shop.crealogix.com Open in urlscan Pro
62.113.230.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nl.mailxpert.ch/e/72b99afe27b5c56f/nl/f40d0f04d7b4a5c3a8306956/link/1944/69707724a1852c1199649864baf53e8acff5153...
Effective URL:
https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Submission: On June 24 via api (June 24th 2022, 9:38:18 pm UTC) from CH — Scanned from DE

Summary HTTP 154 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 10 countries across 27 domains to perform 154 HTTP transactions. The main IP is 62.113.230.74, located in Schwaig, Germany and belongs to TTM, DE. The main domain is shop.crealogix.com.
TLS certificate: Issued by R3 on May 31st 2022. Valid for: 3 months.

This is the only time shop.crealogix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.25.26.72 212.25.26.72	8758 (IWAY) (IWAY)
64	62.113.230.74 62.113.230.74	47447 (TTM) (TTM)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	2001:1608:49:... 2001:1608:49:9::7	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 4	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
16	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4 8	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
8 16	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c01::9b	15169 (GOOGLE) (GOOGLE)
2 2	212.83.50.108 212.83.50.108	47447 (TTM) (TTM)
2 4	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	85.114.159.112 85.114.159.112	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.60 217.79.188.60	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5 5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 3	3.66.201.109 3.66.201.109	16509 (AMAZON-02) (AMAZON-02)
3 3	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
2 2	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.51.151.159 52.51.151.159	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
154	24

1 212.25.26.72 (Zurich, Switzerland) 1 redirects

ASN8758 (IWAY, CH)

nl.mailxpert.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 62.113.230.74 (Schwaig, Germany)

ASN47447 (TTM, DE)
PTR: srv-a-de.c-319.maxcluster.net

shop.crealogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:1608:49:9::7 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

tc.connects.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lacmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

cct.connects.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.111.106 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.4.40 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.184.230 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11868943.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.83.50.108 (Germany) 2 redirects

ASN47447 (TTM, DE)

r.adserver01.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.112 (Sankt Georgen im Schwarzwald, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad11.adfarm1.adition.com

ad11.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.66.201.109 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-201-109.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.216 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.132 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.215.5.31 (Germany) 2 redirects

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.132.239 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.151.159 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-151-159.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1957 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	crealogix.com shop.crealogix.com	7 MB
22	doubleclick.net 13 redirects 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 77902 11868943.fls.doubleclick.net — Cisco Umbrella Rank: 89466 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	8 KB
18	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 987	19 KB
16	ad4m.at ad4m.at — Cisco Umbrella Rank: 2219 as.ad4m.at — Cisco Umbrella Rank: 2826	35 KB
10	adform.net 4 redirects track.adform.net — Cisco Umbrella Rank: 3976 s2.adform.net — Cisco Umbrella Rank: 5651	63 KB
9	google.de www.google.de — Cisco Umbrella Rank: 5448 adservice.google.de — Cisco Umbrella Rank: 7751	3 KB
9	google.com www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 92	5 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	3 KB
4	adition.com 2 redirects ad11.adfarm1.adition.com — Cisco Umbrella Rank: 30552 imagesrv.adition.com — Cisco Umbrella Rank: 16836	1 KB
4	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 408	4 KB
4	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 33255	4 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3729	1 KB
3	adscale.de 3 redirects ih.adscale.de — Cisco Umbrella Rank: 3590	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 362	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	22 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1705 mwzeom.zeotap.com — Cisco Umbrella Rank: 1343	897 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 716	614 B
2	yieldlab.net 2 redirects ad.yieldlab.net — Cisco Umbrella Rank: 3088	1 KB
2	twiago.com 2 redirects a.twiago.com — Cisco Umbrella Rank: 13805	656 B
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 611	299 B
2	smartadserver.com 2 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 653	1 KB
2	adserver01.de 2 redirects r.adserver01.de — Cisco Umbrella Rank: 92677	440 B
2	lacmp.net www.lacmp.net — Cisco Umbrella Rank: 197487	10 KB
2	connects.ch tc.connects.ch — Cisco Umbrella Rank: 274858 cct.connects.ch — Cisco Umbrella Rank: 613402	4 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 367	265 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	59 KB
1	mailxpert.ch 1 redirects nl.mailxpert.ch	199 B
154	27

	Domain	Requested by
64	shop.crealogix.com	shop.crealogix.com
18	pixel.mathtag.com	hal9000.redintelligence.net pixel.mathtag.com
12	as.ad4m.at	shop.crealogix.com
8	adservice.google.de	adservice.google.com
8	adservice.google.com	5994599.fls.doubleclick.net 11868943.fls.doubleclick.net
8	11868943.fls.doubleclick.net	4 redirects hal9000.redintelligence.net
8	5994599.fls.doubleclick.net	4 redirects hal9000.redintelligence.net
8	track.adform.net	4 redirects shop.crealogix.com track.adform.net
5	cm.g.doubleclick.net	5 redirects
4	dsum-sec.casalemedia.com	2 redirects shop.crealogix.com
4	secure.adnxs.com	2 redirects shop.crealogix.com
4	ad4m.at	shop.crealogix.com ad4m.at
4	hal9000.redintelligence.net	2 redirects shop.crealogix.com
3	pixel.onaudience.com	3 redirects
3	ih.adscale.de	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sync.crwdcntrl.net	2 redirects
2	ad.yieldlab.net	2 redirects
2	a.twiago.com	2 redirects
2	simage2.pubmatic.com	shop.crealogix.com
2	rtb-csync.smartadserver.com	2 redirects
2	imagesrv.adition.com	shop.crealogix.com
2	ad11.adfarm1.adition.com	2 redirects
2	r.adserver01.de	2 redirects
2	s2.adform.net	hal9000.redintelligence.net
2	www.lacmp.net	tc.connects.ch
1	www.google.de
1	www.google.com
1	mwzeom.zeotap.com	shop.crealogix.com
1	spl.zeotap.com	1 redirects
1	match.adsrvr.org	shop.crealogix.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cct.connects.ch	shop.crealogix.com
1	tc.connects.ch	www.googletagmanager.com
1	www.googletagmanager.com	shop.crealogix.com
1	nl.mailxpert.ch	1 redirects
154	37

This site contains links to these domains. Also see Links.

Domain
support.crealogix.com
clx.ch
crealogix.com

Subject Issuer	Validity	Valid
shop.crealogix.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tc.connects.ch R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
www.lacmp.net R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
cct.connects.ch R3	`2022-05-05` - `2022-08-03`	3 months	crt.sh
redintelligence.net R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Frame ID: 653B6D4952F9C3267632ED44851B5A5E
Requests: 79 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Frame ID: 514A0F5B3D677894E620FDB7890D4803
Requests: 12 HTTP requests in this frame

Frame: https://ad4m.at/e3txoxcs.js
Frame ID: 38990CB419237E72A65FC6CFEE46EB10
Requests: 13 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Frame ID: 01218DEAC10DFEC662D2F98851DC216F
Requests: 12 HTTP requests in this frame

Frame: https://ad4m.at/e3txoxcs.js
Frame ID: A3B07532F90A11168A5181D5CB6EE3B5
Requests: 13 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4DF7A693F087C1A858349FBB2E8EA92D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 86C65B0413F0B8FF47690FCA99209F27
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229
Frame ID: 785DA5AADBEC80B6876D7FAA364D41FF
Requests: 1 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456
Frame ID: 9478EB37288FA001C0C9CECEAE1FA812
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057
Frame ID: 62D91E0FC34E76E3BBDDB6AC4FA172CB
Requests: 1 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492
Frame ID: 93ECB64546589C6D2CDE5A7121CF33EE
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705
Frame ID: 427BA4EE0721F1F52365626758E8E83D
Requests: 1 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364
Frame ID: 216788AF68D2BC71F896351A9AEA5A5C
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301
Frame ID: 5BF02DA64CC29DD04F43060FAC3F8ED8
Requests: 1 HTTP requests in this frame

Frame: https://11868943.fls.doubleclick.net/activityi;dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828
Frame ID: C82AEBE6911F0D2B25B87B83E06792E0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057;~oref=https://hal9000.redintelligence.net/
Frame ID: BF1C9ABF067AEB7FCD617B356204F785
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229;~oref=https://hal9000.redintelligence.net/
Frame ID: 111DA1D3C69121221C5593D5666639D7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301;~oref=https://hal9000.redintelligence.net/
Frame ID: 65409789EA0CF9B8EA3682391BE12EC6
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705;~oref=https://hal9000.redintelligence.net/
Frame ID: 84BE8723CCDB4F88698A26400F424178
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364;~oref=https://hal9000.redintelligence.net/
Frame ID: 6E063FC0AC394069C55F0195E1B10ABB
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456;~oref=https://hal9000.redintelligence.net/
Frame ID: 5B67F3FE8EFE5535A433A7EBEF6B849D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492;~oref=https://hal9000.redintelligence.net/
Frame ID: 238FA4DB4DD7236F3533FD9C050DA9DD
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828;~oref=https://hal9000.redintelligence.net/
Frame ID: E697013D3AF8661ED811F3D03305706D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229;~oref=https://hal9000.redintelligence.net/
Frame ID: 3EC7AE079A02A44BD03FA47C92C195CB
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057;~oref=https://hal9000.redintelligence.net/
Frame ID: D2AC89F83C6498468B7690A4D99A84A7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705;~oref=https://hal9000.redintelligence.net/
Frame ID: 3F68013B9DAB3BA5AC0CC94D9D370E06
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301;~oref=https://hal9000.redintelligence.net/
Frame ID: BFCC1B4EB3473C5B7C7B5B10B9D1D79F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364;~oref=https://hal9000.redintelligence.net/
Frame ID: 8F14D3DFAF7802A4605CD80D9F2C0188
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492;~oref=https://hal9000.redintelligence.net/
Frame ID: 2FCF981B3E4D581CD3B32AAD94B64AEB
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828;~oref=https://hal9000.redintelligence.net/
Frame ID: E4A153A67C8F42ACD4E0771762C84A97
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456;~oref=https://hal9000.redintelligence.net/
Frame ID: FFB1449412F4C6440779F00798D2BEC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayEye – Swiss QR Code Reader - CREALOGIX SHOP

Page URL History Show full URLs

https://nl.mailxpert.ch/e/72b99afe27b5c56f/nl/f40d0f04d7b4a5c3a8306956/link/1944/69707724a1852c11996... HTTP 302
https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122 Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart
<a[^>]*href=[^>]*/Checkout

Magento (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<script [^>]+data-requiremodule="mage/
<script [^>]+data-requiremodule="Magento_

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Page Statistics

154
Requests

86 %
HTTPS

33 %
IPv6

27
Domains

37
Subdomains

24
IPs

10
Countries

7089 kB
Transfer

8183 kB
Size

45
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://support.crealogix.com/
Title: Kundendienst & Gerätetreiber

Search URL Search Domain Scan URL

URL: https://clx.ch/esr_qr_reader
Title: Factsheet Swiss QR Code Reader

Search URL Search Domain Scan URL

URL: https://clx.ch/esr_qr_reader_printout
Title: Factsheet als Druckvorlage

Search URL Search Domain Scan URL

URL: https://crealogix.com/
Title: CREALOGIX

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nl.mailxpert.ch/e/72b99afe27b5c56f/nl/f40d0f04d7b4a5c3a8306956/link/1944/69707724a1852c1199649864baf53e8acff51532/de/- HTTP 302
https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent= HTTP 302
https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1

Request Chain 75

https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent= HTTP 302
https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1

Request Chain 89

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 90

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229

Request Chain 91

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456

Request Chain 92

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057

Request Chain 93

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492

Request Chain 102

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 103

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705

Request Chain 104

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364

Request Chain 105

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301

Request Chain 106

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828 HTTP 302
https://11868943.fls.doubleclick.net/activityi;dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828

Request Chain 108

https://track.adform.net/Serving/TrackPoint/?pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=|

Request Chain 109

https://r.adserver01.de/rt/perf_ch.php?gdpr=0&gdpr_consent= HTTP 302
https://secure.adnxs.com/seg?add=19751009&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2

Request Chain 110

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_RetargetingPixel]=ASRET2 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 112

https://track.adform.net/Serving/TrackPoint/?pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=|

Request Chain 113

https://r.adserver01.de/rt/perf_ch.php?gdpr=0&gdpr_consent= HTTP 302
https://secure.adnxs.com/seg?add=19751009&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2

Request Chain 114

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_RetargetingPixel]=ASRET2 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm=&google_sc=&a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=1&google_tc= HTTP 302
https://as.ad4m.at/ad/dpe?b=CAESEObePwh-D99S79uguXNFLms&a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=1&google_cver=1

Request Chain 117

https://ih.adscale.de/tpui?tpid=25&tpuid=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA%26b%3D__ADSCALE_USER_ID__%26c%3D6 HTTP 302
https://ih.adscale.de/tpui?tpid=25&tpuid=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA%26b%3D__ADSCALE_USER_ID__%26c%3D6&nut&uu=dbf41ec89b9e4d9fbf45134d7334ffbf HTTP 307
https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=53903829994798438f6c93c0ae47e26559aeb5c5c07e279e5782ba67500c0535&c=6

Request Chain 118

https://pixel.onaudience.com/?partner=234&mapped=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 119

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA%26c%3D9%26b%3DSMART_USER_ID HTTP 302
https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=9&b=1759022591058096858&gdpr=0&gdpr_consent=

Request Chain 120

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&C=1

Request Chain 122

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA%26b%3D%25userid%25%26c%3D7 HTTP 302
https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=fc6f5bd89b4589524b0f23d07511ca8d20cd9f33e185a000d30292cb2adeb&c=7

Request Chain 123

https://ad.yieldlab.net/mr?t=2&pid=9140838&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA%26b%3D%25%25YL%5FUID%25%25%26c%3D4 HTTP 302
https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=f0f5f631-ba02-4158-bd0d-3eacb86d72b7&c=4

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm=&google_sc=&a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=1&google_tc= HTTP 302
https://as.ad4m.at/ad/dpe?b=CAESEEc-w9DuBlNPNBqEW0yflqg&a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=1&google_cver=1

Request Chain 125

https://ih.adscale.de/tpui?tpid=25&tpuid=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DFXZ76PZBvDmzP8t-0ng10YWPG5mD032S%26b%3D__ADSCALE_USER_ID__%26c%3D6 HTTP 307
https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=53903829994798438f6c93c0ae47e26559aeb5c5c07e279e5782ba67500c0535&c=6

Request Chain 126

https://pixel.onaudience.com/?partner=234&mapped=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c1aff51f605445a5/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=c1aff51f605445a5/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=0 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=c1aff51f605445a5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3916869-0328-439d-5584-197842ed3952&reqId=a0f684cd-e3bd-4052-63f1-d2332a5936bb&zcluid=c1aff51f605445a5&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEMJ_47J9D5IJX4g1sp2Wiv8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3916869-0328-439d-5584-197842ed3952&reqId=a0f684cd-e3bd-4052-63f1-d2332a5936bb&zcluid=c1aff51f605445a5&zdid=1332

Request Chain 127

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DFXZ76PZBvDmzP8t-0ng10YWPG5mD032S%26c%3D9%26b%3DSMART_USER_ID HTTP 302
https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=9&b=8836279949198865149&gdpr=0&gdpr_consent=

Request Chain 128

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&C=1

Request Chain 130

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DFXZ76PZBvDmzP8t-0ng10YWPG5mD032S%26b%3D%25userid%25%26c%3D7 HTTP 302
https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=fc6f5bd89b4589524b0f23d07511ca8d20cd9f33e185a000d30292cb2adeb&c=7

Request Chain 131

https://ad.yieldlab.net/mr?t=2&pid=9140838&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DFXZ76PZBvDmzP8t-0ng10YWPG5mD032S%26b%3D%25%25YL%5FUID%25%25%26c%3D4 HTTP 302
https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=f0f5f631-ba02-4158-bd0d-3eacb86d72b7&c=4

154 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request payeye.html Show response
shop.crealogix.com/de/
Redirect Chain

https://nl.mailxpert.ch/e/72b99afe27b5c56f/nl/f40d0f04d7b4a5c3a8306956/link/1944/69707724a1852c1199649864baf53e8acff51532/de/-
https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

53 KB
12 KB

305ms
275ms

Document
text/html

62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

ed05abf30759770a5862a3464c18f9d23e96be72ad0041da350df8abedb7deb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 21:38:12 GMT
expires: -1
pragma: no-cache
server: nginx/1.20.2
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 21:38:12 GMT
location: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
server: nginx
x-app-title: mailXpert - professionelles E-Mail Marketing aus der Schweiz

GET
H2 200 calendar.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/mage/ 5 KB
1 KB 8ms
6ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/mage/calendar.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

63a9523b3a82ef4a9744f4dfa9be3ce99ec7bff6c7b8b4b23442759dd3821bd5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:33 GMT
server: nginx/1.20.2
etag: W/"629755d1-130c"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1149
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 styles-m.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/ 266 KB
39 KB 9ms
7ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/styles-m.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

63554108d9b981e1e7e6858a2376950b499c3d6f474f406acd53957d328d93d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:50 GMT
server: nginx/1.20.2
etag: W/"629755e2-426ea"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 39825
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 app-styles-c.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/ 109 KB
20 KB 15ms
13ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

09862690205c493fa65681a7d3f285c765d659dea8837d43d3eb6c2f784bf8de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:50 GMT
server: nginx/1.20.2
etag: W/"629755e2-1b445"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 20422
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 gallery.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/mage/gallery/ 25 KB
4 KB 19ms
16ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/mage/gallery/gallery.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

5ba4530802e8ad84222936f789c36fc8692497ab880eba528f8820370b24fa32

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:34 GMT
server: nginx/1.20.2
etag: W/"629755d2-62b1"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4131
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 slick.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/ 1 KB
737 B 19ms
17ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/slick.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

7e503dd683b2fa5bc8c25e58b561d46d974cf6bf08f1e03ff8305094afdbafdc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:42 GMT
server: nginx/1.20.2
etag: W/"629755da-503"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 483
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 slick-theme.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/ 2 KB
1007 B 19ms
17ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/slick-theme.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

71df80b1021d92ef56594187ed006270c59329987abc52fc9772cd6dd919979f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:42 GMT
server: nginx/1.20.2
etag: W/"629755da-8eb"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 753
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 slick-lightbox.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/dist/ 2 KB
872 B 19ms
17ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/dist/slick-lightbox.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

df6ed3ebb6709adefcc03a611d4731689cb67977f34a667aaaac668cb76e846d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:41 GMT
server: nginx/1.20.2
etag: W/"629755d9-733"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 618
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 styles-l.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/ 42 KB
8 KB 19ms
18ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/styles-l.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

74104e39896250a24360bf0e99b9ec307987df87b3ae29df10604ec3b65fcb0d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:45 GMT
server: nginx/1.20.2
etag: W/"629755dd-a966"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 7468
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 app-styles-l.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/ 12 KB
2 KB 19ms
18ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-l.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

78cba90c7cc7fe3fb09e076cc049d9cd3fe0ef9fc454c1aa038bfc4a23c09b63

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:50 GMT
server: nginx/1.20.2
etag: W/"629755e2-2e8b"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2282
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 clx_logo_rgb_col.png
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/Magento_Theme/images/ 7 KB
8 KB 7ms
6ms Image
image/png 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/Magento_Theme/images/clx_logo_rgb_col.png

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

8e8da117c7deb974b83c86ae65475d5636cfe4aac4b7a308f3a993b741941001

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:51 GMT
server: nginx/1.20.2
etag: "629755e3-1d81"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 7553
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 print.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/ 1 KB
822 B 8ms
7ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/print.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

1325fbbd83887b4b56f821607648184ecaf3f1ee716363657064055fece579b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:45 GMT
server: nginx/1.20.2
etag: W/"629755dd-4a7"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 568
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 app-styles-m.min.css
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/ 8 KB
2 KB 8ms
7ms Stylesheet
text/css 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-m.min.css

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

4f96bf61edf2be998899b733cd402e9efd43ed43188539dbe2ef10db2768b393

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:50 GMT
server: nginx/1.20.2
etag: W/"629755e2-21da"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1698
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 bundle-common.min.js
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/ 0
186 KB 8ms
8ms Other
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:05:01 GMT
server: nginx/1.20.2
etag: W/"629755ed-9c672"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 190162
expires: Thu, 01 Jun 2023 12:12:27 GMT

GET
H2 200 bundle-product.min.js
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/ 0
12 KB 9ms
8ms Other
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-product.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:05:03 GMT
server: nginx/1.20.2
etag: W/"629755ef-a50d"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 12059
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 payeye_produktfilm_shop.jpg
shop.crealogix.com/media/parallax/video_posters/ 68 KB
69 KB 10ms
8ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/parallax/video_posters/payeye_produktfilm_shop.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

362cb80c1689ebab28bbf2dd7c429f2dcb8a56284ccce0f456b2ce07d2181d04

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 16 Sep 2020 14:15:56 GMT
server: nginx/1.20.2
etag: "5f621e1c-110c5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 69829
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 payeye_still_qr_800_600_fr.jpg
shop.crealogix.com/media/catalog/product/p/a/ 152 KB
152 KB 11ms
9ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/p/a/payeye_still_qr_800_600_fr.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

a153aafe15593ce78b985ded82ffde57b1aaac9c13bbc1db59424726e7eae704

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 03 Apr 2019 17:56:42 GMT
server: nginx/1.20.2
etag: "5ca4f3da-25f76"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 155510
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 800x600_de.jpg
shop.crealogix.com/media/catalog/product/8/0/ 81 KB
81 KB 14ms
12ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/8/0/800x600_de.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

5f3e2fa621df8ff66bb0b14054a4e8a5713ec69160b9ebba443f1420c52284bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 17:20:59 GMT
server: nginx/1.20.2
etag: "5fd1077b-14336"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 82742
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 pe_esr_800_600_1_1.jpg
shop.crealogix.com/media/catalog/product/p/e/ 117 KB
117 KB 17ms
15ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/p/e/pe_esr_800_600_1_1.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

6f03e3df03b4760e122ba4ec051c0a48e7489f66ad2df62386e06f89c137a98f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 03 Apr 2019 09:02:45 GMT
server: nginx/1.20.2
etag: "5ca476b5-1d2cd"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 119501
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 pe_dst_front_800_600.jpg
shop.crealogix.com/media/catalog/product/p/e/ 62 KB
63 KB 18ms
17ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/p/e/pe_dst_front_800_600.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

7dbc2ef1e171668029120bc291e16a13703a8b203b86ce46993749b6346d6777

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 03 Apr 2019 17:56:42 GMT
server: nginx/1.20.2
etag: "5ca4f3da-f9f5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 63989
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 pe_dst_back_800_600.jpg
shop.crealogix.com/media/catalog/product/p/e/ 60 KB
60 KB 18ms
17ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/p/e/pe_dst_back_800_600.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

e7b747b786fdb06ae46165db2ac7aebc8ef505bdb72e6716921ce57aca0d5da6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 03 Apr 2019 17:56:42 GMT
server: nginx/1.20.2
etag: "5ca4f3da-ee70"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 61040
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 pe_box_800_600_1_1.jpg
shop.crealogix.com/media/catalog/product/p/e/ 92 KB
92 KB 19ms
17ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/p/e/pe_box_800_600_1_1.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

34f7f212e0141790c2a96356df898b26b0b3971ec0d21eecc2171699de7a783b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Fri, 23 Oct 2020 12:08:40 GMT
server: nginx/1.20.2
etag: "5f92c7c8-16e1b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 93723
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 opensans-400.woff2
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/fonts/opensans/regular/ 17 KB
18 KB 17ms
17ms Font
application/font-woff2 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/fonts/opensans/regular/opensans-400.woff2

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/styles-m.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

b367d278abdbff97dcca334e31b1714fae2f7922f2347c5e76a6fd2c67f15079

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/styles-m.min.css
Origin: https://shop.crealogix.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:36 GMT
server: nginx/1.20.2
etag: W/"629755d4-45b8"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=31536000, public
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 Blank-Theme-Icons.woff2
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/fonts/Blank-Theme-Icons/ 3 KB
3 KB 18ms
17ms Font
application/font-woff2 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/fonts/Blank-Theme-Icons/Blank-Theme-Icons.woff2

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/styles-m.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

bd997b0853256f110826ae9403a2069a78a5b252b2ca995aef08bc60e9ea2805

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/styles-m.min.css
Origin: https://shop.crealogix.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:36 GMT
server: nginx/1.20.2
etag: W/"629755d4-c78"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=31536000, public
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 LinotypeSyntaxRegular.otf
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/fonts/ 28 KB
17 KB 18ms
18ms Font
font/opentype 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/fonts/LinotypeSyntaxRegular.otf

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

2bc7ba969afe214b3dad191d1ab2f46a65bda19f2d064ad812d00e468edde366

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css
Origin: https://shop.crealogix.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:50 GMT
server: nginx/1.20.2
etag: W/"629755e2-712c"
x-frame-options: SAMEORIGIN
content-type: font/opentype
cache-control: max-age=31536000, public
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 fa-solid-900.woff2
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/webfonts/ 78 KB
78 KB 18ms
18ms Font
application/font-woff2 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/webfonts/fa-solid-900.woff2

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css
Origin: https://shop.crealogix.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:50 GMT
server: nginx/1.20.2
etag: W/"629755e2-13654"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=31536000, public
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 opensans-700.woff2
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/fonts/opensans/bold/ 17 KB
18 KB 9ms
8ms Font
application/font-woff2 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/fonts/opensans/bold/opensans-700.woff2

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/styles-m.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

796de1bd57056646e70e7749841a0f1f15043f263e63cd41f252e238e3a40b1c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/styles-m.min.css
Origin: https://shop.crealogix.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:36 GMT
server: nginx/1.20.2
etag: W/"629755d4-4504"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=31536000, public
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 206 payeye_produktfilm_shop.mp4
shop.crealogix.com/media/parallax/videos/ 3 MB
3 MB 10ms
9ms Media
video/mp4 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/media/parallax/videos/payeye_produktfilm_shop.mp4

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

c03845abda6a517e5ecad47716541883988e33ddc2b4160e624a750b5ff744d3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
last-modified: Wed, 16 Sep 2020 14:15:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
etag: "5f621e1e-35fc67"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-3538022/3538023
accept-ranges: bytes
Content-Length: 3538023

GET
DATA 200
OK truncated
/ 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ff2b505117f2cfa56bc4f4d2043887a3466db3730a431696fad5781d4599775

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 payeye_still_esr_00440_2_1.jpg
shop.crealogix.com/media/parallax/background_images/ 427 KB
428 KB 29ms
28ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/parallax/background_images/payeye_still_esr_00440_2_1.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

2772c79208f6a0268a2342d039149840a5928ac7a4e7ee7c47134de6aad09308

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 16 Sep 2020 14:17:42 GMT
server: nginx/1.20.2
etag: "5f621e86-6ac80"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 437376
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 qr.svg
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/images/ 5 KB
2 KB 29ms
28ms Image
image/svg+xml 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/images/qr.svg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

860093f546df713a9a38ddabd46b9cf0b5dcfe1c15b0eab33c15aaf830dbb50a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:41 GMT
server: nginx/1.20.2
etag: W/"629755d9-14b6"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1488
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 clxsplash.png
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/images/ 43 KB
43 KB 29ms
28ms Image
image/png 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/images/clxsplash.png

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

84cbf26590d7e4d65ec1c15e047400a95867dd3960da002cff46eb98dcd05d3a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:41 GMT
server: nginx/1.20.2
etag: "629755d9-ac55"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 44117
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 cursor-info.png
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/images/ 2 KB
2 KB 29ms
29ms Image
image/png 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/images/cursor-info.png

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

c43a0292f53e0dd8d03b30e415ecaa157aa767d3b0a305499c0b9219d97307b3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/css/app-styles-c.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:41 GMT
server: nginx/1.20.2
etag: "629755d9-6f8"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1784
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 payeye_still_qr_004400_1.jpg
shop.crealogix.com/media/parallax/background_images/ 424 KB
425 KB 29ms
28ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/parallax/background_images/payeye_still_qr_004400_1.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

dc46f453f7afdcded6351b2589a712cdad2e23f60e3c497fc7c61ddd850215cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Wed, 16 Sep 2020 14:17:42 GMT
server: nginx/1.20.2
etag: "5f621e86-6a0f9"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 434425
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 cre_giromat_320x170_v1_19052017.png
shop.crealogix.com/media/catalog/product/cache/6f85558089c67561b457cec190dafae9/c/r/ 12 KB
12 KB 21ms
21ms Image
image/png 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/cache/6f85558089c67561b457cec190dafae9/c/r/cre_giromat_320x170_v1_19052017.png

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

07ede2268095a8b694ff49e1b423c8a31ce46ea05203e6a6da24502b13fb1b70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Tue, 08 Dec 2020 12:08:12 GMT
server: nginx/1.20.2
etag: "5fcf6cac-2f25"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 12069
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 require.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs/ 25 KB
8 KB 28ms
28ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs/require.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

25aea9c591a1d4b4edd69531751bc2ab7dbe9af3e9e45c0e826e8a43cb329aa6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:29 GMT
server: nginx/1.20.2
etag: W/"629755cd-6278"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 7660
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 requirejs-min-resolver.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/ 284 B
483 B 28ms
27ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs-min-resolver.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

4872e44db841485c62de1b4f1b357bab4b94c33bde089279c5f0f8913b61606b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:52 GMT
server: nginx/1.20.2
etag: W/"629755e4-11c"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 208
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 mixins.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/mage/requirejs/ 2 KB
1 KB 28ms
26ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/mage/requirejs/mixins.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

dbc993c0ca90c7beecabc98795fe3664c8c5f4e77fbcea295580367fac44c58a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:34 GMT
server: nginx/1.20.2
etag: W/"629755d2-9cf"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 893
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 requirejs-config-common.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/ 5 KB
2 KB 28ms
27ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/requirejs-config-common.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

0ce1c6864b40ca347bf59982d5a369d38fc2d8d533fcdc705b74a5bc4bed74a2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:05:01 GMT
server: nginx/1.20.2
etag: W/"629755ed-1393"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1366
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 requirejs-config-product.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/ 837 B
590 B 28ms
27ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/requirejs-config-product.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

0437d9d565a02ed628b2941740c9def5ec5ece6d0eaaba679454a0e0663a4da1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:05:03 GMT
server: nginx/1.20.2
etag: W/"629755ef-345"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 315
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 requirejs-config.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/ 14 KB
3 KB 28ms
27ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs-config.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

a39b8840cce84d69d4234bf9e524a4be6cb1d1a69f6b4a4ca6a5dd341a5fd0c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:52 GMT
server: nginx/1.20.2
etag: W/"629755e4-3698"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3173
expires: Thu, 01 Jun 2023 12:12:26 GMT

GET
H2 200 payeye_box.png
shop.crealogix.com/media/parallax/background_images/ 572 KB
572 KB 23ms
22ms Image
image/png 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/parallax/background_images/payeye_box.png

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

21a437d609d6f1a6e4b85e133321fcf154bcea68f8c8f47cb97512349c9d49a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
vary: Accept-Encoding
last-modified: Fri, 23 Oct 2020 12:09:10 GMT
server: nginx/1.20.2
etag: "5f92c7e6-8ee55"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 585301
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 bundle-common.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/ 626 KB
186 KB 17ms
17ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

53723cc0cbd732222f2e25f870af7b558b152f5feeef9877600e11bda13aec91

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:12 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:05:01 GMT
server: nginx/1.20.2
etag: W/"629755ed-9c672"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 190162
expires: Thu, 01 Jun 2023 12:12:27 GMT

GET
H2 200 initialize-video-events.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/js/ 198 B
426 B 9ms
8ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/js/initialize-video-events.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

4cdc5aba97592f3a371a85b5a303a9a716001beedb704c30c835534784a1c15f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:41 GMT
server: nginx/1.20.2
etag: W/"629755d9-c6"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 151
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 initialize-gallery.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/js/ 724 B
656 B 9ms
8ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/js/initialize-gallery.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

3c712dc3b9b7261522188011b693d4e91b6d2962a55f7279166ef430408a786f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:41 GMT
server: nginx/1.20.2
etag: W/"629755d9-2d4"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 381
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 bundle-product.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/ 41 KB
12 KB 7ms
7ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-product.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

15528b6bcb3dfd44133fa2459b1cc2cda94a77cbbb55728012295d83328b2279

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:05:03 GMT
server: nginx/1.20.2
etag: W/"629755ef-a50d"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 12059
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 167 KB
59 KB 136ms
51ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDZN385

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b76eb20394e7b2e7249ccc918a5a529836b811e8e7e64765c2ad6686c013f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59879
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 21:38:13 GMT

GET
H2 200 loader-1.gif
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/images/ 17 KB
17 KB 7ms
7ms Image
image/gif 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/images/loader-1.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

caefc900beabcb8b438e7e4861b34f560d256675a09c417fd201574cd257741c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:36 GMT
server: nginx/1.20.2
etag: "629755d4-4367"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 17255
expires: Thu, 01 Jun 2023 12:12:27 GMT

GET
H2 200 slick-lightbox.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/dist/ 7 KB
2 KB 6ms
6ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/dist/slick-lightbox.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

38b88470d1086465a4372837c7222c7846962536bb16316fc50b94ea928a0c4b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:41 GMT
server: nginx/1.20.2
etag: W/"629755d9-1d60"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2244
expires: Thu, 01 Jun 2023 12:12:45 GMT

GET
H2 200 option.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPage/js/to-cart/element/ 1 KB
710 B 9ms
9ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPage/js/to-cart/element/option.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

c2ccf777d98e072df5f051f3307ef116ec1d7d31ae00134f7c0ddf245a132876

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:42 GMT
server: nginx/1.20.2
etag: W/"629755da-40f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 435
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 option-value.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPage/js/to-cart/element/ 664 B
611 B 8ms
8ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPage/js/to-cart/element/option-value.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

e740ff14e369ddc1b01850f445df3e8ec75b6512eadb9483e4080ab36cd891a2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:42 GMT
server: nginx/1.20.2
etag: W/"629755da-298"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 336
expires: Thu, 01 Jun 2023 12:12:44 GMT

GET
H2 200 slick.min.js Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/Magento_PageBuilder/js/resource/slick/ 43 KB
11 KB 7ms
6ms Script
application/javascript 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/Magento_PageBuilder/js/resource/slick/slick.min.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

90f708ec220979a76fc6ade32dcd050ad8f2bf81ac9219f919d3bf8233c9b388

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:38 GMT
server: nginx/1.20.2
etag: W/"629755d6-aa56"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 10728
expires: Thu, 01 Jun 2023 12:12:45 GMT

GET
H2 200 pe_box_800_600_1_1.jpg
shop.crealogix.com/media/catalog/product/p/e/ 92 KB
92 KB 7ms
6ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/p/e/pe_box_800_600_1_1.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

34f7f212e0141790c2a96356df898b26b0b3971ec0d21eecc2171699de7a783b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Fri, 23 Oct 2020 12:08:40 GMT
server: nginx/1.20.2
etag: "5f92c7c8-16e1b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 93723
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 pe_dst_back_800_600.jpg
shop.crealogix.com/media/catalog/product/p/e/ 60 KB
60 KB 10ms
9ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/p/e/pe_dst_back_800_600.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

e7b747b786fdb06ae46165db2ac7aebc8ef505bdb72e6716921ce57aca0d5da6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Wed, 03 Apr 2019 17:56:42 GMT
server: nginx/1.20.2
etag: "5ca4f3da-ee70"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 61040
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 pe_dst_front_800_600.jpg
shop.crealogix.com/media/catalog/product/p/e/ 62 KB
63 KB 12ms
11ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/p/e/pe_dst_front_800_600.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

7dbc2ef1e171668029120bc291e16a13703a8b203b86ce46993749b6346d6777

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Wed, 03 Apr 2019 17:56:42 GMT
server: nginx/1.20.2
etag: "5ca4f3da-f9f5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 63989
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 payeye_still_qr_800_600_fr.jpg
shop.crealogix.com/media/catalog/product/p/a/ 152 KB
152 KB 20ms
20ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/p/a/payeye_still_qr_800_600_fr.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

a153aafe15593ce78b985ded82ffde57b1aaac9c13bbc1db59424726e7eae704

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Wed, 03 Apr 2019 17:56:42 GMT
server: nginx/1.20.2
etag: "5ca4f3da-25f76"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 155510
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 800x600_de.jpg
shop.crealogix.com/media/catalog/product/8/0/ 81 KB
81 KB 21ms
21ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/8/0/800x600_de.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

5f3e2fa621df8ff66bb0b14054a4e8a5713ec69160b9ebba443f1420c52284bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 17:20:59 GMT
server: nginx/1.20.2
etag: "5fd1077b-14336"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 82742
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 pe_esr_800_600_1_1.jpg
shop.crealogix.com/media/catalog/product/p/e/ 117 KB
117 KB 22ms
22ms Image
image/jpeg 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/p/e/pe_esr_800_600_1_1.jpg

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

6f03e3df03b4760e122ba4ec051c0a48e7489f66ad2df62386e06f89c137a98f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Wed, 03 Apr 2019 09:02:45 GMT
server: nginx/1.20.2
etag: "5ca476b5-1d2cd"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 119501
expires: Tue, 31 Jan 2023 13:05:38 GMT

GET
H2 200 ajax-loader.gif
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/ 4 KB
4 KB 21ms
20ms Image
image/gif 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/ajax-loader.gif

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/slick-theme.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPageParallax/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/slick-theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:42 GMT
server: nginx/1.20.2
etag: "629755da-1052"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4178
expires: Thu, 01 Jun 2023 12:12:45 GMT

GET
H2 200 payeye_index_1_1.png
shop.crealogix.com/media/catalog/product/cache/bd0a089ea1fab2b6d87b0f58ea0b6ada/p/a/ 6 KB
7 KB 7ms
6ms Image
image/png 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/cache/bd0a089ea1fab2b6d87b0f58ea0b6ada/p/a/payeye_index_1_1.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

2f9e47c84b2f068df9751c255217303a66ed4e847e50e7d7d60f6878233e4f31

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Tue, 17 Nov 2020 09:30:42 GMT
server: nginx/1.20.2
etag: "5fb39842-1980"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 6528
expires: Tue, 31 Jan 2023 13:05:39 GMT

GET
H2 200 option.html Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPage/template/to-cart/element/ 583 B
585 B 6ms
6ms XHR
text/html 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPage/template/to-cart/element/option.html

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

47df61d40cd6e0b19e9e51a3c86445ff3f88b7b9fe80935f9f7ec172e8381fd3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:42 GMT
server: nginx/1.20.2
etag: W/"629755da-247"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 319
expires: Thu, 01 Jun 2023 12:12:45 GMT

GET
H2 200 option-related-item.html Show response
shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPage/template/to-cart/element/ 575 B
593 B 6ms
6ms XHR
text/html 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/C4B_ProductPage/template/to-cart/element/option-related-item.html

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/static/version1654085067/frontend/Crealogix/default/de_CH/magepack/bundle-common.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

d28614aa641e7c0f96ba6b612e565527de84b9d82a5fbb9e732554e98732f570

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 01 Jun 2022 12:04:42 GMT
server: nginx/1.20.2
etag: W/"629755da-23f"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 327
expires: Thu, 01 Jun 2023 12:12:45 GMT

GET
H2 200 cradle-white-200-200-schatten.png
shop.crealogix.com/media/catalog/product/cache/bd0a089ea1fab2b6d87b0f58ea0b6ada/c/r/ 5 KB
5 KB 8ms
6ms Image
image/png 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/cache/bd0a089ea1fab2b6d87b0f58ea0b6ada/c/r/cradle-white-200-200-schatten.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

4678dc751c7c76b34dc6300f25bb7082ce9cd966581c87c0d5ba8254516e98f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Tue, 26 May 2020 15:44:43 GMT
server: nginx/1.20.2
etag: "5ecd396b-1222"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4642
expires: Tue, 31 Jan 2023 13:05:39 GMT

GET
H2 200 charger-white.png
shop.crealogix.com/media/catalog/product/cache/bd0a089ea1fab2b6d87b0f58ea0b6ada/c/h/ 3 KB
3 KB 8ms
7ms Image
image/png 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/cache/bd0a089ea1fab2b6d87b0f58ea0b6ada/c/h/charger-white.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

b3addbcef9c0652a459d396dde058dcd6ec2729b337f94402a22a7db9e3b4eb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Mon, 23 Nov 2020 14:32:16 GMT
server: nginx/1.20.2
etag: "5fbbc7f0-c26"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3110
expires: Tue, 31 Jan 2023 13:05:39 GMT

GET
H2 200 cre_usb_bt_320x170_v1_06062017.png
shop.crealogix.com/media/catalog/product/cache/bd0a089ea1fab2b6d87b0f58ea0b6ada/c/r/ 3 KB
3 KB 8ms
7ms Image
image/png 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/cache/bd0a089ea1fab2b6d87b0f58ea0b6ada/c/r/cre_usb_bt_320x170_v1_06062017.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

cb4d503a257c4ec2f81205eb7263a85d92e56f3cc2a1a7615f959db382f1e508

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Wed, 23 Sep 2020 14:56:42 GMT
server: nginx/1.20.2
etag: "5f6b622a-c8b"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3211
expires: Tue, 31 Jan 2023 13:05:39 GMT

GET
H2 200 stick.png
shop.crealogix.com/media/catalog/product/cache/bd0a089ea1fab2b6d87b0f58ea0b6ada/s/t/ 3 KB
4 KB 8ms
8ms Image
image/png 62.113.230.74
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.crealogix.com/media/catalog/product/cache/bd0a089ea1fab2b6d87b0f58ea0b6ada/s/t/stick.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.74 Schwaig, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-319.maxcluster.net

Software

nginx/1.20.2 /

Resource Hash

26c2493e5bde35f0c2981a72e8b717b6e054239da14189fb66be8dde7fe4b138

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
vary: Accept-Encoding
last-modified: Fri, 06 May 2022 07:46:05 GMT
server: nginx/1.20.2
etag: "6274d23d-dd4"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3540
expires: Sat, 06 May 2023 07:50:40 GMT

GET
H2 200 lila.js Show response
tc.connects.ch/ 4 KB
2 KB 40ms
7ms Script
application/javascript 2001:1608:49:9::7
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL

https://tc.connects.ch/lila.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDZN385

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1608:49:9::7 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

e4f9e9d6e8fbed416b232775f03f5026a882e413ea6a83614c334d378bbbda5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Dec 2021 11:00:21 GMT
server: nginx
etag: W/"61c30545-1049"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDZN385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2946
date: Fri, 24 Jun 2022 20:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 24 Jun 2022 22:49:07 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 62ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDZN385

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 05B5404F24D84A8893B3C6F41A811E03 Ref B: FRAEDGE1511 Ref C: 2022-06-24T21:38:13Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 24 Jun 2022 21:38:12 GMT
accept-ranges: bytes
content-length: 11374

GET
H2 200 lila.php Show response
www.lacmp.net/ 16 KB
5 KB 31ms
16ms XHR
text/html 2001:1608:49:9::7
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lacmp.net/lila.php?id=LjJY8FWCYU6C0agtks8A&url=https%3A%2F%2Fshop.crealogix.com%2Fde%2Fpayeye.html%3Fbanking_code%3Dpe4pp_eofy2122&frameit=1&module=Profiling&event=ProductView&productId=payeye.silver&productName=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader%20&productPrice=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader%20&productCategory=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader%20

Requested by

Host: tc.connects.ch
URL: https://tc.connects.ch/lila.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1608:49:9::7 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

4b6cc340007fceb7b536a6bb4944cc199f913bf216489841e168e371a5befec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 lila.php Show response
www.lacmp.net/ 15 KB
5 KB 32ms
16ms XHR
text/html 2001:1608:49:9::7
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lacmp.net/lila.php?id=LjJY8FWCYU6C0agtks8A&url=https%3A%2F%2Fshop.crealogix.com%2Fde%2Fpayeye.html%3Fbanking_code%3Dpe4pp_eofy2122&frameit=1&module=Profiling&event=PageView

Requested by

Host: tc.connects.ch
URL: https://tc.connects.ch/lila.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1608:49:9::7 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

63496198da5907c875c7540e4cb183d64faffde6c9a90788840493b20854da6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 204 50000260.js Show response
bat.bing.com/p/action/ 0
135 B 220ms
220ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/50000260.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 023258B5A20046338A74496380D05DBE Ref B: FRAEDGE1511 Ref C: 2022-06-24T21:38:13Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 24 Jun 2022 21:38:13 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 33ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=50000260&tm=gtm002&Ver=2&mid=edcba877-befe-4626-9655-83070c0e7cf3&sid=f32c93a0f40511ec929add7de360410e&vid=f32c9b00f40511ecabfc07224f09ba4e&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader%20-%20CREALOGIX%20SHOP&p=https%3A%2F%2Fshop.crealogix.com%2Fde%2Fpayeye.html%3Fbanking_code%3Dpe4pp_eofy2122&r=&lt=727&evt=pageLoad&msclkid=N&sv=1&rn=619816

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C01B587B29484948847537C475F8BFF9 Ref B: FRAEDGE1511 Ref C: 2022-06-24T21:38:13Z
date: Fri, 24 Jun 2022 21:38:12 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 engagement.js Show response
cct.connects.ch/javascript/ 4 KB
2 KB 48ms
8ms Script
application/javascript 84.200.5.215
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL

https://cct.connects.ch/javascript/engagement.js

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

70b96c9a4a56a7dfd268ed4b2b510fe51e5d62292fc3b13903e5ddfc7ba8324e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Jul 2020 17:40:10 GMT
server: nginx
etag: W/"5f21b47a-f69"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

retarget Show response
hal9000.redintelligence.net/ Frame 514A
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=
https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1

4 KB
1 KB

83ms
61ms

Document
text/html

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 22fc65689875b76432819e27aec5baa60b46b7578fcabd68fac231b3c06b3515

Request headers

Referer: https://shop.crealogix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 892
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2022 21:38:13 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2022 21:38:13 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: ?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H2 200 e3txoxcs.js Show response
ad4m.at/ Frame 3899 37 KB
13 KB 65ms
24ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/e3txoxcs.js
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a236cde87bc66cdc3d09c72957d0979f63b1274eec1bb12b5a52ad032d1d38a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=nPh+5A==, md5=iN1X2rtbZHT57a6cKKfIuQ==
date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46847
x-guploader-uploadid: ADPycds6Vw1175yP4ozSo98qNixdeXIiN800quYLa0tATDU8Wpt84jtgrwjPAZ5OmLlTTEA8MzBguKQp2Q_JR4nSVM7JMh4SGXhK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Jun 2022 12:19:32 GMT
server: cloudflare
etag: W/"88dd57dabb5b6474f9edae9c28a7c8b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzuolhFby5DaSdopxS9UkBDjvR7FPjRbohlsRCbxKD31BL7QrBBB5lM6182A9TFEqXMoOEhd2FkZRTZMWvgrVOvN4T1746VptnWlJkmiN8ZDhf4BK4BqWJ8nOHz1Q2N%2FuFJL4Iw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1654863572269368
content-type: application/javascript; charset=utf-8
expires: Fri, 24 Jun 2022 08:37:26 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12453
cf-ray: 72089bf1dd329c06-FRA
cf-bgj: minify

GET
H/1.1

200
OK

retarget Show response
hal9000.redintelligence.net/ Frame 0121
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=
https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1

4 KB
1 KB

80ms
58ms

Document
text/html

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: dccb723278989878b88d79b9ab8b3d762ebd2424987420880ba086c89a0fbe35

Request headers

Referer: https://shop.crealogix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 892
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2022 21:38:13 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2022 21:38:13 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: ?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H2 200 e3txoxcs.js Show response
ad4m.at/ Frame A3B0 37 KB
13 KB 57ms
24ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/e3txoxcs.js
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a236cde87bc66cdc3d09c72957d0979f63b1274eec1bb12b5a52ad032d1d38a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=nPh+5A==, md5=iN1X2rtbZHT57a6cKKfIuQ==
date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46847
x-guploader-uploadid: ADPycds6Vw1175yP4ozSo98qNixdeXIiN800quYLa0tATDU8Wpt84jtgrwjPAZ5OmLlTTEA8MzBguKQp2Q_JR4nSVM7JMh4SGXhK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Jun 2022 12:19:32 GMT
server: cloudflare
etag: W/"88dd57dabb5b6474f9edae9c28a7c8b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsQYL1ut6m%2FrmzuCBcy0dF%2BGf1ITru7pFdQPy2LpRHqvAZeMwGLjnLaG98D2PFANUfq5PwX350Ej%2BVJIr6tvXJH80TEal0Y0b9m6BRYNil%2BXE47nX86SGrXJ8gPyRYxkmZskOT0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1654863572269368
content-type: application/javascript; charset=utf-8
expires: Fri, 24 Jun 2022 08:37:26 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12453
cf-ray: 72089bf1dd349c06-FRA
cf-bgj: minify

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 20:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 24 Jun 2022 21:41:20 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 45ms
45ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1794080964&t=pageview&_s=1&dl=https%3A%2F%2Fshop.crealogix.com%2Fde%2Fpayeye.html%3Fbanking_code%3Dpe4pp_eofy2122&ul=en-us&de=UTF-8&dt=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader%20-%20CREALOGIX%20SHOP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEALAAAAAC~&jid=1167158948&gjid=2040634797&cid=2074864913.1656106693&tid=UA-18655952-1&_gid=1937658102.1656106693&_r=1&gtm=2wg6m0TDZN385&pa=detail&pr1id=payeye.silver&pr1nm=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader%20&pr1pr=174&pr1ca=Root%20Catalog%7CDefault%20Category%7CSwiss%20QR%20Code%20Reader%20%26%20Belegleser%7CPayEye&z=1427195340

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shop.crealogix.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shop.crealogix.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame 4DF7 2 KB
1 KB 31ms
31ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/e3txoxcs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Referer: https://shop.crealogix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2297371
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 72089bf24df29c06-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 24 Jun 2022 21:38:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 24 Jun 2022 22:38:13 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlCkamvg5B2ElqNAGU4Luc5J59SflGx3UevJtYTTdDXYg1XhatoLvszD1vOGV19P%2F7GGde1Lzuir8SOSS2OCT1k28j%2FaVXqPeaWfyCc04WpW9GMkRsuPd6Jcj322JJMFIMNh5qU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycds-8sQtq3wpa_8FZA4_lJm2l0V1rVRE94pQrLxNSzcoOyWFTKcSCQQ1tfbcjuocIbHYIVQdYrNUUHn7EVvK_wY

GET
H2 200 frame.html Show response
ad4m.at/ Frame 86C6 2 KB
1 KB 26ms
26ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/e3txoxcs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Referer: https://shop.crealogix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2297371
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 72089bf24df59c06-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 24 Jun 2022 21:38:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 24 Jun 2022 22:38:13 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42kH9pX34THSjuurCSys%2F6F%2FzLYyy3jctwFjJZkbIgBifsAoqWoc%2ByJQNZFeuGp%2B5T%2FkAfVqImuF0Xv3N4%2FL%2Bl8AEN4uyoCgUxQ55UrCoox%2BPWtn%2B5PdScYXAEaDCj1lxmRn2tY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycds-8sQtq3wpa_8FZA4_lJm2l0V1rVRE94pQrLxNSzcoOyWFTKcSCQQ1tfbcjuocIbHYIVQdYrNUUHn7EVvK_wY

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 0121 671 B
1 KB 67ms
29ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421282&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x29 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 0121 671 B
1 KB 59ms
22ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421284&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x24 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 0121 671 B
1 KB 52ms
20ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421280&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x10 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 0121 671 B
1 KB 53ms
21ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421283&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x29 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 0121 671 B
1 KB 75ms
43ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421285&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x7 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x7 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 0121 671 B
1 KB 63ms
31ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421281&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x31 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 0121 671 B
1 KB 55ms
30ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406081&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x28 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 0121 671 B
1 KB 45ms
22ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x35 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x35 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 0121
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
30 KB

109ms
25ms

Script
application/javascript

37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Protocol: H2
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:23 GMT
server: nginx
x-amz-request-id: tx00000000000002bb4b72e-0062b61421-323350c8-default
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Fri, 24 Jun 2022 21:38:13 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3

200

activityi;dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7... Show response
5994599.fls.doubleclick.net/ Frame 785D
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

568 B
459 B

110ms
43ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

24594253a431c0eefa3ddfe1309bac0197d973e64236beced7b2639f0e43a6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 434
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D... Show response
11868943.fls.doubleclick.net/ Frame 9478
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://11868943.fls.doubleclick.net/activityi;dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

568 B
459 B

116ms
51ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

f766c751e0111fb04351dfc35f85f3440ac15e6e99c5b38e5b340bdbf5225889

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 434
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;... Show response
5994599.fls.doubleclick.net/ Frame 62D9
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

566 B
458 B

108ms
43ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

441107953f4457c47708f9fa424820cfade97e1c9925b570fbd66268e75ec690

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 433
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%... Show response
11868943.fls.doubleclick.net/ Frame 93EC
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_7...
https://11868943.fls.doubleclick.net/activityi;dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%...

569 B
461 B

107ms
52ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

0e771f8941f38de9047bcaa6dcef30d17fbe7dbc9c9c79426aada26a0351b46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 514A 671 B
1 KB 64ms
17ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421283&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 514A 671 B
1 KB 76ms
28ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421282&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x11 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 514A 671 B
1 KB 58ms
21ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421280&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x7 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x7 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 514A 671 B
1 KB 69ms
25ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421285&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x30 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 514A 671 B
1 KB 71ms
24ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421284&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x32 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x32 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 514A 671 B
1 KB 74ms
21ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1421281&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x10 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 514A 671 B
1 KB 38ms
22ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x27 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 514A 671 B
1 KB 33ms
21ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406081&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x10 config:1.0.0 /
Resource Hash: b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 671
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 514A
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
30 KB

159ms
75ms

Script
application/javascript

37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1
Protocol: H2
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:23 GMT
server: nginx
x-amz-request-id: tx00000000000002bb4b72e-0062b61421-323350c8-default
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Fri, 24 Jun 2022 21:38:13 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3

200

activityi;dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7... Show response
5994599.fls.doubleclick.net/ Frame 427B
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

569 B
458 B

119ms
54ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&event=view&cat=10716&segment=PayEye%20%E2%80%93%20Swiss%20QR%20Code%20Reader&items=payeye.silver&gdpr=-1&gdpr_consent=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

1c22d5ae8842240c9ceb0bcae5e62367efb3774aa3147d1898812b80cbd14de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 433
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D... Show response
11868943.fls.doubleclick.net/ Frame 2167
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://11868943.fls.doubleclick.net/activityi;dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

567 B
460 B

105ms
50ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

9253884019e1a359aa95132ee85c032dcc3f807d728b116f98263afed5e4924b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 435
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;... Show response
5994599.fls.doubleclick.net/ Frame 5BF0
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

566 B
456 B

118ms
53ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

9f0a8b2e4aa52ab0eb65b34b136dc87fa82cd365158abf1d61fb22231d377020

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 431
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%... Show response
11868943.fls.doubleclick.net/ Frame C82A
Redirect Chain

https://11868943.fls.doubleclick.net/activityi;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_7...
https://11868943.fls.doubleclick.net/activityi;dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%...

569 B
462 B

109ms
54ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11868943.fls.doubleclick.net/activityi;dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

36f9a608bae27c9f3c2232aa9ea162ea49a2f3327181e49bc690379a4cae7a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal9000.redintelligence.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11868943.fls.doubleclick.net/activityi;dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 66ms
19ms XHR
text/plain 2a00:1450:400c:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-18655952-1&cid=2074864913.1656106693&jid=1167158948&gjid=2040634797&_gid=1937658102.1656106693&_u=aGBAAEAKAAAAAC~&z=421837386

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shop.crealogix.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Jun 2022 21:38:13 GMT
content-type: text/plain
access-control-allow-origin: https://shop.crealogix.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
track.adform.net/Serving/TrackPoint/ Frame 3899
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=|

35 B
395 B

22ms
21ms

Image
image/gif

37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=|

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=|
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 3899
Redirect Chain

https://r.adserver01.de/rt/perf_ch.php?gdpr=0&gdpr_consent=
https://secure.adnxs.com/seg?add=19751009&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2

43 B
1 KB

18ms
15ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Jun 2022 21:38:13 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 63b8df70-ad34-4704-8606-80ad7a386c73
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Jun 2022 21:38:13 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fe11ffc5-2214-4259-9370-82324ccc34ad
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

1x1.gif
imagesrv.adition.com/ Frame 3899
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_RetargetingPixel]=ASRET2
https://imagesrv.adition.com/1x1.gif

68 B
289 B

44ms
9ms

Image
image/gif

217.79.188.60
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: HTTP/1.1
Server: 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 24 Jun 2022 21:38:13 GMT
Last-Modified: Fri, 24 Jul 2009 13:46:10 GMT
Accept-Ranges: bytes
ETag: "3122740758"
Content-Length: 68
Content-Type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
date: Fri, 24 Jun 2022 23:38:13 +0200
server: ADITIONSERVER v1.0
access-control-allow-origin: *
content-type: text/plain
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 204 dst
as.ad4m.at/ad/ Frame 3899 0
71 B 45ms
31ms Image
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dst?a=5095&b=2&c=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&e=30749&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fshop.crealogix.com%2Fde%2Fpayeye.html%3Fbanking_code%3Dpe4pp_eofy2122

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf2ceb99c06-FRA
expires: 0

GET
H2

200

/
track.adform.net/Serving/TrackPoint/ Frame A3B0
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=|

35 B
395 B

22ms
21ms

Image
image/gif

37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=|

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2411383&ADFPageName=CH%20-%20Crealogix&ADFdivider=|
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame A3B0
Redirect Chain

https://r.adserver01.de/rt/perf_ch.php?gdpr=0&gdpr_consent=
https://secure.adnxs.com/seg?add=19751009&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2

43 B
1 KB

17ms
14ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Jun 2022 21:38:13 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b82cb764-26be-4bc0-a1d8-c5ba75777149
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Jun 2022 21:38:13 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ce05aadb-5328-4ed1-b3d7-382acff41c18
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

1x1.gif
imagesrv.adition.com/ Frame A3B0
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_RetargetingPixel]=ASRET2
https://imagesrv.adition.com/1x1.gif

68 B
289 B

47ms
12ms

Image
image/gif

217.79.188.60
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: HTTP/1.1
Server: 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 24 Jun 2022 21:38:13 GMT
Last-Modified: Fri, 24 Jul 2009 13:46:10 GMT
Accept-Ranges: bytes
ETag: "3122740758"
Content-Length: 68
Content-Type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
date: Fri, 24 Jun 2022 23:38:13 +0200
server: ADITIONSERVER v1.0
access-control-allow-origin: *
content-type: text/plain
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 204 dst
as.ad4m.at/ad/ Frame A3B0 0
557 B 40ms
26ms Image
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dst?a=5095&b=2&c=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&e=30749&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fshop.crealogix.com%2Fde%2Fpayeye.html%3Fbanking_code%3Dpe4pp_eofy2122

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf2cebc9c06-FRA
expires: 0

GET
H3

200

dpe
as.ad4m.at/ad/ Frame 3899
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=1
https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm=&google_sc=&a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=1&google_tc=
https://as.ad4m.at/ad/dpe?b=CAESEObePwh-D99S79uguXNFLms&a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=1&google_cver=1

0
633 B

31ms
31ms

Image
text/plain

2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?b=CAESEObePwh-D99S79uguXNFLms&a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=1&google_cver=1

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains; preload
x-download-options: noopen
vary: accept-encoding
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf44ad1924f-FRA
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://as.ad4m.at/ad/dpe?b=CAESEObePwh-D99S79uguXNFLms&a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=1&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dpe
as.ad4m.at/ad/ Frame 3899
Redirect Chain

https://ih.adscale.de/tpui?tpid=25&tpuid=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA%26b%3D__ADSCALE_USER_ID__%26c%3D6
https://ih.adscale.de/tpui?tpid=25&tpuid=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA%26b%3D__ADSCALE_USER_ID__%26c%3D6&nut&...
https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=53903829994798438f6c93c0ae47e26559aeb5c5c07e279e5782ba67500c0535&c=6

0
669 B

34ms
34ms

Image
text/plain

2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=53903829994798438f6c93c0ae47e26559aeb5c5c07e279e5782ba67500c0535&c=6

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains; preload
x-download-options: noopen
vary: accept-encoding
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf30983924f-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=53903829994798438f6c93c0ae47e26559aeb5c5c07e279e5782ba67500c0535&c=6
date: Fri, 24 Jun 2022 21:38:13 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 3899
Redirect Chain

https://pixel.onaudience.com/?partner=234&mapped=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
265 B

98ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H3

200

dpe
as.ad4m.at/ad/ Frame 3899
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tXfW6_...
https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=9&b=1759022591058096858&gdpr=0&gdpr_consent=

0
633 B

31ms
31ms

Image
text/plain

2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=9&b=1759022591058096858&gdpr=0&gdpr_consent=

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf379ff924f-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&c=9&b=1759022591058096858&gdpr=0&gdpr_consent=
pragma: no-cache
date: Fri, 24 Jun 2022 21:38:12 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3899
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&C=1

43 B
916 B

61ms
40ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&C=1
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72089bf3ce7868e9-FRA
pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkgqXhkzoNdYwW0XQ7zGILzQgUt%2B8DJOs04kHM0EWheIXPo%2FhAlMr7SlmOR%2B09WYykbEbmjQ8f07oX0CnCgSB%2F%2Fhs%2BqfLYSHEilGDB7sfhO4PUEEoC0cfDQMjGY98lM1S4B3%2FQcXvuZXWg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoZl1fWB41v0P1810BZ2WvfyLYghHD5wxn75Gvdt130o6LEc5iC9myWm8J90seYyeIFnO9NiGclu6ZCgRLRPktNiujvDG%2BRREBolwdaC26XJjbX4aC6lSq4HBQjkO%2FCjYDpjYTJMGx7Jzg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=5&external_user_id=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&C=1
cache-control: no-cache
cf-ray: 72089bf37c6f9b9a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3899 0
225 B 54ms
16ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA%26b%3D%24%7BPUBMATIC%5FUID%7D%26c%3D5
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H3

200

dpe
as.ad4m.at/ad/ Frame 3899
Redirect Chain

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tX...
https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=fc6f5bd89b4589524b0f23d07511ca8d20cd9f33e185a000d30292cb2adeb&c=7

0
633 B

27ms
26ms

Image
text/plain

2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=fc6f5bd89b4589524b0f23d07511ca8d20cd9f33e185a000d30292cb2adeb&c=7

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains; preload
x-download-options: noopen
vary: accept-encoding
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf3ca55924f-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=fc6f5bd89b4589524b0f23d07511ca8d20cd9f33e185a000d30292cb2adeb&c=7
date: Fri, 24 Jun 2022 21:38:13 GMT
server: Apache
connection: close
x-powered-by: PHP/7.3.29
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H3

200

dpe
as.ad4m.at/ad/ Frame 3899
Redirect Chain

https://ad.yieldlab.net/mr?t=2&pid=9140838&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3D2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA%26b%3D%25%25YL%5FUID%25%25%26c%3D4
https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=f0f5f631-ba02-4158-bd0d-3eacb86d72b7&c=4

0
633 B

53ms
53ms

Image
text/plain

2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=f0f5f631-ba02-4158-bd0d-3eacb86d72b7&c=4

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains; preload
x-download-options: noopen
vary: accept-encoding
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf39a2e924f-FRA
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 24 Jun 2022 21:38:13 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Location: https://as.ad4m.at/ad/dpe?a=2Bz1chiJqr-tXfW6_5XrzaETvip8Z0SA&b=f0f5f631-ba02-4158-bd0d-3eacb86d72b7&c=4
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Length: 0
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 23 Jun 2022 21:38:13 GMT

GET
H3

200

dpe
as.ad4m.at/ad/ Frame A3B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=1
https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm=&google_sc=&a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=1&google_tc=
https://as.ad4m.at/ad/dpe?b=CAESEEc-w9DuBlNPNBqEW0yflqg&a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=1&google_cver=1

0
633 B

32ms
32ms

Image
text/plain

2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?b=CAESEEc-w9DuBlNPNBqEW0yflqg&a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=1&google_cver=1

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf45adf924f-FRA
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://as.ad4m.at/ad/dpe?b=CAESEEc-w9DuBlNPNBqEW0yflqg&a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=1&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dpe
as.ad4m.at/ad/ Frame A3B0
Redirect Chain

https://ih.adscale.de/tpui?tpid=25&tpuid=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DFXZ76PZBvDmzP8t-0ng10YWPG5mD032S%26b%3D__ADSCALE_USER_ID__%26c%3D6
https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=53903829994798438f6c93c0ae47e26559aeb5c5c07e279e5782ba67500c0535&c=6

0
633 B

26ms
26ms

Image
text/plain

2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=53903829994798438f6c93c0ae47e26559aeb5c5c07e279e5782ba67500c0535&c=6

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf359e5924f-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=53903829994798438f6c93c0ae47e26559aeb5c5c07e279e5782ba67500c0535&c=6
date: Fri, 24 Jun 2022 21:38:13 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A3B0
Redirect Chain

https://pixel.onaudience.com/?partner=234&mapped=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c1aff51f605445a5/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=c1aff51f605445a5/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=0
https://spl.zeotap.com/?zdid=1332&zcluid=c1aff51f605445a5
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3916869-0328-439d-5584-197842ed3952&reqId=a0f684cd-e3bd-4052-63f1-d2332a5936bb&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEMJ_47J9D5IJX4g1sp2Wiv8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3916869-0328-439d-5584-197842ed3952&reqId=a0f684cd-e3bd-4052-63f1-d23...

95 B
164 B

31ms
21ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEMJ_47J9D5IJX4g1sp2Wiv8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3916869-0328-439d-5584-197842ed3952&reqId=a0f684cd-e3bd-4052-63f1-d2332a5936bb&zcluid=c1aff51f605445a5&zdid=1332
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://shop.crealogix.com
access-control-allow-credentials: true
cf-ray: 72089bf51d0fbb37-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEMJ_47J9D5IJX4g1sp2Wiv8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3916869-0328-439d-5584-197842ed3952&reqId=a0f684cd-e3bd-4052-63f1-d2332a5936bb&zcluid=c1aff51f605445a5&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dpe
as.ad4m.at/ad/ Frame A3B0
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DFXZ76PZBvDmzP8t-0...
https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=9&b=8836279949198865149&gdpr=0&gdpr_consent=

0
633 B

34ms
34ms

Image
text/plain

2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=9&b=8836279949198865149&gdpr=0&gdpr_consent=

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf38a20924f-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&c=9&b=8836279949198865149&gdpr=0&gdpr_consent=
pragma: no-cache
date: Fri, 24 Jun 2022 21:38:12 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A3B0
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&C=1

43 B
942 B

59ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&C=1
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72089bf3ce7968e9-FRA
pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27LEb5LZCABl%2BBuPjKhnLSeQgLUYEm0iCr9XSn2KyIx2Ma6owki0PcWkg%2F3IpI5VV6r7AAiPb1J5WFFXoL68WhIHcKtvf9AcGpCXxMWmcSWwCnncWgn69YErMXeoUDUNN2GdxLgBypacRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUqFb%2B7fbp%2FIm8%2FzhOqqbK7cU4p945F8pG6QVX6rCVIj88kqqRJy1rsRrBtL7%2BWT%2F3S9x7JnSBm7GHB57yBbM%2BLamgh6JxgBO5MBPozi7lpgzhZw0tUYnLfo0ItEBmu7pGJWn0FdUKW1TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=5&external_user_id=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&C=1
cache-control: no-cache
cf-ray: 72089bf37c709b9a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame A3B0 0
74 B 15ms
15ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DFXZ76PZBvDmzP8t-0ng10YWPG5mD032S%26b%3D%24%7BPUBMATIC%5FUID%7D%26c%3D5
Requested by: Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H3

200

dpe
as.ad4m.at/ad/ Frame A3B0
Redirect Chain

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DFXZ76PZBvDmzP...
https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=fc6f5bd89b4589524b0f23d07511ca8d20cd9f33e185a000d30292cb2adeb&c=7

0
633 B

26ms
26ms

Image
text/plain

2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=fc6f5bd89b4589524b0f23d07511ca8d20cd9f33e185a000d30292cb2adeb&c=7

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains; preload
x-download-options: noopen
vary: accept-encoding
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf3ea7b924f-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=fc6f5bd89b4589524b0f23d07511ca8d20cd9f33e185a000d30292cb2adeb&c=7
date: Fri, 24 Jun 2022 21:38:13 GMT
server: Apache
connection: close
x-powered-by: PHP/7.3.30
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H3

200

dpe
as.ad4m.at/ad/ Frame A3B0
Redirect Chain

https://ad.yieldlab.net/mr?t=2&pid=9140838&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DFXZ76PZBvDmzP8t-0ng10YWPG5mD032S%26b%3D%25%25YL%5FUID%25%25%26c%3D4
https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=f0f5f631-ba02-4158-bd0d-3eacb86d72b7&c=4

0
633 B

25ms
25ms

Image
text/plain

2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=f0f5f631-ba02-4158-bd0d-3eacb86d72b7&c=4

Requested by

Host: shop.crealogix.com
URL: https://shop.crealogix.com/de/payeye.html?banking_code=pe4pp_eofy2122

Protocol

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 21:38:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 72089bf3ca56924f-FRA
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 24 Jun 2022 21:38:13 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Location: https://as.ad4m.at/ad/dpe?a=FXZ76PZBvDmzP8t-0ng10YWPG5mD032S&b=f0f5f631-ba02-4158-bd0d-3eacb86d72b7&c=4
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Length: 0
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 23 Jun 2022 21:38:13 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 0121 43 B
525 B 47ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=41438&version=1&gdpr=-1&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 514A 43 B
525 B 29ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1421283&mt_adid=225791&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x26 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 21:38:13 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 24 Jun 2022 21:38:12 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 133ms
48ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-18655952-1&cid=2074864913.1656106693&jid=1167158948&_u=aGBAAEAKAAAAAC~&z=1815329561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 136ms
50ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-18655952-1&cid=2074864913.1656106693&jid=1167158948&_u=aGBAAEAKAAAAAC~&z=1815329561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shop.crealogix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 0121 111 B
592 B 22ms
20ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=473310831387&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fshop.crealogix.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D41438%26version%3D1%26gdpr%3D-1%26gdpr_consent%3D%26redirected%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7... Frame BF1C 565 B
502 B 163ms
74ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1095ac87f5a753905358318e3194526231e36d856d77aec0b145787428f1654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 432
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$... Frame 111D 567 B
902 B 159ms
74ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9988fa01dd581c3f62c68c3fa16dd773b3680eafff662c9a8365e3acfc33482c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 433
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7... Frame 6540 565 B
500 B 160ms
76ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d37ae8937685ae8bf0ea0b280efdd6ee162927f4beaaacc8af1fdee65401acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 430
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$... Frame 84BE 568 B
499 B 158ms
75ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a043f104689eddc33acf90d6989140763b54d1cc073cb324890572315bd30cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 433
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%... Frame 6E06 566 B
499 B 159ms
77ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a658dce38af3e0fb615380bd5a75418755a48d4f9c4fd3cd9074c501a63d119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11868943.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 433
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%... Frame 5B67 567 B
498 B 159ms
78ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

596c0276d20ad087f3a8274436aa2bb265883c248c0d04be2a4ffd40feb24b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11868943.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 432
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 514A 111 B
592 B 21ms
21ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=715639786780&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fshop.crealogix.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D41438%26version%3D1%26event%3Dview%26cat%3D10716%26segment%3DPayEye%25

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 21:38:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=... Frame 238F 568 B
504 B 150ms
77ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70a36f1a4a330772164c0c0c2e0a41f8dcba02da08218a6a96d5c7870c81b925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11868943.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 434
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=... Frame E697 568 B
505 B 150ms
78ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 11868943.fls.doubleclick.net
URL: https://11868943.fls.doubleclick.net/activityi;dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42c140e2b9b5070ee72d7dc70bc7b2d5c90c7d8a79aa76705bef6f04feff0754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11868943.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 435
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%... Frame 3EC7 194 B
242 B 161ms
75ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLWeu5mGx_gCFZHO1Qod1XEIxQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9479855491363.229;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:14 GMT
expires: Fri, 24 Jun 2022 21:38:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame D2AC 194 B
242 B 160ms
76ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLWhu5mGx_gCFXAfBgAdJ3QA1Q;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8486807381030.057;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:14 GMT
expires: Fri, 24 Jun 2022 21:38:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%... Frame 3F68 194 B
242 B 161ms
77ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNSju5mGx_gCFVmV1QodsE8PPA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5732503945720.7705;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:14 GMT
expires: Fri, 24 Jun 2022 21:38:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame BFCC 194 B
242 B 162ms
79ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIqiu5mGx_gCFSL81Qod2soKiQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5419243049932.301;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:14 GMT
expires: Fri, 24 Jun 2022 21:38:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7... Frame 8F14 194 B
242 B 161ms
80ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMOzvJmGx_gCFZW61Qod1G0Mhw;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5901829940682.364;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:14 GMT
expires: Fri, 24 Jun 2022 21:38:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$... Frame 2FCF 194 B
870 B 153ms
74ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNezvJmGx_gCFVb6UQodcLMIVg;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6512875945319.492;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:14 GMT
expires: Fri, 24 Jun 2022 21:38:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$... Frame E4A1 194 B
242 B 155ms
76ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKC3vJmGx_gCFRkfBgAdzYcH0Q;src=11868943;type=invmedia;cat=dbmis001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6190183776675.828;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:14 GMT
expires: Fri, 24 Jun 2022 21:38:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7... Frame FFB1 194 B
242 B 155ms
78ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COjpu5mGx_gCFRDO1QodzQcKoQ;src=11868943;type=invmedia;cat=dbmis0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1742939798724.4456;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 21:38:14 GMT
expires: Fri, 24 Jun 2022 21:38:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shop.crealogix.com/	1970-01-20 04:21:56	Name: PHPSESSID Value: 8j96bfuvg0s90jhqpufq7b2k27
shop.crealogix.com/	1970-01-20 04:21:56	Name: X-Magento-Vary Value: cebbbcdb98a82ab1b081f59f8cc7376177e84844
shop.crealogix.com/	1970-01-20 04:03:13	Name: form_key Value: 1nrjgyiwnfxt1NJ0
shop.crealogix.com/	1970-01-20 04:21:56	Name: mage-cache-storage Value: %7B%7D
shop.crealogix.com/	1970-01-20 04:21:56	Name: mage-cache-storage-section-invalidation Value: %7B%7D
shop.crealogix.com/	1970-01-20 04:21:56	Name: mage-cache-sessid Value: true
shop.crealogix.com/	1970-01-20 04:21:56	Name: mage-messages Value:
shop.crealogix.com/	1970-01-20 04:21:56	Name: recently_viewed_product Value: %7B%7D
shop.crealogix.com/	1970-01-20 04:21:56	Name: recently_viewed_product_previous Value: %7B%7D
shop.crealogix.com/	1970-01-20 04:21:56	Name: recently_compared_product Value: %7B%7D
shop.crealogix.com/	1970-01-20 04:21:56	Name: recently_compared_product_previous Value: %7B%7D
shop.crealogix.com/	1970-01-20 04:21:56	Name: product_data_storage Value: %7B%7D
.bing.com/	1970-01-20 13:23:22	Name: MUID Value: 3336687270A36668188779BF71C86723
.crealogix.com/	1970-01-20 04:03:13	Name: _uetsid Value: f32c93a0f40511ec929add7de360410e
.crealogix.com/	1970-01-20 13:23:22	Name: _uetvid Value: f32c9b00f40511ecabfc07224f09ba4e
.redintelligence.net/	1970-01-20 06:11:22	Name: 8lcfmzhxc8d6_uid Value: 49b1fdc4781335ee
.crealogix.com/	1970-01-20 21:32:58	Name: _ga Value: GA1.2.2074864913.1656106693
.crealogix.com/	1970-01-20 04:03:13	Name: _gid Value: GA1.2.1937658102.1656106693
.crealogix.com/	1970-01-20 04:01:46	Name: _gat_UA-18655952-1 Value: 1
.adscale.de/	1970-01-20 12:44:02	Name: uu Value: dbf41ec89b9e4d9fbf45134d7334ffbf
.adscale.de/	1970-01-20 12:44:02	Name: cct Value: 1656106693582
.adfarm1.adition.com/	1970-01-20 06:11:22	Name: UserID1 Value: 7112924085149762989
.mathtag.com/	1970-01-20 13:27:41	Name: uuid Value: 86d262b6-2ec5-4800-8ec7-9742d63e0334
.adform.net/	1970-01-20 04:44:58	Name: C Value: 1
.mathtag.com/	1970-01-20 04:44:58	Name: mt_misc Value: mt_bt:1
.adnxs.com/	1970-01-20 06:11:22	Name: uuid2 Value: 3131403599984136688
.adform.net/	1970-01-20 05:28:10	Name: uid Value: 6598039729038397200
.adnxs.com/	1970-01-20 06:11:22	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Hb<LkNnc!@wnf-Te9(>wL5L!!'1t$VYT6
.onaudience.com/	1970-01-20 04:03:13	Name: done_redirects147 Value: 1
.ih.adscale.de/	1970-01-20 12:44:02	Name: tu Value: 4#3466715466#25~FXZ76PZBvDmzP8t-0ng10YWPG5mD032S~460029~0~0
.onaudience.com/	1970-01-20 12:47:22	Name: cookie Value: c1aff51f605445a5
.onaudience.com/	1970-01-20 04:03:13	Name: done_redirects104 Value: 1
.smartadserver.com/	1970-01-20 13:30:34	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 13:30:34	Name: pid Value: 8836279949198865149
.smartadserver.com/	1970-01-20 12:47:22	Name: csync Value: 132:FXZ76PZBvDmzP8t-0ng10YWPG5mD032S
.yieldlab.net/	1970-01-20 12:47:22	Name: id Value: f0f5f631-ba02-4158-bd0d-3eacb86d72b7
.casalemedia.com/	1970-01-20 06:11:22	Name: CMPS Value: 1192
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.casalemedia.com/	1970-01-20 12:47:22	Name: CMID Value: YrYuxVyUCZztdCfe2ShYNQAA
.casalemedia.com/	1970-01-20 06:11:22	Name: CMTS Value: 3379
.casalemedia.com/	1970-01-20 06:11:22	Name: CMPRO Value: 1219
.doubleclick.net/	1970-01-20 13:23:22	Name: IDE Value: AHWqTUkh25G5ADC7yb9kf_CbLsENrQxWnL62zUABMb-R-xOyn-ERdy4yXwCiQPelFKs
.onaudience.com/	1970-01-20 04:03:13	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 12:47:22	Name: zc Value: b3916869-0328-439d-5584-197842ed3952
.zeotap.com/	1970-01-20 04:03:13	Name: zsc Value: %5E%7B%11%8A%113%0DsC1%25%C0%16%A1%C2%06%89%8C%5D%09%F2%F8%5E%EDZT%27%F8%27%11%00%21%3A%27A%A9%3B%83%DC%12IR%D4%CC%06B%97T%B5k%7Cnb%FF%40%7B%E9d%8F%97%DB%BDL%F9%B3M%84%29%B9Q%C9vM%C069%27%1Eg%C6%C9%89%1F

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11868943.fls.doubleclick.net
5994599.fls.doubleclick.net
a.twiago.com
ad.yieldlab.net
ad11.adfarm1.adition.com
ad4m.at
adservice.google.com
adservice.google.de
as.ad4m.at
bat.bing.com
cct.connects.ch
cm.g.doubleclick.net
dsum-sec.casalemedia.com
hal9000.redintelligence.net
ih.adscale.de
imagesrv.adition.com
match.adsrvr.org
mwzeom.zeotap.com
nl.mailxpert.ch
pixel.mathtag.com
pixel.onaudience.com
r.adserver01.de
rtb-csync.smartadserver.com
s2.adform.net
secure.adnxs.com
shop.crealogix.com
simage2.pubmatic.com
spl.zeotap.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tc.connects.ch
track.adform.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.lacmp.net
104.18.18.126
141.94.171.216
142.250.184.230
142.250.185.66
185.64.190.80
185.83.142.19
185.86.137.132
2.18.233.201
2001:1608:49:9::7
212.25.26.72
212.83.50.108
217.79.188.60
2606:4700:10::6816:1957
2606:4700:20::681a:bd1
2620:1ec:c11::200
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c01::9b
3.33.220.150
3.66.201.109
37.157.2.247
37.157.4.40
52.51.151.159
62.113.230.74
78.46.111.106
84.200.5.215
85.114.159.112
85.215.5.31
96.16.132.239
0437d9d565a02ed628b2941740c9def5ec5ece6d0eaaba679454a0e0663a4da1
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
07ede2268095a8b694ff49e1b423c8a31ce46ea05203e6a6da24502b13fb1b70
09862690205c493fa65681a7d3f285c765d659dea8837d43d3eb6c2f784bf8de
0ce1c6864b40ca347bf59982d5a369d38fc2d8d533fcdc705b74a5bc4bed74a2
0e771f8941f38de9047bcaa6dcef30d17fbe7dbc9c9c79426aada26a0351b46b
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
1325fbbd83887b4b56f821607648184ecaf3f1ee716363657064055fece579b4
15528b6bcb3dfd44133fa2459b1cc2cda94a77cbbb55728012295d83328b2279
1c22d5ae8842240c9ceb0bcae5e62367efb3774aa3147d1898812b80cbd14de1
21a437d609d6f1a6e4b85e133321fcf154bcea68f8c8f47cb97512349c9d49a9
22fc65689875b76432819e27aec5baa60b46b7578fcabd68fac231b3c06b3515
24594253a431c0eefa3ddfe1309bac0197d973e64236beced7b2639f0e43a6f4
25aea9c591a1d4b4edd69531751bc2ab7dbe9af3e9e45c0e826e8a43cb329aa6
26c2493e5bde35f0c2981a72e8b717b6e054239da14189fb66be8dde7fe4b138
2772c79208f6a0268a2342d039149840a5928ac7a4e7ee7c47134de6aad09308
2bc7ba969afe214b3dad191d1ab2f46a65bda19f2d064ad812d00e468edde366
2f9e47c84b2f068df9751c255217303a66ed4e847e50e7d7d60f6878233e4f31
34f7f212e0141790c2a96356df898b26b0b3971ec0d21eecc2171699de7a783b
362cb80c1689ebab28bbf2dd7c429f2dcb8a56284ccce0f456b2ce07d2181d04
36f9a608bae27c9f3c2232aa9ea162ea49a2f3327181e49bc690379a4cae7a8d
38b88470d1086465a4372837c7222c7846962536bb16316fc50b94ea928a0c4b
3c712dc3b9b7261522188011b693d4e91b6d2962a55f7279166ef430408a786f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42c140e2b9b5070ee72d7dc70bc7b2d5c90c7d8a79aa76705bef6f04feff0754
441107953f4457c47708f9fa424820cfade97e1c9925b570fbd66268e75ec690
4678dc751c7c76b34dc6300f25bb7082ce9cd966581c87c0d5ba8254516e98f2
47df61d40cd6e0b19e9e51a3c86445ff3f88b7b9fe80935f9f7ec172e8381fd3
4872e44db841485c62de1b4f1b357bab4b94c33bde089279c5f0f8913b61606b
4a658dce38af3e0fb615380bd5a75418755a48d4f9c4fd3cd9074c501a63d119
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6cc340007fceb7b536a6bb4944cc199f913bf216489841e168e371a5befec4
4cdc5aba97592f3a371a85b5a303a9a716001beedb704c30c835534784a1c15f
4f96bf61edf2be998899b733cd402e9efd43ed43188539dbe2ef10db2768b393
53723cc0cbd732222f2e25f870af7b558b152f5feeef9877600e11bda13aec91
596c0276d20ad087f3a8274436aa2bb265883c248c0d04be2a4ffd40feb24b5b
5ba4530802e8ad84222936f789c36fc8692497ab880eba528f8820370b24fa32
5f3e2fa621df8ff66bb0b14054a4e8a5713ec69160b9ebba443f1420c52284bd
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
5ff2b505117f2cfa56bc4f4d2043887a3466db3730a431696fad5781d4599775
63496198da5907c875c7540e4cb183d64faffde6c9a90788840493b20854da6c
63554108d9b981e1e7e6858a2376950b499c3d6f474f406acd53957d328d93d1
63a9523b3a82ef4a9744f4dfa9be3ce99ec7bff6c7b8b4b23442759dd3821bd5
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
6b76eb20394e7b2e7249ccc918a5a529836b811e8e7e64765c2ad6686c013f8c
6f03e3df03b4760e122ba4ec051c0a48e7489f66ad2df62386e06f89c137a98f
70a36f1a4a330772164c0c0c2e0a41f8dcba02da08218a6a96d5c7870c81b925
70b96c9a4a56a7dfd268ed4b2b510fe51e5d62292fc3b13903e5ddfc7ba8324e
71df80b1021d92ef56594187ed006270c59329987abc52fc9772cd6dd919979f
74104e39896250a24360bf0e99b9ec307987df87b3ae29df10604ec3b65fcb0d
78cba90c7cc7fe3fb09e076cc049d9cd3fe0ef9fc454c1aa038bfc4a23c09b63
796de1bd57056646e70e7749841a0f1f15043f263e63cd41f252e238e3a40b1c
7d37ae8937685ae8bf0ea0b280efdd6ee162927f4beaaacc8af1fdee65401acc
7dbc2ef1e171668029120bc291e16a13703a8b203b86ce46993749b6346d6777
7e503dd683b2fa5bc8c25e58b561d46d974cf6bf08f1e03ff8305094afdbafdc
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cbf26590d7e4d65ec1c15e047400a95867dd3960da002cff46eb98dcd05d3a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860093f546df713a9a38ddabd46b9cf0b5dcfe1c15b0eab33c15aaf830dbb50a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8da117c7deb974b83c86ae65475d5636cfe4aac4b7a308f3a993b741941001
90f708ec220979a76fc6ade32dcd050ad8f2bf81ac9219f919d3bf8233c9b388
9253884019e1a359aa95132ee85c032dcc3f807d728b116f98263afed5e4924b
9988fa01dd581c3f62c68c3fa16dd773b3680eafff662c9a8365e3acfc33482c
9f0a8b2e4aa52ab0eb65b34b136dc87fa82cd365158abf1d61fb22231d377020
a043f104689eddc33acf90d6989140763b54d1cc073cb324890572315bd30cbd
a153aafe15593ce78b985ded82ffde57b1aaac9c13bbc1db59424726e7eae704
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a236cde87bc66cdc3d09c72957d0979f63b1274eec1bb12b5a52ad032d1d38a7
a39b8840cce84d69d4234bf9e524a4be6cb1d1a69f6b4a4ca6a5dd341a5fd0c9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b367d278abdbff97dcca334e31b1714fae2f7922f2347c5e76a6fd2c67f15079
b3addbcef9c0652a459d396dde058dcd6ec2729b337f94402a22a7db9e3b4eb5
b612d85c77aed8c058d29f0e53519b09cab7cbd4576c6f22595bd00bcd740b5f
bd997b0853256f110826ae9403a2069a78a5b252b2ca995aef08bc60e9ea2805
c03845abda6a517e5ecad47716541883988e33ddc2b4160e624a750b5ff744d3
c2ccf777d98e072df5f051f3307ef116ec1d7d31ae00134f7c0ddf245a132876
c43a0292f53e0dd8d03b30e415ecaa157aa767d3b0a305499c0b9219d97307b3
caefc900beabcb8b438e7e4861b34f560d256675a09c417fd201574cd257741c
cb4d503a257c4ec2f81205eb7263a85d92e56f3cc2a1a7615f959db382f1e508
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d28614aa641e7c0f96ba6b612e565527de84b9d82a5fbb9e732554e98732f570
dbc993c0ca90c7beecabc98795fe3664c8c5f4e77fbcea295580367fac44c58a
dc46f453f7afdcded6351b2589a712cdad2e23f60e3c497fc7c61ddd850215cc
dccb723278989878b88d79b9ab8b3d762ebd2424987420880ba086c89a0fbe35
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6ed3ebb6709adefcc03a611d4731689cb67977f34a667aaaac668cb76e846d
e1095ac87f5a753905358318e3194526231e36d856d77aec0b145787428f1654
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f9e9d6e8fbed416b232775f03f5026a882e413ea6a83614c334d378bbbda5f
e740ff14e369ddc1b01850f445df3e8ec75b6512eadb9483e4080ab36cd891a2
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e7b747b786fdb06ae46165db2ac7aebc8ef505bdb72e6716921ce57aca0d5da6
ed05abf30759770a5862a3464c18f9d23e96be72ad0041da350df8abedb7deb6
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f766c751e0111fb04351dfc35f85f3440ac15e6e99c5b38e5b340bdbf5225889

shop.crealogix.com Open in urlscan Pro 62.113.230.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

86 %HTTPS

33 %IPv6

27 Domains

37 Subdomains

24 IPs

10 Countries

7089 kBTransfer

8183 kBSize

45 Cookies

4 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shop.crealogix.com Open in urlscan Pro
62.113.230.74 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

86 %
HTTPS

33 %
IPv6

27
Domains

37
Subdomains

24
IPs

10
Countries

7089 kB
Transfer

8183 kB
Size

45
Cookies

154 HTTP transactions
1 data transactions