:48:09	Name: udmts Value: 1702953386.0
.udmserve.net/	1970-01-21 01:48:09	Name: dt Value: 72B50081-60E2-3907-B80C-B200998AF0F6
.udmserve.net/	1970-01-20 19:12:09	Name: rtbh Value: 6KAUwwEtn07C-CcFFgx6dWBLaBiShUZ5l19owxkaN-8
.quantserve.com/	1970-01-20 19:12:09	Name: d Value: EGsBCQHZKoEA
.quantserve.com/	1970-01-21 02:32:47	Name: mc Value: 658101aa-42a5f-6ab2e-fea17
.w55c.net/	1970-01-21 02:34:14	Name: wfivefivec Value: YeqpwpN41RfpY65
.travelaudience.com/	1970-01-21 02:34:14	Name: _tracker Value: %7B%22UUID%22%3A%22EBB6B0E8-53D8-427D-0F86-E68E9EE9A928%22%7D
.blismedia.com/	1970-01-21 01:48:13	Name: b Value: 658101AA34FAF9AEFE53582EBLIS
pixel.rubiconproject.com/	1970-01-20 19:12:09	Name: receive-cookie-deprecation Value: 1
.w55c.net/	1970-01-20 17:45:45	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 17:47:11	Name: C Value: 1
.lijit.com/	1970-01-21 01:48:09	Name: ljt_reader Value: H2EcsGZHIJRQppu2Sky9s3ft
.simpli.fi/	1970-01-21 01:49:35	Name: suid Value: 5F4378E736DE4964AF66542D80C43E1B
.adform.net/	1970-01-20 18:28:57	Name: uid Value: 7121640519452610282
.de17a.com/	1970-01-21 01:40:57	Name: guid Value: 1.6639439813622654543
.turn.com/	1970-01-20 21:21:45	Name: uid Value: 8050484653126099454
.tribalfusion.com/	1970-01-20 19:12:09	Name: ANON_ID Value: ajntuJOleq9PZabpryMqnuCiuDkl2JKTSgi8rEZdU33irsvNJPZdxQ9J9QLnraEbBFZaKJHdi6wYXxSFp8eFBxxLSTIG
.doubleclick.net/	1970-01-20 21:21:45	Name: APC Value: AfxxVi4DBlt696C5oK2yQFa6AQ8BPjjr_8vm97ivhZOHOUVwpsNXaA
.awin1.com/	1970-01-20 17:05:26	Name: awpv20044 Value: 412871\|1702953386\|684b3620-9e17-11ee-86a2-223889379c61
.awin1.com/	1970-01-20 17:05:26	Name: awpv14702 Value: 412871\|1702953386\|684cbcc0-9e17-11ee-9488-2234841a3abe
.awin1.com/	1970-01-20 17:06:52	Name: awpv11354 Value: 412871\|1702953386\|684d8010-9e17-11ee-86a2-223889379c61
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.dafiti.com.co/	1970-01-21 02:38:33	Name: pt_4112a7e5 Value: deviceId%3Da0b7b010-b66b-4caa-bd74-035f37171206%26sessionId%3D472f53f7-8541-452b-b1f8-68a593ffad00%26accountId%3D%26vn%3D1%26pvn%3D1%26lastActionTime%3D1702953386660%26
.simptrack.com/	1970-01-20 19:12:09	Name: ntm_tps__4011 Value: ..NNNRjVJDepwA8wAEeJ735koO2aawBihIh-0xw53DR6F1yJPU784pdFWlxCvE6rRMalHztDuFCjuxiqknb8XssZvUafuag9wW_bKJS8Cqi9fjgCp0CFA7Xs2gkHXLkeHFx_NIviyngqKF1bgvFwizaasmS_FZBZM_wkGxIER9TM4ECG5VXbd_492QoTf0JFFqetmosIGHGMT9Yt8DMyHJ0YPPY-uqxBGTX3ozp_k4Vv9H5-_Y2vScE8z3gEJoQk5xnsDOS1AzhMFxJ4JNK2_NOOZReHjB2TNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 19:12:09	Name: v0rur7gqspb3_uid Value: 8a7f5615f20c722e
www.conrad.de/	1970-01-20 17:06:52	Name: HTLP_timestamp Value: 1702953386708
www.conrad.de/	1970-01-20 17:06:52	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 17:02:35	Name: __cf_bm Value: yp4P3nWDBkxQ8rAUtn6odnvJYKcym2Pf4lPS2qU59Fw-1702953386-1-AQT+5iP2it1Lsoyuc1p3JTnv2Ixmihd1wEDIWMDWN8cyQv+9XLUCwxTgzu7zEmlp1usjfBQTWLdjgY76Xz3iKz8=
.o2online.de/	1970-01-20 17:12:38	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMjk1MzM4NnZsZWExZGUyMDIzMTIxOTAzMzYyNjkxNDIxMTU2ODU1WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWQxUVl0YmZLZlh6WHM5SGRIOXRBdDIycmgyU0tUR0c4U3g3WFFvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMjAyMTE
.o2online.de/	1970-01-20 17:12:38	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 17:12:38	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023121903362691421156855X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMjk1MzM4NnZsZWExZGUyMDIzMTIxOTAzMzYyNjkxNDIxMTU2ODU1WDEyMDIxMVYxMjI2MTMyNzAyT
.criteo.com/	1970-01-21 02:24:09	Name: uid Value: 01e818be-cc70-4d7e-9515-45be8f352c77
.criteo.com/	1970-01-21 02:24:09	Name: receive-cookie-deprecation Value: 1
.dafiti.com.co/	1970-01-21 02:31:57	Name: cto_bundle Value: Hz3dbl9hNlI1dVMwMEI1UUhnWHlscldWcDhwd1NlVVBPJTJCbzJoM2Ftbk1kU2JxSjVRYnNHaG5DeUtTWktHVlVwY2Q2MHUlMkIxZTVsOWpsbnVMM202U2l4ZndhQmhxUGJXWDBmSkVRd09mNFpqeVVJQXRzNExmcXZwJTJCQW5BRSUyRktVVWc2TnJ3UVpqYzZtTDNMMDc5amwlMkZDJTJCc3huU0ElM0QlM0Q
.casalemedia.com/	1970-01-21 01:48:09	Name: CMID Value: ZYEBq7-YY7H5vDMein163AAA
.casalemedia.com/	1970-01-20 19:12:09	Name: CMPS Value: 5243
.casalemedia.com/	1970-01-20 19:12:09	Name: CMPRO Value: 5243
www.dafiti.com.co/	1970-01-20 17:03:59	Name: _hjShownFeedbackMessage Value: true
.adnxs.com/	1970-01-20 19:12:09	Name: anj Value: dTM7k!M40dWIy(ghqdmU(7RsBO:3t!A#Fw.TSyvnz@tD1D:O5`ux+xaWJi1N`w.nJ3d=BLE/Ota@Fcd?jFz@FY!7pXp2`z:@^Hy^f_pp-DqD(j'kU-$Z]HBX5?/d:AmXal@Fn-k:N5d4$H?q#X8eeH5a7^00K/eCBlwAiAd'q(KmK.t59[.wL4W1Qw3UPg3pT
.media.net/	1970-01-21 01:48:09	Name: visitor-id Value: 3459549870733426000V10
.media.net/	1970-01-20 17:45:45	Name: data-c-ts Value: 1702953387
.media.net/	1970-01-20 17:45:45	Name: data-c Value: k-4_x4W9AkHa-ESNzkgfw0sByfEEm2LuQkMgZPNw~~3
.omnitagjs.com/	1970-01-20 17:45:45	Name: ayl_visitor Value: 3657d0a8459b58df8a29d618053a9dfd
.demdex.net/	1970-01-20 21:21:45	Name: demdex Value: 64443191720339225884069182650018798633
.dpm.demdex.net/	1970-01-20 21:21:45	Name: dpm Value: 64443191720339225884069182650018798633
exchange.mediavine.com/	1970-01-20 17:22:42	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%226927da80-9e17-11ee-964b-8dea7a859997%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:22:42	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%226927da80-9e17-11ee-964b-8dea7a859997%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:22:42	Name: am_tokens Value: %7B%22mv_uuid%22%3A%226927da80-9e17-11ee-964b-8dea7a859997%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:22:42	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%226927da80-9e17-11ee-964b-8dea7a859997%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:22:42	Name: criteo Value: %7B%22id%22%3A%22k-2C9MsNAkHa-ESNzkgfw0sByfEElrtwgGw3K1_w%22%2C%22version%22%3A%22criteo%22%7D
.tremorhub.com/	1970-01-21 01:48:30	Name: tvid Value: beb34345246840cf90e7133d85842bb9
.tremorhub.com/	1970-01-20 17:45:45	Name: tv_UICR Value: k-pDwdXNAkHa-ESNzkgfw0sByfEEnk9l5u9kkvSw
.krxd.net/	1970-01-20 21:21:45	Name: _kuid_ Value: P-7osyJo
.postrelease.com/	1970-01-21 01:48:09	Name: opt_out Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4eb73751e4f4a48bf87aac3cb17f6c80.safeframe.googlesyndication.com
a.tribalfusion.com
a.twiago.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad.yieldlab.net
ad4m.at
ads.travelaudience.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
ash.creativecdn.com
assets.ad4m.at
async-px.dynamicyield.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
c1.adform.net
cdn.dynamicyield.com
cdn.onesignal.com
cdn.track.production.webgains.team
cjs.ptengine.com
cm.adform.net
cm.creativecdn.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
eum-orange-saas.instana.io
eum.instana.io
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
js-agent.newrelic.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pixel.rubiconproject.com
pm.w55c.net
prod-rtb.ad4mat.net
pv.medialead.de
r.casalemedia.com
r.turn.com
region1.analytics.google.com
rt.udmserve.net
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s.thebrighttag.com
s.tribalfusion.com
s3.amazonaws.com
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sslwidget.criteo.com
st.dynamicyield.com
static-de.ad4mat.net
static.criteo.net
static.dafiti.com.br
static.dafiti.com.co
static.hotjar.com
stats.g.doubleclick.net
stats.ptengine.jp
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
sync.teads.tv
tags.creativecdn.com
tm.simptrack.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
us.creativecdn.com
vc.hotjar.io
visitor.omnitagjs.com
widget.us.criteo.com
wurfl.io
www.awin1.com
www.conrad.de
www.dafiti.com.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
104.18.36.155
104.75.89.75
108.157.4.75
13.248.245.213
13.32.27.54
141.226.228.48
142.250.185.166
15.197.193.217
151.101.2.137
162.19.138.116
162.247.243.29
164.132.25.185
167.233.13.224
169.197.104.68
172.217.16.194
178.250.1.11
178.250.1.9
179.191.182.65
18.132.158.37
18.154.63.57
18.173.233.48
18.66.112.15
18.66.248.94
184.30.17.243
185.184.10.30
185.184.8.90
185.64.191.210
185.89.210.82
2.16.62.104
2.23.209.35
2001:4860:4802:32::36
213.155.156.181
216.52.2.86
2600:1901:0:76b9::
2600:1f18:612b:4264:cd63:6b3d:4f30:16c6
2600:9000:224a:a200:1b:5138:8a40:93a1
2600:9000:2315:b600:a:b89d:a6c0:93a1
2600:9000:2440:2000:15:ad21:c740:93a1
2600:9000:2440:3a00:15:14c9:5c80:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700::6810:cc16
2606:4700::6812:18ad
2606:4700::6812:d73b
2606:4700::6813:afbe
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:803::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a02:2638:3::3
2a02:6ea0:c700::17
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.18.227.110
3.69.190.202
3.71.149.231
3.9.60.26
34.117.157.22
34.120.4.21
34.250.71.117
34.91.62.186
34.96.105.8
35.157.70.183
35.186.253.211
35.190.0.66
35.190.29.52
37.157.3.20
37.157.6.237
46.228.164.11
46.4.101.115
51.38.120.206
52.18.145.191
52.212.237.123
52.217.194.56
52.25.95.187
52.57.12.239
52.58.18.253
54.217.28.190
54.75.61.252
63.33.18.223
69.173.144.165
70.42.32.63
74.119.119.150
84.200.5.215
85.215.5.31
91.121.248.44
92.123.148.9
95.101.148.20
02865daaa641d7a90f81bd855f5d79645e10d3533442b529799a3e1413032275
045dd3e2cc1e5a78554b1ffda7def82133042a6d02bc0f27103046f7412b532c
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be9066e7f3450edabb3588bb75e0f5de43b55a95f8e316b59e682ac03019006
0cf0618b9606b0afef9d5ccd987c84d048e9d0f416c28d8ad0920c44743d0585
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10ee80decb15be26a4b8e05da63c68fa0a83abf237e0cbc64b17417478ca84b3
13bb968402cd6e9d631c9bbb9e2b474601d5422d3c3305bdcbc9d50814e803e8
19b9a6628fa003af26766ce1578420be5068227a572c78f0e20b53e2f2fc1886
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
25b0b97adf86573d0847bb1b44df7e4b64f5c32b3708a3f48a25a8a3b57c5022
28a6fdd83eb858f126fc5b8c408c0bf49fda96e9dedb44d893d88932cc40294d
293596ca987a05b6966614b08a9369eb37ee12a373eed8faf64f188c79c98962
2a09661fd8abbda645d03748af2a287b3175bb9ab1c62f69c3942463a51292e9
2b031cfc79c145a7a44104257e4a8e1eef8950e35030026d34d2db03e32243a5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e9e8e99d6c6165cfa2ed38ec9a4e1ed85b9bed4213b2a91623f74e0e314599
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
331e525c26eff3ecea3256ab07678ceb93eeca775dd7958fc3b5b0211e4a01ed
346b1cd1ac8dc72559d6db756ac610651fbf3486f311bd3f8382676abd751ca8
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3c1ff62646b3fb6a250c66e841cd3c1a3a0f687d632b8aa4df03373048660091
3df1241c1a031617bc77ccfff53eb36866a34d807445d3092b6200db041843a3
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4099be53965b081dcb3c8265fe12f23af06f086383215545e928962ea0d11097
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
42383ecc5514f791bdc563f843d87b4a3d513bc902a642810638943d7358c339
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b1d446e17718dc5bddbf37824374b5474c1cbeb5a2bfcbac0be7ef86351af1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ded95156e0defad04f29ae2de8bcfcbac77722873b6c29b02249f8e23272ae4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51662303bf958ed5fcd55f7bdb63c65e5e9782cad38b5ceac639c68c737aff58
547c2e2900c87032f1dc7970437cfa747e8ca7cc32152a601e834a80f96a8de7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5860f72894745aab31c02dd9501b4f52a13a10c974359ff46bc6193cd8b30be0
5887d5cabe1c8ab78d84bcd7769f9c2c70473480e2e31b73dc9cbd3b02c7b1bf
5c7c377931182c76fd2003c5cacf04b65a36b68587594316f112c9426585c5fa
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5d937fd336e2ddc8ff9dc698c4de49db069d5877f7966119ce86aa985d74d0d7
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5f8dbde334302fd0e6e3c5b9fd32fcedbab30cf73f84917cd1b7e68dcd62a937
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
62d118d936dc54d3e2d858f8db0108b3f5ef5afe29fd3012c2bbde70ac31c9ee
646e098a1643dbfc5a5ba4fb05ded0fa27083036a30c3b382071c4832dfbab1d
66ecb05ae6aa55edec47dc3b7f25f1bb505551e57f01a8ebda9873077ef779c3
68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64
6895cc3d18135d5475cf830e523a6bd88f89403a491623213ff516f86028327b
6a673500a8f421015680d4388568def5cb3896e7473d28283fe11261d3073722
6e8589ce90ab754f06eb4152be861976740c14bc5d9233b8be65aac89b4a7463
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
76bef427ff208f0c217ba6c91c4a3aa67389d7afee36c358fafed7b7026232d8
79708903043f6f31258de0acd79a416fc7cee74b70a58abd7be98ed65a4390af
79fad6641a6713cdb48b32b7c2db073b3cc7eebb83465b63ebc6016c9b4b28ac
7b276020f0190cfd314a51906405be4b7fe6517a8d084541f9d4e4559147375b
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7e705f6ee9c3b61851c5da6eeecd130443bf77c0e15724b74e29fc81b9522c90
7f90e31462f033ca6d83e5cf171bb758eb059131b3ac21712c96d80bf887fb46
827ddacee09879c49013f6b637b3d594bebbe4723419028bc41bb8b6f6fedbc0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d50316766e200bdb52677b5f0718b164aa097563a725585ec89428ba9cdc89
8485264bbcea02744377ec26fc10400a9b6e9f01e96c17ede366c976aa586ec5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860832082dfad377dc30188b5398b166b655b9e256c2c464d18e6811ee41d1e6
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
879b44d198774dde08d879917367c43591d71b8f1edb09b5a4d7ea5681874335
884c77595d4fcaf52b0771c2ce360f82f517fa6fa766b0c94f573d083d7fcb61
89ddd9c116e6fbefbe6a870ce0a105add7ba4562b968228514f8a2c93288a895
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df638b5be0aa6d24b119ee7f0d4b7928baf01614c7653a3f70852db7f2a4004
8efaf82825a9c0bc6d98cf9cec490eb08d92d29934ad237273708216720fcc55
99d4aa81e65880a9034b20fbc9d8b003db458ce49891c802a2d4f123f582eea4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0813eb9bd64857720e968fb593073b2a1a9ad0e859cc95da3c106406c9aaac6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
a5e07dfacc8a2b0fdbfa4f83052db6f26f4fafb8add925339adeadb34ec24082
a6b1173fa8c27906c4b99917b603f3e5bec8f5f899e504858179aa868ffc8b94
a851ebeff4931c41de8ab0a382ebd9badbe8c85db60e22f70bf95591f3681198
b00e7845ea05321197df168471efb0d49e0ae72556e5d9f326e662279fd907e9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b170f93a0f60699bb90efeeb218ef113e88a1025522c3a3d2e297f3540d895f1
b1f022d469107e179e293411ea4bb9b5fd772d7c73d3b9faf36861acb44837b0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c0f78fd27853c1b5b63b7cc41bd2beabf645629ffb9c4fe71973ddb68392dae7
c2ce2b7620b4c32791ebd2f84362f8430e1fd355efad3d17da0bbda9e47d9fdd
c2eeeab125e267564f79d8007d510ba102f76bde2a32f83cb6fd1637965612fc
c3340d6fd09a51cd4ee7b0c80ac510cc7ee3a8b359c87cd326ca4dd4b6590500
c812e171dbd2962761ef514f7dbc63c6b4cf7b94c1bb610d1ba085bb899abc7c
c937c24b4cca0fb31ed9129826926e85bd19a0d0186985dd1711a6e857b61c69
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd7059bd5c8e99398ab4805b8e62c7acb64075dd921b65b9377ffe84a26c2e04
cf09eee7101e4fff639120495f14b24cd0aa6d5fae90240f2b2c3adf888b0100
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d00377efd7963e7fd6b764c23ae9b1d9968c55eb03e69951114884c871c62d82
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d37162f37ecb8d57786f733f2a0171b05a26f79721ace7a65c46f850ef026ddf
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d5dd6fa2766b4f32a9e74bab27ef97f583bf185ada3c65fc2996d05a6558de35
d8300edd09667c08a8f5ff999e575e404d1253f7c5a7435dd0e602c164a59ab1
d83dca202a4e9e03f699c025878763187e6fe4c79553bab5022474c03b65b5be
dabdd6f975687d917357a4b34673292b9d18ce949c49f72b6e49594facaa7e5b
ddd73f65cd1ea20a2f63c6335ed0cf95dadea78f8987518ee54ed9d2617580e4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6100e404af322aea23d64043c9bf9f51856bb90a0c41ecd94b640a29aec6f9d
e62e921fcdb419bc060b60b850107629031579a56cd6e5097f2565a2ed76ad6f
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efffd799eb73c5c5e79e9883791d223ea941acbee00553e38a6a3b33f5e5df98
f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f509ad600ddc78957fd482c2b0c6d3988035ae381ae060bc22084602dfc49c54
f5ee5d49afaf261b06c55455fa3cc5bdffd24dce67258c2e2d38a62387670652
f6598e2b8722563e8ab81b2e1bdf01223822c1f5d28d8f08e415f17688776c13
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fbae3eb07bebd887c70fc5c2ac40b7f4bee4985aedc1f3901c91af14679d3ba8
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361

www.dafiti.com.co Open in urlscan Pro 179.191.182.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

316 Requests

91 %HTTPS

32 %IPv6

83 Domains

111 Subdomains

91 IPs

11 Countries

5414 kBTransfer

14984 kBSize

104 Cookies

0 Outgoing links

Page URL History

Redirected requests

316 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dafiti.com.co Open in urlscan Pro
179.191.182.65 Public Scan

Screenshot
Live screenshot

Full Image

316
Requests

91 %
HTTPS

32 %
IPv6

83
Domains

111
Subdomains

91
IPs

11
Countries

5414 kB
Transfer

14984 kB
Size

104
Cookies

316 HTTP transactions
5 data transactions