picrew.me Open in urlscan Pro
52.222.214.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://picrew.me/
Effective URL:
https://picrew.me/
Submission: On February 24 via api (February 24th 2022, 9:09:42 am UTC) from SG — Scanned from DE

Summary HTTP 202 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 30 domains to perform 202 HTTP transactions. The main IP is 52.222.214.49, located in United States and belongs to AMAZON-02, US. The main domain is picrew.me. The Cisco Umbrella rank of the primary domain is 51720.
TLS certificate: Issued by Amazon on May 30th 2021. Valid for: a year.

This is the only time picrew.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	52.222.214.49 52.222.214.49	16509 (AMAZON-02) (AMAZON-02)
15	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	130.211.14.194 130.211.14.194	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
19	18.66.97.119 18.66.97.119	16509 (AMAZON-02) (AMAZON-02)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	13.32.99.41 13.32.99.41	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	13.32.119.188 13.32.119.188	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	13.32.99.43 13.32.99.43	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
3	2600:9000:236... 2600:9000:236e:3400:1f:2964:4340:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	18.66.112.114 18.66.112.114	16509 (AMAZON-02) (AMAZON-02)
2 5	18.66.112.34 18.66.112.34	16509 (AMAZON-02) (AMAZON-02)
10	3.113.178.99 3.113.178.99	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 6	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.0.189 178.250.0.189	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a04:4e42:3::738 2a04:4e42:3::738	54113 (FASTLY) (FASTLY)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	52.213.253.251 52.213.253.251	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.204.78 3.126.204.78	16509 (AMAZON-02) (AMAZON-02)
2 2	96.46.186.59 96.46.186.59	7979 (SERVERS-COM) (SERVERS-COM)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	18.66.127.68 18.66.127.68	16509 (AMAZON-02) (AMAZON-02)
202	40

3 52.222.214.49 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-49.fra56.r.cloudfront.net

picrew.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.14.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.14.211.130.bc.googleusercontent.com

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 18.66.97.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-119.fra56.r.cloudfront.net

cdn.picrew.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.99.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-41.fra60.r.cloudfront.net

share-cdn.picrew.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.119.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-188.fra60.r.cloudfront.net

cd.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-43.fra60.r.cloudfront.net

dad.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:236e:3400:1f:2964:4340:93a1 (United States)

ASN16509 (AMAZON-02, US)

imp-adedge.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.114 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-114.fra56.r.cloudfront.net

cr-p31.ladsp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.112.34 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-34.fra56.r.cloudfront.net

cr-pall.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.113.178.99 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com

ssp-bidapi.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.189 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::738 (United States)

ASN54113 (FASTLY, US)

static.pc-adroute.focas.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.253.251 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-253-251.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.204.78 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-204-78.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.186.59 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.127.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-68.fra60.r.cloudfront.net

j.amoad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120	380 KB
28	picrew.me 1 redirects picrew.me — Cisco Umbrella Rank: 51720 cdn.picrew.me — Cisco Umbrella Rank: 68457 share-cdn.picrew.me — Cisco Umbrella Rank: 88347	836 KB
23	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67	291 KB
21	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 736 gum.criteo.com — Cisco Umbrella Rank: 355 ssp-sync.criteo.com — Cisco Umbrella Rank: 1860 mug.criteo.com — Cisco Umbrella Rank: 3197	24 KB
13	i-mobile.co.jp imp-adedge.i-mobile.co.jp — Cisco Umbrella Rank: 117958 ssp-bidapi.i-mobile.co.jp — Cisco Umbrella Rank: 116454	89 KB
11	ladsp.com 2 redirects cd.ladsp.com — Cisco Umbrella Rank: 89590 dad.ladsp.com — Cisco Umbrella Rank: 192519 cr-pall.ladsp.com — Cisco Umbrella Rank: 2801	10 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	110 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 591 syndication.twitter.com — Cisco Umbrella Rank: 840	214 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	228 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 263	40 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	2 KB
3	focas.jp static.pc-adroute.focas.jp — Cisco Umbrella Rank: 225052 pc-adroute.focas.jp Failed	10 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 638	123 KB
3	ladsp.jp 3 redirects cr-p31.ladsp.jp — Cisco Umbrella Rank: 5853	675 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9027 www.google.de — Cisco Umbrella Rank: 6342	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1448	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 444	1 KB
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1397 pbs.twimg.com — Cisco Umbrella Rank: 688	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	87 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	82 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	105 KB
1	amoad.com j.amoad.com — Cisco Umbrella Rank: 144039 n.amoad.com Failed	46 KB
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 725	222 B
1	google.es adservice.google.es — Cisco Umbrella Rank: 40032	792 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	407 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	415 B
1	adingo.jp cdn-fluct.sh.adingo.jp — Cisco Umbrella Rank: 68728	4 KB
202	30

	Domain	Requested by
20	tpc.googlesyndication.com	4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	cdn.picrew.me	picrew.me cdn.picrew.me
14	pagead2.googlesyndication.com	picrew.me pagead2.googlesyndication.com cdn.picrew.me googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	securepubads.g.doubleclick.net	picrew.me securepubads.g.doubleclick.net 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com www.googletagservices.com
10	ssp-bidapi.i-mobile.co.jp	imp-adedge.i-mobile.co.jp picrew.me
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
7	platform.twitter.com	picrew.me platform.twitter.com
6	ssp-sync.criteo.com	static.criteo.net
6	gum.criteo.com	3 redirects static.criteo.net
6	bidder.criteo.com	static.criteo.net
6	www.googletagservices.com	4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	www.google.com	1 redirects picrew.me googleads.g.doubleclick.net 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com tpc.googlesyndication.com
6	share-cdn.picrew.me	picrew.me
5	cr-pall.ladsp.com	2 redirects 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
5	4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	fonts.googleapis.com	cdn.picrew.me googleads.g.doubleclick.net 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
4	c.amazon-adsystem.com	picrew.me c.amazon-adsystem.com
3	x.bidswitch.net	3 redirects
3	mug.criteo.com	picrew.me
3	static.pc-adroute.focas.jp	imp-adedge.i-mobile.co.jp
3	static.criteo.net	imp-adedge.i-mobile.co.jp
3	fonts.gstatic.com	fonts.googleapis.com
3	cr-p31.ladsp.jp	3 redirects
3	imp-adedge.i-mobile.co.jp	dad.ladsp.com
3	dad.ladsp.com	cd.ladsp.com
3	cd.ladsp.com	4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	picrew.me	1 redirects cdn.picrew.me
2	ads.betweendigital.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	syndication.twitter.com	1 redirects platform.twitter.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	picrew.me connect.facebook.net
2	cdnjs.cloudflare.com	cdn.picrew.me cdnjs.cloudflare.com
2	www.googletagmanager.com	picrew.me www.googletagmanager.com
1	j.amoad.com	imp-adedge.i-mobile.co.jp
1	sync.taboola.com	1 redirects
1	pbs.twimg.com	picrew.me
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.google.de	picrew.me
1	adservice.google.es	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com	picrew.me
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn-fluct.sh.adingo.jp	picrew.me
0	pc-adroute.focas.jp Failed	static.pc-adroute.focas.jp
0	n.amoad.com Failed	j.amoad.com
202	49

This site contains links to these domains. Also see Links.

Domain
support.picrew.me
tetrachroma.co.jp
twitter.com

Subject Issuer	Validity	Valid
picrew.me Amazon	`2021-05-30` - `2022-06-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
cdn-fluct.sh.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-09-27` - `2022-10-14`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-03` - `2022-03-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.google.es GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2021-05-07` - `2022-06-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.i-mobile.co.jp JPRS Domain Validation Authority - G4	`2020-08-18` - `2022-03-31`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
shared-certificate.user-space.cdn.idcfcloud.net GlobalSign RSA OV SSL CA 2018	`2022-02-02` - `2022-07-26`	6 months	crt.sh
*.amoad.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-17` - `2022-06-17`	2 years	crt.sh

This page contains 32 frames:

Primary Page: https://picrew.me/
Frame ID: AD09F898C2D61374D7CD5E48CA39FAAA
Requests: 83 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220221/r20190131/zrt_lookup.html
Frame ID: D9D1D3EED393175A0AB719837D835E6F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fpicrew.me
Frame ID: 364620808FC816E2520F352AA82635FB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&adk=1812271804&adf=3025194257&lmt=1645693776&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpicrew.me%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693775971&bpp=4&bdt=177&idt=373&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7414870864630&frm=20&pv=2&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=392
Frame ID: A046AA163DCD1DCC5FFD9D0B4CDB50F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=2258987082&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=2&psa=0&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=3&bdt=812&idt=-M&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BZAscC2e0y&p=https%3A//picrew.me&dtd=46
Frame ID: 0AA72038C8600E23D8FE150D3D85CB9E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1503017450&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=3&psa=0&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=10&bdt=812&idt=10&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0%2C1024x90&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TiNCwQXfMR&p=https%3A//picrew.me&dtd=62
Frame ID: AC220363B77946C439EF31589DD9269B
Requests: 16 HTTP requests in this frame

Frame: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B929ECB01B379CA4EBD7947D842D1411
Requests: 1 HTTP requests in this frame

Frame: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 52E89456662500442CF62420BE0D67B0
Requests: 9 HTTP requests in this frame

Frame: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7BFB462F803984E507B022C676455075
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%96%89%E3%81%98%E3%82%8B
Frame ID: 47E5A925572B78822F5990E2EB28BDB0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 843CE447BA4C0B4C769684D36ECD3B71
Requests: 2 HTTP requests in this frame

Frame: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BBA19AF52F355F360900B0A8FB6AE89D
Requests: 8 HTTP requests in this frame

Frame: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5221D63DE5588B62C83DE23534A489CE
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Frame ID: CA53C534C14A95CA88438F811CC3AB23
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: FFA3A524C36C1159607FA64E7BA590FD
Requests: 1 HTTP requests in this frame

Frame: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Frame ID: 78DD3AEE366A7E7EB9E3F95D48050207
Requests: 12 HTTP requests in this frame

Frame: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Frame ID: 46D27D34C343D904535CD88991260619
Requests: 10 HTTP requests in this frame

Frame: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Frame ID: ED86D5A68102CACF1F3A4E9D1C4CC8E9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Frame ID: 6A2B76AA1408AEA9F1A7A47A7C6CCD40
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js
Frame ID: CF3D6B6780C8E6832471CA6FC7E8F6F2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=picrew.me
Frame ID: CC1892B537547A544C68D444D0F165BF
Requests: 2 HTTP requests in this frame

Frame: https://static.pc-adroute.focas.jp/js/adroute_ads.js
Frame ID: BE758598D2C8264ACE1FA7D6277C3B0A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=picrew.me
Frame ID: AFE50F3C5E3C6A1C7140284C0C4287CA
Requests: 2 HTTP requests in this frame

Frame: https://j.amoad.com/js/n.js
Frame ID: 2BA8DBF8F9CDC9E45B4BCAAC64518431
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=picrew.me
Frame ID: 09881CA2E356770F7A97D1AA901ABF99
Requests: 2 HTTP requests in this frame

Frame: https://static.pc-adroute.focas.jp/js/adroute_ads.js
Frame ID: 55AF5981C8EE7D488565EFD2D58D8639
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7AA2980458E20EFC49BDABEC6DF379B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B247C4A0E161979FCFB9E192B13140D
Requests: 2 HTTP requests in this frame

Frame: https://static.pc-adroute.focas.jp/js/adroute_ads.js
Frame ID: 40E88B1735BBCC1C6F3A0EC4F7D5FAFD
Requests: 2 HTTP requests in this frame

Frame: https://pc-adroute.focas.jp/ads/show_page.html?mid=115542&type=1&block=adblock_115542_2&inner_w=728&inner_h=90&scr_w=1600&scr_h=1200&time=1645693780
Frame ID: 0F88AA194734CC39B152D8044BF61E25
Requests: 1 HTTP requests in this frame

Frame: https://pc-adroute.focas.jp/ads/show_page.html?mid=124360&type=1&block=adblock_124360_16&inner_w=300&inner_h=600&scr_w=1600&scr_h=1200&time=1645693780
Frame ID: 068AA0151484D0182FED233C7B5C54FF
Requests: 1 HTTP requests in this frame

Frame: https://pc-adroute.focas.jp/ads/show_page.html?mid=124361&type=1&block=adblock_124361_1&inner_w=300&inner_h=250&scr_w=1600&scr_h=1200&time=1645693780
Frame ID: D3C1F7A2589479CBB2E952C7544850D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Picrew｜つくってあそべる画像メーカー

Page URL History Show full URLs

http://picrew.me/ HTTP 301
https://picrew.me/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

202
Requests

92 %
HTTPS

55 %
IPv6

30
Domains

49
Subdomains

40
IPs

7
Countries

2714 kB
Transfer

6486 kB
Size

22
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://support.picrew.me/about_picrew_player
Title: Picrewの遊び方

Search URL Search Domain Scan URL

URL: https://support.picrew.me/terms
Title: Picrew利用規約

Search URL Search Domain Scan URL

URL: https://tetrachroma.co.jp/privacy/
Title: プライバシーポリシー

Search URL Search Domain Scan URL

URL: https://support.picrew.me/
Title: Picrewの使い方

Search URL Search Domain Scan URL

URL: https://twitter.com/picrew_tc
Title: 公式Twitter

Search URL Search Domain Scan URL

URL: https://tetrachroma.co.jp/privacy
Title: プライバシーポリシー

Search URL Search Domain Scan URL

URL: https://support.picrew.me/contact
Title: お問い合わせ

Search URL Search Domain Scan URL

URL: https://tetrachroma.co.jp/
Title: 運営会社

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://picrew.me/ HTTP 301
https://picrew.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 147

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 149

https://cr-p31.ladsp.jp/cookiesender/31 HTTP 302
https://cr-pall.ladsp.com/cookiesender/31 HTTP 302
https://cr-pall.ladsp.com/cookiesender/31?cr=true

Request Chain 152

https://cr-p31.ladsp.jp/cookiesender/31 HTTP 302
https://cr-pall.ladsp.com/cookiesender/31 HTTP 302
https://cr-pall.ladsp.com/cookiesender/31?cr=true

Request Chain 165

https://cr-p31.ladsp.jp/cookiesender/31 HTTP 302
https://cr-pall.ladsp.com/cookiesender/31

Request Chain 183

https://gum.criteo.com/sid/json?origin=publishertag&domain=4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=picrew.me&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=cDTd5nxlNDdQVjB5V0ZHTU1wSTBsTVVzb3VKWnFoSW9VKy9MdXdidURybCs5TGlrZUpBUGVQVy8vVGxTc045L2lEOTdRUlk0bi94eGkyR2FNUE9sMTJrSWpob3Nad2o0bkhwaGxzOHcvYnVwdGhMdSthd3RZTWtDVW1pcDNFRlZKTEVLbXhtRGF3Y0prR0lnV0srTU85WE9IaTE1eTNEOU9aM1BaOUF0dkNNdFJ2R3VjQXpZY1l2Qk5jMmxNbS9DQkU5WW56cC83Y3FsNXRRYWxtTkdBVFVPZ2Z6Vjd0VlJPdkRZcHEzOVFERTRoZGdvMmlpeE5YNU1PNlBZOHQzY1NCTFNHS28xcWtCWEI0aWIxVWR2ZVFjNDdRSHdqdllMdS9SZ2NHQ2N4RmFNS1BhRUpaUzJyVWRyQzQ2MTlJck8xaTFacHM5NTgvRW1KcitwaVdUdVpycFhLVGpsbjFJMHh6QlFzdkFXWXZ1OFl6ZGs9fA&cppv=2

Request Chain 185

https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dloLIJF9MdGM5VXFSNW81QSUyRkpxQWNjMGRzNmMxQ243UEgwcGxLZ2dMZ3I4bUFEVFklM0Q%26u%3d%24%7bUSER_ID%7d&gdpr=false&consent=&ccpa= HTTP 303
https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3DloLIJF9MdGM5VXFSNW81QSUyRkpxQWNjMGRzNmMxQ243UEgwcGxLZ2dMZ3I4bUFEVFklM0Q%26u%3D%24%7BUSER_ID%7D&gdpr=false&consent=&ccpa=&_bee_ppp=1 HTTP 303
https://ssp-sync.criteo.com/user-sync/match?p=loLIJF9MdGM5VXFSNW81QSUyRkpxQWNjMGRzNmMxQ243UEgwcGxLZ2dMZ3I4bUFEVFklM0Q&u=AAESaU7ELpcAAH86S5mV3g&gdpr=false

Request Chain 186

https://x.bidswitch.net/sync?ssp=criteo&custom_data=Hc15P19OSXVMTW41QXVKTGFlN2xZWVdXY3dmWDVWSDFMMVZJTXFvWkM1dmVRd0hrJTNE&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=Hc15P19OSXVMTW41QXVKTGFlN2xZWVdXY3dmWDVWSDFMMVZJTXFvWkM1dmVRd0hrJTNE&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dcriteo%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dcriteo%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=589523a3-aaac-5337-8018-0460e20f4f33&ssp=criteo&expires=30&user_group=1 HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=Hc15P19OSXVMTW41QXVKTGFlN2xZWVdXY3dmWDVWSDFMMVZJTXFvWkM1dmVRd0hrJTNE&u=2476dcc1-bfcb-4e40-86e9-798544533b92

Request Chain 187

https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dUsj31l9yRmJGZUpIb3laUkZUU3dHS2NEUmFwZGtmR1VyWXpURTZobHRDNVhnS0hrJTNE%26u%3d%3cTUID%3e&gdpr=false&consent=&ccpa= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=Usj31l9yRmJGZUpIb3laUkZUU3dHS2NEUmFwZGtmR1VyWXpURTZobHRDNVhnS0hrJTNE&u=a307e5d8-d7c6-4e63-97b6-8387a26e404a-tuct910d0d3

Request Chain 192

https://gum.criteo.com/sid/json?origin=publishertag&domain=4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=picrew.me&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=_lJv5nx4WFlGaGVjV0ZuUkk2a3JqWlRkT3czbFVDOUJSU25GMFZFa2t2Z1FHSldvYlFqZDlHbWszdmdXN24rajRhTDdwZ2hxUmttYkNEcWlGb2JYdUhjbklQOTRFYkRnYlB4NVRrd24xejRsYTFmV0Z0NHpnSDBiRHVLaEhaOFpKQWVJTEl2dXN2OGQ5TWRJMndlUmgxR3hnWnNmMzUvWDB2M2JxSVVMeVpPSFhwaURQa0toR09XdEhuT1p0a2NhRFZkZHZ0UEZXckY0MUF0RVVwUWZjSWlxaTl4Z3FKdy9hUDdvY3BIRVJaQnNTbWdkangyeFJiaTNIN1djcGxHcklUL2F0ZFZlcWE4UUxiWE5MRHNIY0pQV0ZhNis3Q0ZHZjRPWVBMV2dyWFI0Z1pLSnRtNVRKbGErbjhOY1lHcEViU0MxZ2EzVExHUjY1YTVTaVNpaHFuUTBzbG02N0wycVBJWmpJcnhmZjBGOWZHWDA9fA&cppv=2

Request Chain 203

https://gum.criteo.com/sid/json?origin=publishertag&domain=4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=picrew.me&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=XvkjH3xJR0F5bndNUkErVFdNYndXZ2dqK09NclExOTB3ak1qaTFpeW1sQ2I3SmhqUndpZzdOWnVTcUpTcWhYOU84Qm5hZ3pQTThFNHZmRm1kcjJRem54aTNUNEVLd1QxQlZpVkUyeFpkVit4SWZXTFJFSkREdzNiQlFiVHFpdXlVQWx5N1FtUHNnQ0kzOFZCbEpuTlhtS2ZkVzE3UjZMVEtmbkQ0dUQ3MDJiV0ZLRlEySzlZVklGZjVYQzJhdUFwUUttVkJIaHVIdHNLa3NpQS9ZVVNYL0x4VE5CaWZrNXVhMEpQYlhhb0hPWGhIZndYTnhHMHprcDRwTXJSU1gwR3VtNmJqdkNxRmxqanVjcFJNbDdFQ3lzVWt4UFduL1ZtWDg2akwzRWRmTDRqV1ZEaWtlUmdkZUdkSU55cTUvZEg5emQ3TVk0SmNnTmtqc0tvdE9GUkFEbjJWdXV0Qno0bFM2SkJhM2FPOVdVZHM4S2c9fA&cppv=2

202 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
picrew.me/
Redirect Chain

http://picrew.me/
https://picrew.me/

38 KB
12 KB

259ms
243ms

Document
text/html

52.222.214.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-49.fra56.r.cloudfront.net

Software

Resource Hash

47ec87be6c8e77237819637e92b791b88e0da3d8cc2348735c5a63b24679bb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Thu, 24 Feb 2022 09:09:35 GMT
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 0
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: UsGtEEBsb5b_e09V3VDGtnM5e_O280AVNxvadwuyemCgTHLAwL6flg==

Redirect headers

Server: CloudFront
Date: Thu, 24 Feb 2022 09:09:35 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://picrew.me/
X-Cache: Redirect from cloudfront
Via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
X-Amz-Cf-Id: LhtOzPJIk4odrWmwCHq7nRE4kKksuZJN-m05HmanEqE7YTwCC7iDWw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 62ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

a4b5e22a9b8fdea1ee7437306ff87774f380705242619b0f0be2473a187daf7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27470
x-xss-protection: 0
server: sffe
etag: "1141 / 165 of 1000 / last-modified: 1645657840"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Feb 2022 09:09:35 GMT

GET
H2 200 kv.js Show response
cdn-fluct.sh.adingo.jp/ts/ 4 KB
4 KB 291ms
264ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/ts/kv.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:35 GMT
via: 1.1 google
last-modified: Tue, 10 Nov 2020 02:42:50 GMT
server: nginx
x-goog-meta-goog-reserved-file-mtime: 1604975443
etag: "556934705e12b655011cd42324d63d74"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 4159
expires: Thu, 24 Feb 2022 10:09:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 89ms
61ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44225fe49c69b257f2e09a0133dcd7c7a5e15e27bff44dc577ab63b74e2b620e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53830
x-xss-protection: 0
server: cafe
etag: 12412120917551898444
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 09:09:35 GMT

GET
H2 200 542173a448ccd8681cd6.js Show response
cdn.picrew.me/assets/player/20220207032436/ 4 KB
2 KB 58ms
9ms Script
application/javascript 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20220207032436/542173a448ccd8681cd6.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 652a384127b16fecd7564ffd3858bc4d7b9b78fb4c6b65d8d3698b20f6ef4268

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: DiczjH8xYH0j1N9JavVxjg1rSsvMEuaZ
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 03:25:57 GMT
server: AmazonS3
age: 42100
etag: W/"3b03444b3bc4889a216c6a07785ff8b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
date: Wed, 23 Feb 2022 21:27:56 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: WnFMjp9Dv2abXr4mvJ8t5U3bjdne1VJMtPt-nDa2GZsHdJX7sZDcRw==

GET
H2 200 b1407aa7d4cb11fed215.js Show response
cdn.picrew.me/assets/player/20220207032436/ 169 KB
58 KB 64ms
15ms Script
application/javascript 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20220207032436/b1407aa7d4cb11fed215.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffe6c1d218c4ab3128d2ce01070022a7340b1f379b2a8abaca3ac1992f0ced81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 0DCtifbGZ2v3zjbjLWw8J4lOCv9HdRQg
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 03:25:57 GMT
server: AmazonS3
age: 42106
etag: W/"de2dca502a1279d7f46cc7273ddb0391"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
date: Wed, 23 Feb 2022 21:27:49 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 2SRT6QEDRN6xjR1Ed7ZHZlgjm2JkjVxDlfMGOXa88LiD5O0Sh0cxrQ==

GET
H2 200 0360fe6ba1fe0ec41cdf.css
cdn.picrew.me/assets/player/20220207032436/ 4 KB
1 KB 55ms
6ms Stylesheet
text/css 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20220207032436/0360fe6ba1fe0ec41cdf.css
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: VUymD8DWtW.T9ADV8NZh5nF6XMkZSGtU
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 03:25:57 GMT
server: AmazonS3
age: 60010
etag: W/"6577c07362affb431ee21f4ba944e0b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
date: Wed, 23 Feb 2022 16:29:25 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: UFXNYEg33f04cQ22jsbNlrtRqYZ2IAOoIHSWZ6a_IFQd5Xnml56jcA==

GET
H2 200 0f004a9739049d81503d.js Show response
cdn.picrew.me/assets/player/20220207032436/ 125 KB
41 KB 87ms
38ms Script
application/javascript 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20220207032436/0f004a9739049d81503d.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cca5a3d1a8326827e8a2667927ac8c241ada0405301532f31bab460e14fd8b75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: w_vV4.zQUwG5zHas3HCBTrOJIWKC4_Tq
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 03:25:57 GMT
server: AmazonS3
age: 50610
etag: W/"1e66363633e410fefea9f20107cd371e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
date: Wed, 23 Feb 2022 19:06:06 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: -O5kH3wMoNEOIE_S5ric1qsuVLixJLzkBm0BqU4Mg1T8BaUbe0uLVw==

GET
H2 200 0955dac696c8b3a5aec9.css
cdn.picrew.me/assets/player/20220207032436/ 99 KB
16 KB 56ms
8ms Stylesheet
text/css 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20220207032436/0955dac696c8b3a5aec9.css
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 157e70989ce236952d153e1bb72e9080c10de4dedaf282c20eb1c904cea0281e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 8MkPSBNGR3SrkwgRfTG6i9Ate74YylN3
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 03:25:57 GMT
server: AmazonS3
age: 37790
etag: W/"9bf6d93ce948e8205ee6c08fcf64d6f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
date: Wed, 23 Feb 2022 22:39:48 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: BV-PkArXyZrm8Cq9U1xUNqpoFy6RHmWTs56yrlgJuq7H7CQSiHfaIw==

GET
H2 200 2f3b2822b0c964d33196.js Show response
cdn.picrew.me/assets/player/20220207032436/ 121 KB
35 KB 95ms
47ms Script
application/javascript 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20220207032436/2f3b2822b0c964d33196.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f5bc9e9ab4d43a162687ff2b189d055f1d35be494cdb5575a86176d2190ad18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: PsUot24gPhxSIfIiEz9G9BNGW.qH26sc
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 03:25:57 GMT
server: AmazonS3
age: 77180
etag: W/"695b90ad01f16eec1e7f67ad680cff7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
date: Wed, 23 Feb 2022 11:43:34 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: uFns2RJyjIWRwwavhfzgbdDCENFynufQHwFWTuXb6PkPpev0KrLpAQ==

GET
H2 200 c9986cd780d73df2b7b5.js Show response
cdn.picrew.me/assets/player/20220207032436/ 13 KB
4 KB 113ms
64ms Script
application/javascript 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.picrew.me/assets/player/20220207032436/c9986cd780d73df2b7b5.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4c923ed1aa906fafe4b279acf928cd43e89ffd396d6fab9c011ce69e1f0ca4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 9V.DMlTwZJdjvOYq.XOyfhrFZRED1I3D
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 03:25:57 GMT
server: AmazonS3
age: 46460
etag: W/"ca3779f012c9fe9004391042fad89f89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
date: Wed, 23 Feb 2022 20:15:27 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: KUsUrfgFpJboTJm2wLQR1rrL6EQWn1k-hPsJxZMdo17S8YKXJ8hQUw==

GET
H2 200 bff7e9a.png
cdn.picrew.me/assets/player/20220207032436/img/ 79 KB
79 KB 68ms
67ms Image
image/png 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/assets/player/20220207032436/img/bff7e9a.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 825dd16d8f642ff84080e41219f2642bdd77fc30df9b8bb50dbe240c42b8b393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: OqJS3O2LEkvOQa.VgS0DKLqwELQXQexG
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 03:25:57 GMT
server: AmazonS3
age: 4978
etag: "bff7e9aed01415fd0dd65d6177edcead"
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 24 Feb 2022 07:47:29 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 80471
x-amz-cf-id: HdO7sZOkgG8l0v7NFPHvOUnLIgrZX-B5Rm0NIxih9Gw5AwZCWAKDmw==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 174ms
38ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 09:09:35 GMT
Content-Encoding: gzip
Age: 667
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (mil/6CE2)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 b38d2f2.png
cdn.picrew.me/assets/player/20220207032436/img/ 26 KB
26 KB 62ms
61ms Image
image/png 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/assets/player/20220207032436/img/b38d2f2.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae7854ae440a4389fd7d9789c55bd80c7365dc0de4ac53f1702df4d07426f4cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: hMEOgpMvYDq_xumMnLrj2bdHRwO756ly
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 03:25:57 GMT
server: AmazonS3
age: 18099
etag: "b38d2f2d5e063165095de52d4d559548"
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 24 Feb 2022 04:08:42 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 26528
x-amz-cf-id: ZMt8a219KBidMX7TPuKWChLZfLzWRiZ2VQyCHreoL9aRSzzQISRmKg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
42 KB 56ms
31ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NW5MMVL

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24062633a1da9cb6cd061e9faca3a7ea84d02c15cc7b312aacc6cb1c1c16e650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42043
x-xss-protection: 0
expires: Thu, 24 Feb 2022 09:09:35 GMT

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bc401528e210d05de92040de97620a3d079d8c5f93907ce6e5beed90a178b8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 229 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fc7839b6879b5e3b3605484e1ab69e4f0c3583dde2831953f6cc7face1a4be4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 233 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41568ba8144f47b70f0e4189b2d731a9f5a81da15257ca330da0a6f6db9b30a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 294 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dd21c9cea9dadb7e0531c837945e64ecbf1b4fdc2ec4f5c0b736715064f7ebc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0862cba97e32d121c4b97badf91da074a845f9dfa4d2527e4cdf462ded1a4e7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 231 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b65a8bf8d25642b29e9a3e518b0f5e489b6243dbe9a2cfc002cde358763af68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 345 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bf34e77ed7eba013e27e995b8a9264ad7156c94c9e57d2883ecd2708e254277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1015 B 75ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo+2

Requested by

Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20220207032436/0955dac696c8b3a5aec9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9aa9a36b1dd593347ad492182b05cebf6c5fb46162fa127f6ab6907a2dc2cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.picrew.me/assets/player/20220207032436/0955dac696c8b3a5aec9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 08:49:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Feb 2022 09:09:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Feb 2022 09:09:35 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 118ms
44ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20220207032436/0955dac696c8b3a5aec9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.picrew.me/assets/player/20220207032436/0955dac696c8b3a5aec9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1262026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onELWjC6H1HKaXnOQpDYR2ZC3xykmiobRv4cHBKNPY%2FN0MomtP3Gr8zz7SQ%2BkKDOfi3QegUgp49PBuAGtw%2BHwqQ8EwmLm0gOEfV1T4xmIdwEJi3TMNfZkpfg%2F6VJ47CKA8xNfJa9hY40Hmq1lST5x2Cw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e278e53ba8e839d-MXP
expires: Tue, 14 Feb 2023 09:09:35 GMT

GET
H2 200 pubads_impl_2022022201.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 23ms
22ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

2b533fe5c53324b1ed9a449bbd2d899930396f3b03b05b4c06ee83dd98879074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 07:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125154
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 09:34:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 07:27:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 129 B
120 B 55ms
22ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=picrew.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

98e0a7b748464c158db9d0781e9d19c12eb2bd493dd97b6503a4331f5aa3e712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Thu, 24 Feb 2022 09:09:35 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180101/ 291 KB
105 KB 60ms
41ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9692134005385697&plah=picrew.me&bust=31065025

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

786b6adc2e6f5d2306b13b852a601c0f9d59345e92adc1388ff9a7060bfbf9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107064
x-xss-protection: 0
server: cafe
etag: 1391163249785005271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 09:09:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220221/r20190131/ Frame D9D1 10 KB
5 KB 36ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220221/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 23 Feb 2022 15:37:55 GMT
expires: Wed, 09 Mar 2022 15:37:55 GMT
cache-control: public, max-age=1209600
age: 63101
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a95b3c878dc75218dc64253c799f54d5146215130a08652bd0437efddaa698

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 2b11c1f.png
cdn.picrew.me/assets/player/20220207032436/img/ 21 KB
22 KB 10ms
9ms Image
image/png 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/assets/player/20220207032436/img/2b11c1f.png
Requested by: Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20220207032436/0955dac696c8b3a5aec9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 342245848b6ba171bf23a54eed05aac9d589fc25ec56ae717fdc517178c88492

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.picrew.me/assets/player/20220207032436/0955dac696c8b3a5aec9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: CnUb43UmXHJTRDwha1F0NLUZmcnUV2c7
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 03:25:57 GMT
server: AmazonS3
age: 20307
etag: "2b11c1f6d5961cf549b35aa2d55fadbd"
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 24 Feb 2022 03:31:10 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 22010
x-amz-cf-id: QVde_v4qkAcZ8WcUNRNjMvvNER5HCcJXvW1CDsPHI7LnoPjQL0LVpw==

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 98ms
72ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://picrew.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 53827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEezFX4FHJYdno1S9vUFSNVC5kFL1bLwE6b6AU9priZ3OXFOAD6m4GqrFP%2Bo4KcR3pqqvA14nwDQWE9RSKCdPrmOVG3cUvtEjt4NjhIkq%2BCm1XRoSmR5liL3%2ByhmzZPT%2BjcqRBPFJFjoqwrpAIiwC3lI"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e278e54588ee903-MXP
expires: Tue, 14 Feb 2023 09:09:36 GMT

GET
H2 200 ads Show response
picrew.me/player/api/ 8 KB
9 KB 282ms
269ms Fetch
application/json 52.222.214.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://picrew.me/player/api/ads?page=sitetop&cc=DE&dev=1

Requested by

Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20220207032436/2f3b2822b0c964d33196.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-49.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4c66b4578170fd18c4f67b0822f1563f9b3b7407682978cad99b91e87d51f94b

Security Headers

Name	Value
X-Frame-Options	: sameorigin

Request headers

Referer: https://picrew.me/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:36 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
x-frame-options: : sameorigin
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
cache-control: no-cache, private
x-amz-cf-id: 7hCcJVNdSXqlLqx71kiLEwB6IdpuWHX6B9FQg4rhMNZO_8bceI7EnQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/ja_JP/ 3 KB
2 KB 29ms
14ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2c01cfa00f16ffdfefadb1e081929b1680a3c91a4f82bf9831f0c82cb4d6954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xYy8X3hivjEjt5h7ymFqMg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: /lFL1gYIWWkznoPD4RAyTSW1pMFXFJQ3nqvYluiTwoAiVZy5L/+OPWSi7ZtEaPZeMPvPawQbnq9aVJWR+W33Pg==
x-fb-trip-id: 917726464
x-fb-content-md5: 90f6dcfed1b5549b83bd9ea022f63880
x-frame-options: DENY
date: Thu, 24 Feb 2022 09:09:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "16cfbfa403bccbd89a88e76bb74bad66"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 24 Feb 2022 09:22:45 GMT

GET
H2 200 8025_lYcwKpaR.jpg
share-cdn.picrew.me/shareImg/thumb/202202/ 16 KB
17 KB 966ms
928ms Image
image/jpeg 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202202/8025_lYcwKpaR.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d9c19f33bdf6b04a5963ba3c2d81a794ed71c4eedb233acb5da724dab88e228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 27 Feb 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Thu, 24 Feb 2022 09:09:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "f42f7881243f9f29a9f160d10392e625"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 16548
x-amz-cf-id: RQ4SEpyQ9ePtYkQIVIatqJhn4Nxi9ZZ_s0nC0WIfyiz7GA4bknlDbw==

GET
H2 200 196270_ryQ6iZY4.jpg
share-cdn.picrew.me/shareImg/thumb/202202/ 19 KB
19 KB 963ms
926ms Image
image/jpeg 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202202/196270_ryQ6iZY4.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e8bb154fcb18c88aeb5a0f8f2e19885df316658fc189dfddcdf05ca13e0bd30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 27 Feb 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Thu, 24 Feb 2022 09:09:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "9ebf4be7c4fa8be2be5ed4e11d502ed4"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 19262
x-amz-cf-id: KXgeyt7ztpyF4ZWlwP-9JEcv_OgkVD5R0vsr6MD41jLPLYN6wHmgfA==

GET
H2 200 1448277_7S20v5BI.jpg
share-cdn.picrew.me/shareImg/thumb/202202/ 8 KB
8 KB 964ms
927ms Image
image/jpeg 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202202/1448277_7S20v5BI.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71879ba0bf5893175fb534702b7827eaaf137aaccc06d875302c1c1dfccafaef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 27 Feb 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Thu, 24 Feb 2022 09:09:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "ca0f36d407eaab5ddcb7e2b3833fd662"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 8180
x-amz-cf-id: uoYd_2aD6ma-4vPE5TrZQATtuKKXY7O6RC2X9JBcpVLgqW2GhXqEBA==

GET
H2 200 466657_4vQ8LLEL.jpg
share-cdn.picrew.me/shareImg/thumb/202202/ 14 KB
15 KB 956ms
919ms Image
image/jpeg 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202202/466657_4vQ8LLEL.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5f856c739e3ab13065193cce31648f4ed7bc82d0c0bb0f5095001aed8149356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 27 Feb 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Thu, 24 Feb 2022 09:09:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "abbe757186badb27668a225562a684a9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 14587
x-amz-cf-id: Xa6HBCpn8Sd3uRDSHIIsu4YMxKyKxajO_Y752Lk-JGe7FYl0wF3juw==

GET
H2 200 1180183_0ilG4B50.jpg
share-cdn.picrew.me/shareImg/thumb/202202/ 16 KB
17 KB 964ms
928ms Image
image/jpeg 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202202/1180183_0ilG4B50.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fefa63cc90985e2e674a2681e2e53c98f82bf1e0108c437557165b8852bd1cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 27 Feb 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Thu, 24 Feb 2022 09:09:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "33d2a6dbd9caed493e6216344aa3752e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 16639
x-amz-cf-id: y9epp-vv04RwJM7g0qKwDipx3b6X-1pCBD6wQ3X_vj0mplsFkjgzpQ==

GET
H2 200 94097_pjeodXz7.jpg
share-cdn.picrew.me/shareImg/thumb/202202/ 17 KB
17 KB 949ms
912ms Image
image/jpeg 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share-cdn.picrew.me/shareImg/thumb/202202/94097_pjeodXz7.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5afb63950c19ed7954509fb218b1a90be4fb6460e488ee0d521516ec1192cce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 27 Feb 2022 00:00:00 GMT", rule-id="delete:shareImg/thumb"
last-modified: Thu, 24 Feb 2022 09:09:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "31dfde8b6838b0f3079feffb036e8c4e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=25292000
accept-ranges: bytes
content-length: 17093
x-amz-cf-id: gzkIRIUBXITzvbRWAWsqmzQhjS773AgWfJwlXr8AsLJd1n_tLZ9AEA==

GET
H2 200 icon_MSTdlC9qwXFE6lZw.png
cdn.picrew.me/app/image_maker/11534/ 21 KB
21 KB 10ms
9ms Image
image/png 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/11534/icon_MSTdlC9qwXFE6lZw.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edef583e1ad70d406280aa3c838a88220638b9d42d1daa8c9930ed26e99ae5f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 18:42:46 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Thu, 24 Jan 2019 12:34:22 GMT
server: AmazonS3
age: 11629610
etag: "8bee091d55cedbbd01d4b84a9dceb2ec"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=25292000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/png
content-length: 21527
x-amz-cf-id: xb-_jd4aDckQCchp93uJWaPFw52VeIAk3DYVkObyw6TqXUR2IFnz3A==

GET
H2 200 icon_yrNQgiyE1plDL4IR.png
cdn.picrew.me/app/image_maker/156497/ 58 KB
58 KB 11ms
10ms Image
image/png 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/156497/icon_yrNQgiyE1plDL4IR.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99561e203607f3fb2add517965719836da0fcdb7d769d963ad19d39df03cf082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 00:19:35 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Sun, 20 Feb 2022 00:19:30 GMT
server: AmazonS3
age: 377401
etag: "e86968eaca23380b52ea7d6f0edcb53d"
x-cache: Hit from cloudfront
x-amz-version-id: UqK4vjMUGGmMJxE1wE3dHrN9PIbs2jF2
cache-control: max-age=25292000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/png
content-length: 58978
x-amz-cf-id: B-s0x1zvcgg4ZmpG5KsmiNsa5eEe4V4LnnJENnXEfiatySU3E_kjUw==

GET
H2 200 icon_LHQYDTn9AGPsUVhO.png
cdn.picrew.me/app/image_maker/1414503/ 64 KB
65 KB 13ms
12ms Image
image/png 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/1414503/icon_LHQYDTn9AGPsUVhO.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37d11f02bf952841680f2a99490d0012bd6fa3cef318db86442f324c1a378a77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:33:24 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Fri, 11 Feb 2022 06:04:15 GMT
server: AmazonS3
age: 1074973
etag: "4a64be56f963d6f7c5d50d8478530997"
x-cache: Hit from cloudfront
x-amz-version-id: mEA7EBaH9DAeQqopLKI75sQoDVx_9I3C
cache-control: max-age=25292000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/png
content-length: 65707
x-amz-cf-id: h8MtKodX-Cjsy9sWvOjQka3vn7BtWUbHu-DjBdOHBkSdJDLbiK-qLg==

GET
H2 200 icon_A0NQbY98r7Y29PS2.png
cdn.picrew.me/app/image_maker/516657/ 61 KB
61 KB 22ms
21ms Image
image/png 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/516657/icon_A0NQbY98r7Y29PS2.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5d21146ddc435062b30bea09b3ed227e490a7a9ead7b44309be7ed638c6e436

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:50:04 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jan 2022 20:49:57 GMT
server: AmazonS3
age: 2549973
etag: "258625a62d15a738f3cf2f977262ddea"
x-cache: Hit from cloudfront
x-amz-version-id: kNmznrGFn7C20VyPKNyEH26Alyse1ROt
cache-control: max-age=25292000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/png
content-length: 62364
x-amz-cf-id: I-S8Y6_jR5HMRruzdeqOFJR1gK72cH5LOe8i9935wrDmpCGx_Mr9Rw==

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 3646 319 KB
104 KB 38ms
38ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fpicrew.me
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 119595
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Feb 2022 09:09:36 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 icon_cMwgM6OtTP8X6r9P.jpg
cdn.picrew.me/app/image_maker/626197/ 46 KB
47 KB 8ms
8ms Image
image/jpeg 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/626197/icon_cMwgM6OtTP8X6r9P.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bb1de516325d27d889ca6dd51eca7728ed969f3b5e6b9e3d26ec272602e7605

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 18:27:39 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Mon, 10 May 2021 13:43:04 GMT
server: AmazonS3
age: 11025718
etag: "afa36ef326d7814db384214984f59041"
x-cache: Hit from cloudfront
x-amz-version-id: Sa6RTu4x8wZf4B9eDlfleOgyEPMqIOAE
cache-control: max-age=25292000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 47410
x-amz-cf-id: dmDYfm6YQWgUyA3eu9KgUZjCI-8ynBctrtqjUyutDB6sjVTLtrS0-w==

GET
H2 200 icon_jTuJpW9eQNGNfi4Y.png
cdn.picrew.me/app/image_maker/1472643/ 33 KB
34 KB 12ms
12ms Image
image/png 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/1472643/icon_jTuJpW9eQNGNfi4Y.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4addc437675fcd66ec3a60c7456118520379aedb240eaabcf33b69ec5c85e84d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 14:55:42 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Sat, 12 Feb 2022 14:55:41 GMT
server: AmazonS3
age: 1016035
etag: "3a20a777dff8b8ec22a2b73c4b5b857f"
x-cache: Hit from cloudfront
x-amz-version-id: YxGX3Ez_9i_FYKPEgRfGGPhMAPhkMfVT
cache-control: max-age=25292000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/png
content-length: 34070
x-amz-cf-id: lHl7M5oY1_JAmCbzIF3bUOC1WIIl4amcWIEuYt9Vi0ueJh1KZechzg==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
415 B 15ms
14ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=picrew.me&callback=_gfp_s_&client=ca-pub-9692134005385697

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9692134005385697&plah=picrew.me&bust=31065025

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b6188815623690e449a84664fcad58a888cd72b70e2968ef38fea5b67dc78787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 70ms
20ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=picrew.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=picrew.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpicrew.me%2F&tn=DIV&cls=sw-Loader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpicrew.me%2F&tn=DIV&cls=sw-Loader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A046 0
19 B 80ms
64ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&adk=1812271804&adf=3025194257&lmt=1645693776&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpicrew.me%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693775971&bpp=4&bdt=177&idt=373&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7414870864630&frm=20&pv=2&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=392

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Feb 2022 09:09:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Feb 2022 09:09:36 GMT
cache-control: private

GET
H3 200 sdk.js Show response
connect.facebook.net/ja_JP/ 301 KB
85 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=4237fbd383e1a02be7a2fb0487e3c2cf

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9823f05cd02d18682dfe7a5947e0912591a95bfe11f549fb3a9b2927fddf2c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://picrew.me/
Origin: https://picrew.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2fGY6X51V4xhd93RZc7/7A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 86796
x-fb-rlafr: 0
x-fb-debug: QcTHvpZBudvHbKs/QoN2tQK3Q8GSQe2pUObzcfF4khD9VEstNab6lMyPS/2XPewRSXlelB5/4/K4XgPFDazOzQ==
x-fb-content-md5: 048d3c8c5c844e5ab10e949e753d208b
x-frame-options: DENY
date: Thu, 24 Feb 2022 09:09:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2075bcc33a064dce7671ceaf7683fe5b"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Feb 2023 07:32:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 38ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TXZ7V095SJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NW5MMVL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d850d5a1e842b0986d034e2fcdb5e4a4274b9f0d0ba2ad0688ee7f018a2839e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64867
x-xss-protection: 0
expires: Thu, 24 Feb 2022 09:09:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NW5MMVL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3884
date: Thu, 24 Feb 2022 08:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Feb 2022 10:04:52 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 66ms
34ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1764330357144551&ev=fb_page_view&dl=https%3A%2F%2Fpicrew.me%2F&rl=&if=false&ts=1645693776557&sw=1600&sh=1200&at=

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 24 Feb 2022 09:09:36 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9692134005385697

Requested by

Host: cdn.picrew.me
URL: https://cdn.picrew.me/assets/player/20220207032436/2f3b2822b0c964d33196.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1688c4fc97581a18e248aae6b930d2ec9016896c369ded6a5a8591ba7df88e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53778
x-xss-protection: 0
server: cafe
etag: 1244746263113629815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 09:09:36 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 58ms
14ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 111
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0R8QHB6SXDYTFSFV519B
date: Thu, 24 Feb 2022 09:07:46 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ov_1woHAV6PFyp09jRP82UHO1I8EpMr6HF3DGYg_frhmyq5ddDdRZQ==

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 45ms
24ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=picrew.me

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 38ms
19ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=picrew.me

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0AA7 90 KB
33 KB 538ms
537ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=2258987082&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=2&psa=0&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=3&bdt=812&idt=-M&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BZAscC2e0y&p=https%3A//picrew.me&dtd=46

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ae94c60f70a00801d0a4f8ca5866256d9b36d10e66b27893858bc34d7a447a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Feb 2022 09:09:37 GMT
server: cafe
content-length: 33318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Feb 2022 09:09:37 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC22 95 KB
33 KB 356ms
352ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1503017450&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=3&psa=0&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=10&bdt=812&idt=10&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0%2C1024x90&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TiNCwQXfMR&p=https%3A//picrew.me&dtd=62

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

005851d638bad7d26ea73a3595a0ab7722edbf1dbcdde195414043a94ebc711c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Feb 2022 09:09:37 GMT
server: cafe
content-length: 33386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Feb 2022 09:09:37 GMT
cache-control: private

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
31 KB 491ms
490ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=899883404839875&correlator=769227728486583&output=ldjh&impl=fif&eid=31063378%2C31065013%2C31065270%2C31065289%2C31064537%2C44756895%2C44756897%2C44756432&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220224&iu_parts=9116787%3A22014346682%2C1513801&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&bc=31&abxe=1&dt=1645693776682&lmt=1645693776&dlt=1645693775794&idt=316&frm=20&biw=1600&bih=1200&oid=2&ucis=1&adks=711785640&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fpicrew.me%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e330612f423c424761ea932c9d2a04696576c340b2133c8b812df982ed462edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31639
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://picrew.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B929 6 KB
4 KB 286ms
17ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 24 Feb 2022 09:09:37 GMT
expires: Fri, 24 Feb 2023 09:09:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022022201.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 26ms
25ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022022201.js?cb=31065270

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

e356ed130c233407ae93696fdef45d64f93808ab0c2dd832ddf53726fcfd3036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13443
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 09:34:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 Feb 2023 11:40:22 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 128ms
74ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=18390532&t=pageview&_s=1&dl=https%3A%2F%2Fpicrew.me%2F&ul=en-us&de=UTF-8&dt=Picrew%EF%BD%9C%E3%81%A4%E3%81%8F%E3%81%A3%E3%81%A6%E3%81%82%E3%81%9D%E3%81%B9%E3%82%8B%E7%94%BB%E5%83%8F%E3%83%A1%E3%83%BC%E3%82%AB%E3%83%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=1322764618&gjid=1068169984&cid=1742949966.1645693776&tid=UA-37779012-8&_gid=2037566884.1645693777&_r=1&gtm=2wg2g0NW5MMVL&cg1=&cd1=&z=1536589176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://picrew.me/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://picrew.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 102ms
75ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TXZ7V095SJ&gtm=2oe2g0&_p=18390532&sr=1600x1200&ul=en-us&cid=1742949966.1645693776&_s=1&dl=https%3A%2F%2Fpicrew.me%2F&dt=Picrew%EF%BD%9C%E3%81%A4%E3%81%8F%E3%81%A3%E3%81%A6%E3%81%82%E3%81%9D%E3%81%B9%E3%82%8B%E7%94%BB%E5%83%8F%E3%83%A1%E3%83%BC%E3%82%AB%E3%83%BC&sid=1645693776&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TXZ7V095SJ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://picrew.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3646 232 B
448 B 429ms
113ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=871a896781a38624754c49bb23335dfec9f5d2eb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fpicrew.me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 24 Feb 2022 09:09:37 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 09:09:37 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d71d57aa637f73bdc7f6176c0b4eed8f41285b72fb33e2cc9970f008b31dff70
content-length: 166

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 67ms
67ms XHR
text/plain 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpicrew.me&pubid=c06cc614-f284-4373-8e7b-e334e4dcb9d3
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 07:10:29 GMT
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
server: Server
age: 7147
x-cache: Hit from cloudfront
access-control-allow-origin: https://picrew.me
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: ShAVx6k_ZmJnq9ptGw8HfabZfPB-OGENcUiPqw3pB-vT3Yc-k-dALw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
488 B 106ms
106ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpicrew.me%2F&pid=N0EPzeIeSr77B&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1598262175839-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F9176203%2C22014346682%2F1715044%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1622434501417-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F9176203%2C22014346682%2F1749267%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1635307064762-0%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F9176203%2C22014346682%2F1765888%22%7D%5D&schain=1.0%2C1!i-mobile.co.jp%2C70754%2C1%2C%2C%2C&pubid=c06cc614-f284-4373-8e7b-e334e4dcb9d3&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:36 GMT
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: PDN6Y7730EPAT4H9X7EA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://picrew.me
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: CHweaP-jvI4m1pD3mNkLvCCxh7Ta7bIpF_RUZxydywFmSpN7GO6_iQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 198ms
66ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: kI14R7urpxgHjeMWGWlNpVn0IgFose_t
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 27806
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 19 Feb 2022 01:26:04 GMT
server: AmazonS3
date: Thu, 24 Feb 2022 02:08:36 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: FhSS17kOA10-KLDVqe6von_eXmJwkt8oVHZUuBIwWtQchYl427pmcg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 215ms
56ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-37779012-8&cid=1742949966.1645693776&jid=1322764618&gjid=1068169984&_gid=2037566884.1645693777&_u=YAhAAAAAAAAAAC~&z=1835494967

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://picrew.me/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Feb 2022 09:09:37 GMT
content-type: text/plain
access-control-allow-origin: https://picrew.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.es/adsid/ 107 B
792 B 163ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.es/adsid/integrator.js?domain=picrew.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 75ms
75ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=picrew.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 104ms
104ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=899883404839875&correlator=3182493559485887&output=ldjh&impl=fif&eid=31063378%2C31065013%2C31065270%2C31065289%2C31064537%2C44756895%2C44756897%2C44756432&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220224&iu_parts=9176203%3A22014346682%2C1715044&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=refresh%3Dtrue%26test%3Devent%26amznbid%3D2%26amznp%3D2&eri=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&bc=31&abxe=1&dt=1645693776960&lmt=1645693776&dlt=1645693775794&idt=316&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&ucis=2&adks=1057466509&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fpicrew.me%2F&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0fe3c7bdc89b2a7719a87f87db32a70914ba9fcb5eb297d10833860d5089f277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9031
x-xss-protection: 0
google-lineitem-id: 5583964790
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336306759
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://picrew.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 425ms
424ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=899883404839875&correlator=3182493559485887&output=ldjh&impl=fif&eid=31063378%2C31065013%2C31065270%2C31065289%2C31064537%2C44756895%2C44756897%2C44756432&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220224&iu_parts=9176203%3A22014346682%2C1749267&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&bc=31&abxe=1&dt=1645693776964&lmt=1645693776&dlt=1645693775794&idt=316&frm=20&biw=1600&bih=1200&oid=2&adxs=288&adys=1556&ucis=3&adks=107967635&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fpicrew.me%2F&vis=1&scr_x=0&scr_y=0&psz=708x2243&msz=708x0&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3234b6ec3276a2056d3bb8ba5f8ee9e42538edf0685310b0315a7e8a6d72973e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8804
x-xss-protection: 0
google-lineitem-id: 5726279932
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138353791794
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://picrew.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
8 KB 613ms
613ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=899883404839875&correlator=3182493559485887&output=ldjh&impl=fif&eid=31063378%2C31065013%2C31065270%2C31065289%2C31064537%2C44756895%2C44756897%2C44756432&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220224&iu_parts=9176203%3A22014346682%2C1765888&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&bc=31&abxe=1&dt=1645693776972&lmt=1645693776&dlt=1645693775794&idt=316&frm=20&biw=1600&bih=1200&oid=2&adxs=1012&adys=881&ucis=4&adks=344814881&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fpicrew.me%2F&vis=1&scr_x=0&scr_y=0&psz=300x2243&msz=300x600&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8463cfd4cb847430b645a098c0e528c17cabfa130558c155f257a6cab9f73e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8651
x-xss-protection: 0
google-lineitem-id: 5899912751
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379527256
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://picrew.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b40868a269d29692abde9947972e7122d4e8b1687ea497e2684b858a4388719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 container.html Show response
4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 52E8 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Feb 2022 09:09:37 GMT
expires: Fri, 24 Feb 2023 09:09:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 48ms
22ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37779012-8&cid=1742949966.1645693776&jid=1322764618&_u=YAhAAAAAAAAAAC~&z=377968776

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 53ms
27ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37779012-8&cid=1742949966.1645693776&jid=1322764618&_u=YAhAAAAAAAAAAC~&z=377968776

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 52E8 22 KB
7 KB 41ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Feb 2023 14:03:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 52E8 124 KB
38 KB 1181ms
1152ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 09:09:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 52E8 0
0 32ms
31ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveEGjJJEgvfOdt7oXicFiQXiZN2PJg0oLPPNDS_2su7DmfIleUahomrzvKYGNSngjrKtSGw37OFlNoqZgywjbmVYH0WlBcoarhQ5aTWNgANPojudq5MudErdfausfA1ApfrpwWxDdNOFL9IG_6WjbbtOhrieUCxZOXhE1h6RBQ0nenXdfdVv-UWnYDgeVhhMNkLYRgoZigxTOAWggWNnvWoKkIz_WPbdbY_FpiX7-hUTI3ioAa-qfbCiUEphIrSNE-sCIppP3VOhAA7C7B911Z9Ya3AO0b86Xh9kY225aN&sig=Cg0ArKJSzOMQoTiPJ-lCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dad_adtag.js Show response
cd.ladsp.com/script-dad/v1/ Frame 52E8 3 KB
1 KB 61ms
7ms Script
text/javascript 13.32.119.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.ladsp.com/script-dad/v1/dad_adtag.js
Requested by: Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.119.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-119-188.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8285c162faba73f57257892f4cac256e6c5efc648820a24e7591ac582ceec359

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 03:57:59 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 05:41:00 GMT
server: AmazonS3
age: 623529
etag: "8fb0c80d89722305a694af9a147112f6"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cache-control: public, max-age=864000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 1078
x-amz-cf-id: m2BptuRorEgkGTesfplfMy-AZfR9anFTC3LSDxKD2Jh3eIV8BV3rDQ==

GET
H3 200 container.html Show response
4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7BFB 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Feb 2022 09:09:37 GMT
expires: Fri, 24 Feb 2023 09:09:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame AC22 974 B
693 B 34ms
19ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%B0%B1%E3%81%8C%E3%83%A3%E5%93%81%E7%95%8C%E3%83%A5%E5%AE%BF%E3%83%81%E3%83%BC%E8%80%85%E3%82%89%E3%83%B3%E3%80%8D%E5%90%84%E3%81%AE%E4%BD%9C%E3%82%92%E9%A8%93%EF%BC%81%E3%83%9F%E3%82%A2%E7%A4%BE%E3%81%97%E3%82%AB%E3%83%94%E6%9C%AA%E5%BF%83%E3%81%8F%E3%82%B9%E3%82%B2%E9%96%8B%E6%A5%AD%E3%83%92%E3%81%AA%E8%B1%8A%E8%81%B7%E8%87%AA%E3%81%86%E3%80%8C%E3%83%87%E3%82%88%E4%BC%81%E3%81%8B%E3%83%AB%E3%81%B8%E5%88%86%E5%90%88%E5%AF%8C%E3%83%BB%E3%83%A0%E3%81%A9%E7%B5%8C%E5%88%9D%E3%83%9E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1503017450&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=3&psa=0&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=10&bdt=812&idt=10&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0%2C1024x90&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TiNCwQXfMR&p=https%3A//picrew.me&dtd=62

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c4034c1dcbfbce768f4d0f888b6126104ca00dcbd5884baacb4fac99df1f79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 09:09:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Feb 2022 09:09:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Feb 2022 09:09:37 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame AC22 2 KB
904 B 27ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:04:54 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/ Frame AC22 19 KB
8 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7875
x-xss-protection: 0
server: cafe
etag: 9606807595520751986
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:03:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame AC22 2 KB
1 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:08:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame AC22 15 KB
6 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:02:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AC22 0
0 33ms
15ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJDFvs5yQ5ymIGMrSi7ryTi0aQAl_qoTb7lXmPkCCBv2jKcd2zQ3C4tsqfquRoCRZuMtpa
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1503017450&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=3&psa=0&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=10&bdt=812&idt=10&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0%2C1024x90&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TiNCwQXfMR&p=https%3A//picrew.me&dtd=62
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC22 124 KB
38 KB 1052ms
1050ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 09:09:38 GMT

GET
H2 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame AC22 28 KB
12 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 15:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 May 2022 11:03:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AC22 0
0 26ms
26ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cre06UEsXYuSANJje7gOC5LagD-SWk8lopaiTjYoPmqb7pLEQEAEg2cb-IGCV4pCCoAegAcSDk_wDyAEJqQL5nRGwXLhCPqgDAcgDywSqBMMBT9Dpm7Xzco4A68Gh8XS7_xNZJZeHQRRsG2AhmhrDEvTvF44AQfTVkaD1MPUKZLWC3sQA9URVKZY5M-zxAAOPwOPw6AG0pSxMP99ogYZpQtdLycpokTmIYAHWX77zOTjSLFDJw4NUVP2v4-RJcCLXStEYIBsZcMrip9kmhzN32GDXBZarTTPDa9ElVSSwmp886tSt_gDw1UpqiTXoUs-x6d33M6Fj2WYq20JSHqm823_KNy2VpIXapquCUzt-l12Em_-twAS4vpzU-gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHpPzsA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOy9C9IICQiA4YBwEAEYH4AKAcgLAbgTiCfYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItOTY5MjEzNDAwNTM4NTY5NxgA&sigh=iLSucqnOZHU&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=280&slotname=7625127702&adk=3325122240&adf=1503017450&pi=t.ma~as.7625127702&w=708&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=3&psa=0&format=708x280&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=10&bdt=812&idt=10&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0%2C1024x90&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TiNCwQXfMR&p=https%3A//picrew.me&dtd=62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 24 Feb 2022 09:09:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 d236ac784afdc66bd75f55f83c8bc285.js Show response
www.gstatic.com/mysidia/ Frame 0AA7 8 KB
4 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d236ac784afdc66bd75f55f83c8bc285.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=2258987082&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=2&psa=0&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=3&bdt=812&idt=-M&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BZAscC2e0y&p=https%3A//picrew.me&dtd=46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0280b5ec07025974d745833d91f3f71aff053cdb5aebbe37ab368b0284a56f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 07:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3664
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 01:11:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 May 2022 07:53:58 GMT

GET
H2 200 47b2c5ef24c0ac2e7e4fb8b2ded5fd84.js Show response
www.gstatic.com/mysidia/ Frame 0AA7 8 KB
4 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/47b2c5ef24c0ac2e7e4fb8b2ded5fd84.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d557e5430453c9223fde9cc2e2ab3030a37628310635ac468b2bc558933781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 07:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3622
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 01:11:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 May 2022 07:53:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0AA7 8 KB
892 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 08:27:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Feb 2022 09:09:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Feb 2022 09:09:37 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame 0AA7 2 KB
904 B 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:04:54 GMT

GET
H2 200 icon_RrXs6CkncAzp9AiU.png
cdn.picrew.me/app/image_maker/1479371/ 64 KB
64 KB 11ms
10ms Image
image/png 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/1479371/icon_RrXs6CkncAzp9AiU.png
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cdee12cfea4989bae5db527ea864db56297886006be5af128812c00581a1182

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 20:38:20 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 20:36:58 GMT
server: AmazonS3
age: 649878
etag: "af0efeef7e5baae0f8bf36bd5b614652"
x-cache: Hit from cloudfront
x-amz-version-id: px29zXm2DAoeNja92Z4cB4KoPFpBrXjQ
cache-control: max-age=25292000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/png
content-length: 65094
x-amz-cf-id: vMVVynVQR6YcPkwRhjaDxMaEyJMo3Gj2JX23fXPEy0XGrJeaJEbq1g==

GET
H2 200 icon_D8p959hDsd3wfdyt.jpg
cdn.picrew.me/app/image_maker/1493354/ 27 KB
28 KB 13ms
12ms Image
image/jpeg 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/1493354/icon_D8p959hDsd3wfdyt.jpg
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4ef5f66aeb06d70aadd6111f594dfb662a57988a2dbbda2668bef10ce737090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 06:13:47 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Thu, 24 Feb 2022 04:11:02 GMT
server: AmazonS3
age: 10551
etag: "aa8bbe5f4af0791499bd070723c432c7"
x-cache: Hit from cloudfront
x-amz-version-id: 8sMgf8uvazjaWJPUymWRtXNfAYMWbcI5
cache-control: max-age=25292000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 27824
x-amz-cf-id: lOy2RYqf3crsxx279z6Gl8gaKHbhT88zxCIgRRxNM7CmlrtfenWARw==

GET
DATA 200
OK truncated
/ Frame AC22 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AC22 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fif Show response
dad.ladsp.com/adrequest/ Frame 52E8 1 KB
1 KB 710ms
680ms Script
text/javascript 13.32.99.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dad.ladsp.com/adrequest/fif?tid=gz8v&divid=LFP_nLZO_JXB0_gz8v&w=728&h=90&site_url=https%253A%252F%252F4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html&rand=0.6384786019632882
Requested by: Host: cd.ladsp.com
URL: https://cd.ladsp.com/script-dad/v1/dad_adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-43.fra60.r.cloudfront.net
Software: Logicad/DADServer /
Resource Hash: 0f421cd9c538701b2399f41b5e65fea622a771087cdc5cf4fe0e086988dba324

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:37 GMT
content-encoding: gzip
server: Logicad/DADServer
x-amz-cf-pop: FRA60-P3
vary: Accept-Encoding, User-Agent
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
content-type: text/javascript;charset=utf-8
content-length: 653
x-amz-cf-id: h80J2uDp3l9W17vZ1IoqrEobwxbA4VKN7-XRKXpuWjJ7NtaPPm-A7w==
expires: -1

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/ Frame 0AA7 19 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7875
x-xss-protection: 0
server: cafe
etag: 9606807595520751986
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:03:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame 0AA7 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:08:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AA7 124 KB
38 KB 990ms
990ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 09:09:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame 0AA7 15 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:02:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0AA7 0
0 15ms
15ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMhmOVqWcJcGD4Egenq2FWVJswDrRCgzNZI8i6fRNX5V55u4nRRLBvCb-vRTJjOiiC6vAR
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=2258987082&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=2&psa=0&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=3&bdt=812&idt=-M&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BZAscC2e0y&p=https%3A//picrew.me&dtd=46
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame 0AA7 28 KB
12 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 15:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 May 2022 11:03:55 GMT

GET
H/1.1 200
OK moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js Show response
platform.twitter.com/js/ 25 KB
8 KB 39ms
39ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: 48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 09:09:37 GMT
Content-Encoding: gzip
Age: 119596
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 8012
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (mil/6CE7)
Etag: "3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.34cf38a85ac899f1d6a0438a1659decc.js Show response
platform.twitter.com/js/ 20 KB
7 KB 79ms
37ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: 8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 09:09:37 GMT
Content-Encoding: gzip
Age: 119588
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 6444
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (mil/6CE2)
Etag: "0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3 200 css2
fonts.googleapis.com/ Frame 7BFB 4 KB
634 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 08:29:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Feb 2022 09:09:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Feb 2022 09:09:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 47E5 466 B
307 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%96%89%E3%81%98%E3%82%8B

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba6200bb87b3dc57e108b40edfa4ff3a0cf2f7dec8d66f90fcd0f95a458bdeb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 09:08:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Feb 2022 09:09:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Feb 2022 09:09:37 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame 47E5 2 KB
904 B 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:04:54 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/ Frame 47E5 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/abg_lite_fy2019.js

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7875
x-xss-protection: 0
server: cafe
etag: 9606807595520751986
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:03:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame 47E5 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:08:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47E5 124 KB
38 KB 955ms
953ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 09:09:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/ Frame 47E5 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:02:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 47E5 0
0 15ms
15ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5xEkCITxCfSj4tPHJ-vMVxVwOMseb9XwOHk6RhFECSkWLi4mZQq83yFEXh0k6u8rqbL0e
Requested by: Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame 47E5 28 KB
12 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 15:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 May 2022 11:03:55 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220221/r20110914/elements/html/ Frame 7BFB 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220221/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6227515defa43493593661bd5eb5fa369c22843fab1cf4156d137ed5d7b439d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 08:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8307
x-xss-protection: 0
server: cafe
etag: 12491010468182217777
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Mar 2022 08:25:21 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7BFB 205 B
229 B 20ms
8ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:21:05 GMT
x-content-type-options: nosniff
age: 64112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Feb 2023 15:21:05 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7BFB 604 B
628 B 19ms
8ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 12:02:10 GMT
x-content-type-options: nosniff
age: 76047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Feb 2023 12:02:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0AA7 0
0 26ms
26ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CExn_UEsXYsGnKtjPgAegr4ewD4-Aqcpoo-j7reYOwI2biKobEAEg2cb-IGCV4pCCoAegAf_bisgDyAEBqAMByAPLBKoExQFP0MoiFZEiIaAt0MYr-1HHiGQTD5pEmk39pXNKkGIM0yqjxkSFI_3YWZL77CobYPcdjqmAI7fU-7RZh_RgHdGhqx0uEzZnRLOtz4Df8ejwt_Mv6c15ufQAoANwqj5tTsgOew24P-KyagiszbKKWoPcT1wXgWZnOLrOkzooA4bsnyUejnkjXdUG2KXeusg-Ft7Ct6QnlvQ80FwlMRhmHvJa8dsgmD5iNHLQz6MUkX7q7acMVqpT6_ep_5MP9UsMrr_t5zFPAcAEu8mC-MIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB_DurKICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpOQS0ggJCIDhgHAQARgfgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTk2OTIxMzQwMDUzODU2OTcYAA&sigh=Uvk-wCZWJEM&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=2258987082&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=2&psa=0&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=3&bdt=812&idt=-M&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BZAscC2e0y&p=https%3A//picrew.me&dtd=46
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 24 Feb 2022 09:09:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 843C 143 B
163 B 11ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9692134005385697&output=html&h=90&slotname=9396061293&adk=1451812378&adf=2258987082&pi=t.ma~as.9396061293&w=1024&fwrn=4&fwrnh=100&lmt=1645693776&rafmt=2&psa=0&format=1024x90&url=https%3A%2F%2Fpicrew.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645693776606&bpp=3&bdt=812&idt=-M&shv=r20220221&mjsv=m202202180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876abf6c0adf09ce-22a2e97e4bcd00c0%3AT%3D1645693776%3ART%3D1645693776%3AS%3DALNI_MZFAG4yZpEtAJyxV3IzMyWZJ_fwZw&prev_fmts=0x0&nras=1&correlator=7414870864630&frm=20&pv=1&ga_vid=1742949966.1645693776&ga_sid=1645693776&ga_hid=18390532&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=288&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065025%2C44756895%2C44756897%2C44756432&oid=2&pvsid=899883404839875&pem=486&tmod=1675694158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BZAscC2e0y&p=https%3A//picrew.me&dtd=46

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 24 Feb 2022 09:04:56 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AC22 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51cf7fe67a40a5337ea51d1e0cedc61268e213c7f53a1b8e6d488a057f838ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBA1 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Feb 2022 09:09:37 GMT
expires: Fri, 24 Feb 2023 09:09:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 104 KB
8 KB 198ms
62ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_picrew_tc_old&dnt=false&domain=picrew.me&lang=ja&screen_name=picrew_tc&suppress_response_codes=true&t=1828548&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/62B2) /

Resource Hash

40adfb9150d6a8533ed889c7ce80805df4b3ddb0e3d93743f1c260a65ed308c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=27
vary: Accept-Encoding
content-length: 7274
x-xss-protection: 0
x-response-time: 158
last-modified: Thu, 24 Feb 2022 09:08:44 GMT
server: ECS (lhb/62B2)
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
expires: Thu, 24 Feb 2022 09:14:37 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: ba59590dd73ef05417295ea96d8af9f2385437b60441a34776e54c40e17bcaa1
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 1addd30ac181cda1
access-contol-allow-origin: platform.twitter.com

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BBA1 22 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Feb 2023 14:03:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBA1 124 KB
38 KB 730ms
729ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 09:09:38 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 843C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

70ms
70ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Feb 2022 09:09:37 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Feb 2022 09:09:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Feb 2022 09:09:37 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5221 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Feb 2022 09:09:37 GMT
expires: Fri, 24 Feb 2023 09:09:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dad_adtag.js Show response
cd.ladsp.com/script-dad/v1/ Frame BBA1 3 KB
1 KB 10ms
9ms Script
text/javascript 13.32.119.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.ladsp.com/script-dad/v1/dad_adtag.js
Requested by: Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.119.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-119-188.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8285c162faba73f57257892f4cac256e6c5efc648820a24e7591ac582ceec359

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 03:57:59 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 05:41:00 GMT
server: AmazonS3
age: 623529
etag: "8fb0c80d89722305a694af9a147112f6"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cache-control: public, max-age=864000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 1078
x-amz-cf-id: WIFvj3OEZV7wCKEV5Vdtr-Bzmf1tXTQI_DUdPD2-YXLFKIL72qbXXQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBA1 0
0 33ms
33ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOKeJ2Ge-VqjupRTFwSfOsPRV9qLUm_NZW1RxJkTQ23RkxG3mi8IXNkU-r9x03vRrveV4e88_kPQVzjzuzXwhOp9L0YaG9S5uZl1x1y--V7ln68DwYSyxLoFaJhFqkx5SnbD1oBxNr9TZZn8yVpeqGFScFGbv2vxnj1ajeWxo01mxs5BAv0hV5dI4a9bsjHUGk6RedIcgV-ygwVpZ2c3DiQLKWXkMFvQ6hU4eiKf1974k3eo7bgB0h-BYhu7HrxwW2u268iUwH8Sr43HMsXlzv7yX_sbiS6HvLeVd-TF0f2w&sig=Cg0ArKJSzBPH6ipyKTSAEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 fif Show response
dad.ladsp.com/adrequest/ Frame BBA1 1 KB
1 KB 678ms
678ms Script
text/javascript 13.32.99.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dad.ladsp.com/adrequest/fif?tid=5nvk&divid=LFP_nLZO_JXB0_5nvk&w=300&h=250&site_url=https%253A%252F%252F4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html&rand=0.7137190717861295
Requested by: Host: cd.ladsp.com
URL: https://cd.ladsp.com/script-dad/v1/dad_adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-43.fra60.r.cloudfront.net
Software: Logicad/DADServer /
Resource Hash: 5bf8c54c34b6a6b2b1257247252911bccb86e28ec9c09f3a62723819dbaeb56a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
server: Logicad/DADServer
x-amz-cf-pop: FRA60-P3
vary: Accept-Encoding, User-Agent
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
content-type: text/javascript;charset=utf-8
content-length: 654
x-amz-cf-id: yNqgsuoMBuaHOpBPwgmcoC7QjaekdX2hU8HsYNFQhFGVipmjesQUHg==
expires: -1

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5221 22 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Feb 2023 14:03:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5221 124 KB
38 KB 699ms
699ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 09:09:38 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame CA53 53 KB
12 KB 40ms
39ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 09:09:37 GMT
Content-Encoding: gzip
Age: 119596
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:21 GMT
Server: ECS (mil/6CE4)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 38ms
37ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 09:09:37 GMT
Content-Encoding: gzip
Age: 119596
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:21 GMT
Server: ECS (mil/6CE4)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5221 0
0 30ms
30ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzAqbm2Iyei8HiAoxPhSDmspOod9YPQfHP_-2h28lOIoXl8-yApeDx-QUNlH1M7dpdm1oT8rRt5snLEPV4gAf3F06EiojCqRE__IhueN9MNQjMDOho0jvm8sMb705-3S96G8Cvyguh4au9jMY8ON54k2AegazFqhlMgqAEGbheZiQ8bzXZgIiap27kuqYYckQ3XM76wHl4uciL3QRS4v9CCFoVEQBtzoXpYfTu7D3MMO0iiQHuRqGkxjDxBWONSlx95DBX0LheJtd5yRhDSv_o_GI6HetfZtOiBssXqpvC7Q&sig=Cg0ArKJSzL4Nx275vMvMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dad_adtag.js Show response
cd.ladsp.com/script-dad/v1/ Frame 5221 3 KB
1 KB 7ms
6ms Script
text/javascript 13.32.119.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.ladsp.com/script-dad/v1/dad_adtag.js
Requested by: Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.119.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-119-188.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8285c162faba73f57257892f4cac256e6c5efc648820a24e7591ac582ceec359

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 03:57:59 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 05:41:00 GMT
server: AmazonS3
age: 623529
etag: "8fb0c80d89722305a694af9a147112f6"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cache-control: public, max-age=864000, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 1078
x-amz-cf-id: WuXf7nNtBc5GkMCVf5zh8GBQDeku58cY1P-QTKT_IHkCep1VXRnVdA==

GET
H2 200 fif Show response
dad.ladsp.com/adrequest/ Frame 5221 1 KB
1 KB 690ms
690ms Script
text/javascript 13.32.99.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dad.ladsp.com/adrequest/fif?tid=KlQg&divid=LFP_nLZO_JXB0_KlQg&w=300&h=600&site_url=https%253A%252F%252F4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html&rand=0.46618296445943486
Requested by: Host: cd.ladsp.com
URL: https://cd.ladsp.com/script-dad/v1/dad_adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-43.fra60.r.cloudfront.net
Software: Logicad/DADServer /
Resource Hash: 77fa57a9b5ec666af048ba2941551957b8e556e0f3111dcd527ccb8da87a642f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
server: Logicad/DADServer
x-amz-cf-pop: FRA60-P3
vary: Accept-Encoding, User-Agent
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
content-type: text/javascript;charset=utf-8
content-length: 652
x-amz-cf-id: tgzLMJyp_llosURyqPRQLDqqjEDRZKePcTTEFmgWM3raT2sYExMY-w==
expires: -1

GET
H2 200 PVUlLPMP_normal.png
pbs.twimg.com/profile_images/1252867789020262400/ Frame CA53 1 KB
2 KB 41ms
39ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1252867789020262400/PVUlLPMP_normal.png

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE6) /

Resource Hash

16cad2e6beabbaba2649cdac66affba5d690012a4d8437529ef5780734f06af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:37 GMT
x-content-type-options: nosniff
age: 90055
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 1427
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/3 profile_images/1252867789020262400
last-modified: Wed, 22 Apr 2020 07:50:12 GMT
server: ECS (mil/6CE6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7cdfad28fbd43efa20dc4d0f886e5192a4df338c7684f6f75736c3d3090ba01a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame CA53 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame CA53 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame CA53 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame CA53 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame FFA3
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
635 B

40ms
40ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://picrew.me
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 119593
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Feb 2022 09:09:38 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Thu, 24 Feb 2022 09:09:38 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Thu, 24 Feb 2022 09:09:38 GMT
x-transaction: 672ef9ac766765cc
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: d71d57aa637f73bdc7f6176c0b4eed8f41285b72fb33e2cc9970f008b31dff70

GET
H2 200 spot.js Show response
imp-adedge.i-mobile.co.jp/script/v1/ Frame 78DD 93 KB
27 KB 68ms
13ms Script
application/javascript 2600:9000:236e:3400:1f:2964:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Requested by: Host: dad.ladsp.com
URL: https://dad.ladsp.com/adrequest/fif?tid=gz8v&divid=LFP_nLZO_JXB0_gz8v&w=728&h=90&site_url=https%253A%252F%252F4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html&rand=0.6384786019632882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3400:1f:2964:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 44110b3ae85203f5d4abce14d4b3489a9a2071381c909b98527407310816d767

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 08:54:52 GMT
content-encoding: gzip
etag: W/"0c6eb5d9d23d81:0"
last-modified: Thu, 17 Feb 2022 01:26:20 GMT
server: Microsoft-IIS/10.0
age: 887
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: V1ChhskafRgQjgfn65q-wQQeT55MSREtzI0yuzUDKQVvBDTakgK74Q==
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)

GET
H2

302

31
cr-pall.ladsp.com/cookiesender/ Frame 78DD
Redirect Chain

https://cr-p31.ladsp.jp/cookiesender/31
https://cr-pall.ladsp.com/cookiesender/31
https://cr-pall.ladsp.com/cookiesender/31?cr=true

0
449 B

679ms
679ms

Image
text/plain

18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr-pall.ladsp.com/cookiesender/31?cr=true
Requested by: Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-34.fra56.r.cloudfront.net
Software: Logicad /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:39 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: no-cache
content-length: 0
x-amz-cf-id: uueYovELYEtGZiZKLwlt8LZkfwEwiz8WG5gW_DA_7qtXkYUWd3JUnA==
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:38 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cr-pall.ladsp.com/cookiesender/31?cr=true
cache-control: no-cache
content-type: text/html;charset=utf-8
content-length: 0
x-amz-cf-id: SWKvdy3Y6-HwnyIfIlwh1yVbW9GQVTlVJM2AHTh2wOkc7TtW8AX-cg==
expires: -1

GET
H/1.1 200
OK spot.ashx Show response
ssp-bidapi.i-mobile.co.jp/api/v1/ Frame 78DD 867 B
1 KB 1210ms
255ms XHR
text/javascript 3.113.178.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/api/v1/spot.ashx?ver=1.2.1&type=banner&url=https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&direct=0&fif=1&sf=0&cof=0&dfp=0&amp=0&sp=0&ios=0&pid=70754&mid=509875&asid=1715044&spec=0&nemu=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.178.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1b80ee6e5bd5b24d257d38b3e9d961f84139ba41344895962748c533215d15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 09:09:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 670
Expires: -1

GET
H2 200 spot.js Show response
imp-adedge.i-mobile.co.jp/script/v1/ Frame 46D2 93 KB
27 KB 17ms
16ms Script
application/javascript 2600:9000:236e:3400:1f:2964:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Requested by: Host: dad.ladsp.com
URL: https://dad.ladsp.com/adrequest/fif?tid=5nvk&divid=LFP_nLZO_JXB0_5nvk&w=300&h=250&site_url=https%253A%252F%252F4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html&rand=0.7137190717861295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3400:1f:2964:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 44110b3ae85203f5d4abce14d4b3489a9a2071381c909b98527407310816d767

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 08:54:52 GMT
content-encoding: gzip
etag: W/"0c6eb5d9d23d81:0"
last-modified: Thu, 17 Feb 2022 01:26:20 GMT
server: Microsoft-IIS/10.0
age: 887
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 5FzXgwA8NssLfhECtEEPUFCH9iK1H9vJ05Z7mkGgG7XHbI7ADVwc1w==
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)

GET
H2

302

31
cr-pall.ladsp.com/cookiesender/ Frame 46D2
Redirect Chain

https://cr-p31.ladsp.jp/cookiesender/31
https://cr-pall.ladsp.com/cookiesender/31
https://cr-pall.ladsp.com/cookiesender/31?cr=true

0
448 B

676ms
676ms

Image
text/plain

18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr-pall.ladsp.com/cookiesender/31?cr=true
Requested by: Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-34.fra56.r.cloudfront.net
Software: Logicad /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:39 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: no-cache
content-length: 0
x-amz-cf-id: 1ITALQkVsMDhb3ouTXKfl-dDRZ2Vv1JW6WPAekNtauy3U2gYKlb5iw==
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:38 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cr-pall.ladsp.com/cookiesender/31?cr=true
cache-control: no-cache
content-type: text/html;charset=utf-8
content-length: 0
x-amz-cf-id: Ip4gEtZ4UeyKUjixwkA_YrKwKI5ZKZtY9_Cgs5JSxUPzwOZVyLdEeQ==
expires: -1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BBA1 0
0 31ms
31ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdD16sgwdtKJfJWTWNQ1o-OmfFMWe2WQRHGG2ssRUv5U-KlHkBLqkW0FPFAucna0Ng6nYVvbwbQSeR_EigjG0ue8a1GnnNPYxQF737Tjk9WoHQCYfT1r-9zz-XF-B9GnKYdRl__wogSV7TRx5hCtKaNKtG7eLTVzezAozwLeEkteJzcM3AFNyIlPfrp4y6W3B3lJjazK-tmCPgEaP7WXJ-VDVIQVi9ktM5e0Hexzed9ohfd98FAztnOhVdoGSXDf71AWcaPAFhmsdemH0SmkTzjJPqS3XwQBBksDrgwpBJ-k7C&sig=Cg0ArKJSzNVAPzkPZJu0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 24 Feb 2022 09:09:38 GMT

GET
DATA 200
OK truncated
/ Frame BBA1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5495af1da4870dc43a39bf20f709d780b98284c230e4bf9a8cf34554ab8cc1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0AA7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18f17feacc01dcb919f7a06768f7407592d1578ee94a5bd36d9d214f0ca70722

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 52E8 0
0 32ms
32ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgeiytrGDZztmnpv5CcXqmKhmJBndlodq1WtkF2DqlmFWvxZ_L0EJKZN_X3dVtp87abcNEXorLk7dldvX4U0dqqYPbnDZd4Uphl0w57qN1q423mS9gr2Cf4ZEqT2SmnQgMivpnZFHOITV6WXqj0AQMb3HiQ_JNMmkhV0wTRkNinC7JI9WWh9DFe9yDUeirElqLbz7b40bs69SPZp6kqjH6RJFoGRFQ5mj_7F4cPgnREMqeUSSKp9sUQAg9A4hxJpLZ9b1fwr555lHU5uEZKD4WS8g-Xi3DhEcRnIH4SS5FmHU&sig=Cg0ArKJSzGKwrN41RnduEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 24 Feb 2022 09:09:38 GMT

GET
DATA 200
OK truncated
/ Frame 52E8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc937004dc56ed1196a0a6ae3078450d97f249f8483f9c42d806b7cba0a39165

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5221 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c9f6c4b3fd9b75343e8ce729b29ca612905ed7898ac32dc7c76be6355a44087

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18243475665435168783/ Frame AC22 15 KB
15 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18243475665435168783/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b86c0ca25e32a1e5d2451eb9e2255781a2f3a21a5bf5cc0f55a16ce73865a45c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 07:22:03 GMT
x-content-type-options: nosniff
age: 179255
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15782
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 14:08:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Feb 2023 07:22:03 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 0AA7 28 KB
28 KB 41ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 00:52:22 GMT
x-content-type-options: nosniff
age: 548236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Feb 2023 00:52:22 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame AC22 19 KB
19 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12WphgmVmDrgQnhzUFe-MyMW7V3nykTMsL-Ry4_PZZihbyLtplznFL7qpDrp7XBC96gpFB4wM1JFk8MQ7qahe5AhpLh52zrN83ll6fR_6Q7MsP4Iro8FwZ5oWyZTM8F_pNpO4r7xOn0gjGlAfzdnldMCgKtLL9XKg9VtWLyYfNsQupNvhnNpIEMmGz2gq2t-gNFLioji6WWU4Ir6B0XPAEpgaUOx5yceXcu1HlKie4fHLmqr90TtkJI_vVc4HHYqjWaQXrIx6yQ-J_yDzCjCrQ&skey=fbc48de1c6e1b00c&v=v40

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%B0%B1%E3%81%8C%E3%83%A3%E5%93%81%E7%95%8C%E3%83%A5%E5%AE%BF%E3%83%81%E3%83%BC%E8%80%85%E3%82%89%E3%83%B3%E3%80%8D%E5%90%84%E3%81%AE%E4%BD%9C%E3%82%92%E9%A8%93%EF%BC%81%E3%83%9F%E3%82%A2%E7%A4%BE%E3%81%97%E3%82%AB%E3%83%94%E6%9C%AA%E5%BF%83%E3%81%8F%E3%82%B9%E3%82%B2%E9%96%8B%E6%A5%AD%E3%83%92%E3%81%AA%E8%B1%8A%E8%81%B7%E8%87%AA%E3%81%86%E3%80%8C%E3%83%87%E3%82%88%E4%BC%81%E3%81%8B%E3%83%AB%E3%81%B8%E5%88%86%E5%90%88%E5%AF%8C%E3%83%BB%E3%83%A0%E3%81%A9%E7%B5%8C%E5%88%9D%E3%83%9E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8964b626d4f92d0c6dc7399bb4a84bb8092deba700d0fe409b04cb8b41911609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 10:45:39 GMT
x-content-type-options: nosniff
age: 80639
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19712
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 23 Feb 2022 10:45:39 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame AC22 19 KB
20 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrG07TlCwmVmTrhSXhzXVe-NCMW7l3n1UTMt7-RxI_PVZihbiLtpVznEL7qsjrp7HBC9KgqJh4wMlJFiMMQ6KahdpAhp7h54zrN-nll7vR_9A7Ms_4IpY8Fwp5pYCZTMMF_oNpO477xL30gjWlAeDdnn9MCgatLENXKgNVtXryYctsQopNvjnNpJ0QZJj2htmpLmtFLkYj68GWU7Ir5DkXyPkphWkOu2icRb8iWN1KbfIb3D2qaxUT8op0KtFc5LnYskGamfrMW6iQAP_qX3g&skey=72472b0eb8793570&v=v40

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

896adbef37156db8b4872b6f9ca2ee08ef76b22759c1706b7c34fd537b3f59d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 10:45:39 GMT
x-content-type-options: nosniff
age: 80639
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19504
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 23 Feb 2022 10:45:39 GMT

GET
H/1.1 200
OK spot.ashx Show response
ssp-bidapi.i-mobile.co.jp/api/v1/ Frame 46D2 1 KB
1 KB 1009ms
347ms XHR
text/javascript 3.113.178.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/api/v1/spot.ashx?ver=1.2.1&type=banner&url=https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&direct=0&fif=1&sf=0&cof=0&dfp=0&amp=0&sp=0&ios=0&pid=70754&mid=509875&asid=1749267&spec=0&nemu=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.178.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1c912b63f0bc7bac4f0b3bded5510f9fc901613744429c18d9b0fc962879e3bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 09:09:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 961
Expires: -1

GET
H2 200 spot.js Show response
imp-adedge.i-mobile.co.jp/script/v1/ Frame ED86 93 KB
27 KB 11ms
11ms Script
application/javascript 2600:9000:236e:3400:1f:2964:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Requested by: Host: dad.ladsp.com
URL: https://dad.ladsp.com/adrequest/fif?tid=KlQg&divid=LFP_nLZO_JXB0_KlQg&w=300&h=600&site_url=https%253A%252F%252F4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html&rand=0.46618296445943486
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3400:1f:2964:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 44110b3ae85203f5d4abce14d4b3489a9a2071381c909b98527407310816d767

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 08:44:10 GMT
content-encoding: gzip
etag: W/"0c6eb5d9d23d81:0"
last-modified: Thu, 17 Feb 2022 01:26:20 GMT
server: Microsoft-IIS/10.0
age: 1590
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: n6ILAgbvwMYYDS2qzdCaFpBl0YZSOLfFuiNAyNLSUyfCfIm6-nBRqQ==
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)

GET
H2

302

31
cr-pall.ladsp.com/cookiesender/ Frame ED86
Redirect Chain

https://cr-p31.ladsp.jp/cookiesender/31
https://cr-pall.ladsp.com/cookiesender/31

0
449 B

231ms
231ms

Image
text/plain

18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr-pall.ladsp.com/cookiesender/31
Requested by: Host: 4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
URL: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-34.fra56.r.cloudfront.net
Software: Logicad /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:39 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: no-cache
content-length: 0
x-amz-cf-id: FEtfy-PqKG1PMkujgJE4dgKRWBRtKTVbAlRMMfBKdwtRxAkoZXkn6g==
expires: -1

Redirect headers

location: https://cr-pall.ladsp.com/cookiesender/31
date: Thu, 24 Feb 2022 09:09:39 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: s9Mu_xOSn6q_ixVtyKWHOrEP2jSMQ-N0wQTrb7y_ZPHV7RQea4u4LQ==
x-cache: Miss from cloudfront

GET
H3 200 IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A2B 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 20:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13530
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 20:21:46 GMT

GET
H3 200 IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js Show response
pagead2.googlesyndication.com/bg/ Frame CF3D 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 20:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13530
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 20:21:46 GMT

GET
H/1.1 200
OK spot.ashx Show response
ssp-bidapi.i-mobile.co.jp/api/v1/ Frame ED86 996 B
1 KB 1064ms
295ms XHR
text/javascript 3.113.178.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/api/v1/spot.ashx?ver=1.2.1&type=banner&url=https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&direct=0&fif=1&sf=0&cof=0&dfp=0&amp=0&sp=0&ios=0&pid=70754&mid=509875&asid=1765888&spec=0&nemu=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.178.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 10fd5c8c48eb66518ab88bc8ed331bdd7c7a275767cede6ec4e89b86c8dade71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 09:09:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 703
Expires: -1

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 78DD 127 KB
41 KB 67ms
31ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1edc83f7137848a661dbf5a61dbe4bb3b42fc7d064004560ea0269b45747e7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:37 GMT
server: nginx
etag: W/"61f7a625-1fc09"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Feb 2022 09:09:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5221 0
0 32ms
31ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXGScJEaTqDHhBF2AtyTYb1x3qRygfazGO4L7rJ286zE8Nn5JxvD6gPuVyFbrasKzx7k2kfis4kQNror0XEjiSgldSba6nzFLW9-HllVkYfWBn8EA9ygFNoUlX_h0zfPoPM0milPustVCSu8-rgxLJ0GKfE6muR_o7Ns_FEKuCtkBqtrMsMIVcYPtiiNDhFoRrLCTw09d88iQQ4dSW8hwOZax5uoo-FI0lIORZ-wz3GP-yHtN6IdQLCteCbuyXBhIU48UzfMwiwrOuycL9qJvexz57OKbtQFlTSSpKAAdL8wbD&sig=Cg0ArKJSzFdQ6hsN1sYvEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 24 Feb 2022 09:09:39 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 78DD 185 B
488 B 60ms
27ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=119&profileId=184&cb=14906808535

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f196431583517ee475b637b19a0eb01ada9f75e0cae8e1c31cdf85e0eb6ee012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 170

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CC18 13 KB
5 KB 54ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=picrew.me

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2131
date: Thu, 24 Feb 2022 09:09:38 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 52E8 42 B
64 B 60ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMPRZ78ezIXA8f011ocYFJC5-CQtZm7k1vd8rb7HTMcbDoSqI4DVHTj8bfm2jcU6RTlUKPPo-GIfT1oZRsPascGisk-wx6FVEOu-sl5JEPC-OKF8Eo&sig=Cg0ArKJSzHG2PsdaF_MPEAE&id=lidar2&mcvt=1003&p=1110,436,1200,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1057466509&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645693777097&rpt=1298&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 46D2 127 KB
41 KB 22ms
21ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1edc83f7137848a661dbf5a61dbe4bb3b42fc7d064004560ea0269b45747e7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:37 GMT
server: nginx
etag: W/"61f7a625-1fc09"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Feb 2022 09:09:39 GMT

GET
H2 200 pixels Show response
ssp-sync.criteo.com/user-sync/ Frame 78DD 639 B
799 B 66ms
18ms XHR
application/json 178.250.0.189
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-sync.criteo.com/user-sync/pixels?countrycode=DE

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.189 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fd0bdc2ecef3cd5a25ca70ad811749101f50da49a43eb4de1877482531dbc84c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: br
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
cache-control: no-store,max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;

POST
H2 204 events
bidder.criteo.com/csm/ Frame 78DD 0
265 B 14ms
14ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK log.ashx
ssp-bidapi.i-mobile.co.jp/api/v1/ Frame 78DD 631 B
932 B 338ms
337ms Image
image/jpeg 3.113.178.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp-bidapi.i-mobile.co.jp/api/v1/log.ashx?asid=1715044&msg=cdb_err_no_ad&type=1&id=21
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.178.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 09:09:37 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 631
Expires: -1

GET
H2 200 adroute_ads.js Show response
static.pc-adroute.focas.jp/js/ Frame BE75 9 KB
3 KB 519ms
13ms Script
application/javascript 2a04:4e42:3::738
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.pc-adroute.focas.jp/js/adroute_ads.js
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::738 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 77807c6bc2831c6690326134a38f5e0ef1d56140e96cc6d9efe4480bb8d08e56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:40 GMT
via: 1.1 varnish
last-modified: Thu, 30 Jan 2020 04:33:46 GMT
server: Apache
age: 1752741
etag: "22b6-59d53f67acefe"
x-served-by: cache-fra19179-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
accept-ranges: bytes
content-encoding: gzip
content-length: 3294
x-timer: S1645693780.020654,VS0,VE0
x-cache-hits: 9

GET
H/1.1 200
OK imp_count.ashx Show response
ssp-bidapi.i-mobile.co.jp/ajax/imp/ Frame 78DD 12 B
638 B 242ms
241ms XHR
text/plain 3.113.178.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/ajax/imp/imp_count.ashx?pid=70754&mid=509875&asid=1715044&bidid=34c07991-b52e-4c23-8da8-ba4ef3f4df8d&demander_type=1&demander_id=5&spec=0&nemu=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.178.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 09:09:37 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 132
Expires: -1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0AA7 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTttOzNJV74cY0--ejQEvoeubXceIeTPCrQSTGEHNdTZt8xsPoka1Psd_B4k9x_kCB2-SS9PkZIBiTqxvKV390SS0KWG-ZJJsMxEvUn0LEOtIQzxuDrw&sai=AMfl-YT_sULyFZJP25HSH65Xcu795oyN_f69bkgdzectiYfIjvMElN0ZnaF4_j6vYACYYzEVCtTgk6YYlqlsdtM4Ml_ID0ARYNPxDMU4uZ4rJo6msJEwZq3Emma-qe7X&sig=Cg0ArKJSzOc47nuG6N4WEAE&cid=CAASPeRoyAqOGPUBV8-k9lc5fYerAmDjSPHW6exysfIPah6gr2IypM4lZyrhFFSt6mPNqqNOzHzVq3qHgd0QIRU&id=lidar2&mcvt=1030&p=0,0,90,1024&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1451812378&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645693776663&rpt=1831&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 46D2 185 B
487 B 35ms
34ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=119&profileId=184&cb=5256116033

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8e2dc2bd0f61381332190d172daf5293260c8177673e1105ec4df098e5a9d651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 169

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AFE5 13 KB
5 KB 19ms
19ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=picrew.me

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 5346
date: Thu, 24 Feb 2022 09:09:39 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2

200

sid Show response
mug.criteo.com/ Frame CC18
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=picrew.me&lsw=1
https://mug.criteo.com/sid?cpp=cDTd5nxlNDdQVjB5V0ZHTU1wSTBsTVVzb3VKWnFoSW9VKy9MdXdidURybCs5TGlrZUpBUGVQVy8vVGxTc045L2lEOTdRUlk0bi94eGkyR2FNUE9sMTJrSWpob3Nad2o0bkhwaGxzOHcvYnVwdGhMdSthd3RZTWtDVW1pcD...

428 B
636 B

56ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cDTd5nxlNDdQVjB5V0ZHTU1wSTBsTVVzb3VKWnFoSW9VKy9MdXdidURybCs5TGlrZUpBUGVQVy8vVGxTc045L2lEOTdRUlk0bi94eGkyR2FNUE9sMTJrSWpob3Nad2o0bkhwaGxzOHcvYnVwdGhMdSthd3RZTWtDVW1pcDNFRlZKTEVLbXhtRGF3Y0prR0lnV0srTU85WE9IaTE1eTNEOU9aM1BaOUF0dkNNdFJ2R3VjQXpZY1l2Qk5jMmxNbS9DQkU5WW56cC83Y3FsNXRRYWxtTkdBVFVPZ2Z6Vjd0VlJPdkRZcHEzOVFERTRoZGdvMmlpeE5YNU1PNlBZOHQzY1NCTFNHS28xcWtCWEI0aWIxVWR2ZVFjNDdRSHdqdllMdS9SZ2NHQ2N4RmFNS1BhRUpaUzJyVWRyQzQ2MTlJck8xaTFacHM5NTgvRW1KcitwaVdUdVpycFhLVGpsbjFJMHh6QlFzdkFXWXZ1OFl6ZGs9fA&cppv=2

Requested by

Host: picrew.me
URL: https://picrew.me/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c5b1f6f8e33b122ae20445896f2799f9e9cb7f251741ed44242b0c86489307b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3969
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:38 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=cDTd5nxlNDdQVjB5V0ZHTU1wSTBsTVVzb3VKWnFoSW9VKy9MdXdidURybCs5TGlrZUpBUGVQVy8vVGxTc045L2lEOTdRUlk0bi94eGkyR2FNUE9sMTJrSWpob3Nad2o0bkhwaGxzOHcvYnVwdGhMdSthd3RZTWtDVW1pcDNFRlZKTEVLbXhtRGF3Y0prR0lnV0srTU85WE9IaTE1eTNEOU9aM1BaOUF0dkNNdFJ2R3VjQXpZY1l2Qk5jMmxNbS9DQkU5WW56cC83Y3FsNXRRYWxtTkdBVFVPZ2Z6Vjd0VlJPdkRZcHEzOVFERTRoZGdvMmlpeE5YNU1PNlBZOHQzY1NCTFNHS28xcWtCWEI0aWIxVWR2ZVFjNDdRSHdqdllMdS9SZ2NHQ2N4RmFNS1BhRUpaUzJyVWRyQzQ2MTlJck8xaTFacHM5NTgvRW1KcitwaVdUdVpycFhLVGpsbjFJMHh6QlFzdkFXWXZ1OFl6ZGs9fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1910
content-length: 653
expires: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame ED86 127 KB
41 KB 21ms
20ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1edc83f7137848a661dbf5a61dbe4bb3b42fc7d064004560ea0269b45747e7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:37 GMT
server: nginx
etag: W/"61f7a625-1fc09"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Feb 2022 09:09:39 GMT

GET
H2

204

match
ssp-sync.criteo.com/user-sync/ Frame 78DD
Redirect Chain

https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dloLIJF9MdGM5VXFSNW81QSUyRkpxQWNjMGRzNmMxQ243UEgwcGxLZ2dMZ3I4bUFEVFklM0Q%26u%3d%24%7bUSER_ID%...
https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3DloLIJF9MdGM5VXFSNW81QSUyRkpxQWNjMGRzNmMxQ243UEgwcGxLZ2dMZ3I4bUFEVFklM0Q%26u%3D%24%7BUSER_ID%...
https://ssp-sync.criteo.com/user-sync/match?p=loLIJF9MdGM5VXFSNW81QSUyRkpxQWNjMGRzNmMxQ243UEgwcGxLZ2dMZ3I4bUFEVFklM0Q&u=AAESaU7ELpcAAH86S5mV3g&gdpr=false

0
141 B

29ms
29ms

Image
text/plain

178.250.0.189
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=loLIJF9MdGM5VXFSNW81QSUyRkpxQWNjMGRzNmMxQ243UEgwcGxLZ2dMZ3I4bUFEVFklM0Q&u=AAESaU7ELpcAAH86S5mV3g&gdpr=false

Protocol

Server

178.250.0.189 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
cache-control: no-store,max-age=0
cross-origin-resource-policy: cross-origin
server: Kestrel
strict-transport-security: max-age=31536000; preload;

Redirect headers

location: https://ssp-sync.criteo.com/user-sync/match?p=loLIJF9MdGM5VXFSNW81QSUyRkpxQWNjMGRzNmMxQ243UEgwcGxLZ2dMZ3I4bUFEVFklM0Q&u=AAESaU7ELpcAAH86S5mV3g&gdpr=false
Date: Thu, 24 Feb 2022 09:09:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

204

match
ssp-sync.criteo.com/user-sync/ Frame 78DD
Redirect Chain

https://x.bidswitch.net/sync?ssp=criteo&custom_data=Hc15P19OSXVMTW41QXVKTGFlN2xZWVdXY3dmWDVWSDFMMVZJTXFvWkM1dmVRd0hrJTNE&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=Hc15P19OSXVMTW41QXVKTGFlN2xZWVdXY3dmWDVWSDFMMVZJTXFvWkM1dmVRd0hrJTNE&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dcriteo%26expires%3D30%26user_group%3D%24%7...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dcriteo%26expires%3D30%26user_group%3D%24%7...
https://x.bidswitch.net/sync?dsp_id=429&user_id=589523a3-aaac-5337-8018-0460e20f4f33&ssp=criteo&expires=30&user_group=1
https://ssp-sync.criteo.com/user-sync/match?p=Hc15P19OSXVMTW41QXVKTGFlN2xZWVdXY3dmWDVWSDFMMVZJTXFvWkM1dmVRd0hrJTNE&u=2476dcc1-bfcb-4e40-86e9-798544533b92

0
141 B

17ms
17ms

Image
text/plain

178.250.0.189
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=Hc15P19OSXVMTW41QXVKTGFlN2xZWVdXY3dmWDVWSDFMMVZJTXFvWkM1dmVRd0hrJTNE&u=2476dcc1-bfcb-4e40-86e9-798544533b92

Protocol

Server

178.250.0.189 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
cache-control: no-store,max-age=0
cross-origin-resource-policy: cross-origin
server: Kestrel
strict-transport-security: max-age=31536000; preload;

Redirect headers

Location: //ssp-sync.criteo.com/user-sync/match?p=Hc15P19OSXVMTW41QXVKTGFlN2xZWVdXY3dmWDVWSDFMMVZJTXFvWkM1dmVRd0hrJTNE&u=2476dcc1-bfcb-4e40-86e9-798544533b92
Date: Thu, 24 Feb 2022 09:09:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

204

match
ssp-sync.criteo.com/user-sync/ Frame 78DD
Redirect Chain

https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dUsj31l9yRmJGZUpIb3laUkZUU3dHS2NEUmFwZGtmR1VyWXpURTZobHRDNVhnS0hrJTNE%26u%3d%3cTUID%3...
https://ssp-sync.criteo.com/user-sync/match?p=Usj31l9yRmJGZUpIb3laUkZUU3dHS2NEUmFwZGtmR1VyWXpURTZobHRDNVhnS0hrJTNE&u=a307e5d8-d7c6-4e63-97b6-8387a26e404a-tuct910d0d3

0
141 B

19ms
18ms

Image
text/plain

178.250.0.189
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=Usj31l9yRmJGZUpIb3laUkZUU3dHS2NEUmFwZGtmR1VyWXpURTZobHRDNVhnS0hrJTNE&u=a307e5d8-d7c6-4e63-97b6-8387a26e404a-tuct910d0d3

Protocol

Server

178.250.0.189 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
cache-control: no-store,max-age=0
cross-origin-resource-policy: cross-origin
server: Kestrel
strict-transport-security: max-age=31536000; preload;

Redirect headers

location: https://ssp-sync.criteo.com/user-sync/match?p=Usj31l9yRmJGZUpIb3laUkZUU3dHS2NEUmFwZGtmR1VyWXpURTZobHRDNVhnS0hrJTNE&u=a307e5d8-d7c6-4e63-97b6-8387a26e404a-tuct910d0d3
date: Thu, 24 Feb 2022 09:09:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17879

GET
H2 200 pixels Show response
ssp-sync.criteo.com/user-sync/ Frame 46D2 13 B
352 B 21ms
20ms XHR
application/json 178.250.0.189
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-sync.criteo.com/user-sync/pixels?countrycode=DE

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.189 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: br
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
cache-control: public,max-age=299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;

POST
H2 204 events
bidder.criteo.com/csm/ Frame 46D2 0
265 B 16ms
15ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK log.ashx
ssp-bidapi.i-mobile.co.jp/api/v1/ Frame 46D2 631 B
932 B 272ms
272ms Image
image/jpeg 3.113.178.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp-bidapi.i-mobile.co.jp/api/v1/log.ashx?asid=1749267&msg=cdb_err_no_ad&type=1&id=21
Requested by: Host: picrew.me
URL: https://picrew.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.178.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 09:09:38 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 631
Expires: -1

GET
H2 200 n.js Show response
j.amoad.com/js/ Frame 2BA8 179 KB
46 KB 53ms
10ms Script
application/javascript 18.66.127.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j.amoad.com/js/n.js
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.127.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-127-68.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 020b033de4b89691ca7d5062f894009698d85e68a1057c35ce7beb7d6d4d6a28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: yRI.OrrAnpv20090jv5HNJreBc2bZpal
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 09:26:35 GMT
server: AmazonS3
age: 85376
etag: W/"da3289593b30cefa6c5066eac38c8f65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
date: Wed, 23 Feb 2022 09:26:44 GMT
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: S8g7PskUlijJfyzspMoZQDxoaf2RneLHlPwagq645uwHZUTZfg7SJQ==

GET
H2

200

sid Show response
mug.criteo.com/ Frame AFE5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=picrew.me&lsw=1
https://mug.criteo.com/sid?cpp=_lJv5nx4WFlGaGVjV0ZuUkk2a3JqWlRkT3czbFVDOUJSU25GMFZFa2t2Z1FHSldvYlFqZDlHbWszdmdXN24rajRhTDdwZ2hxUmttYkNEcWlGb2JYdUhjbklQOTRFYkRnYlB4NVRrd24xejRsYTFmV0Z0NHpnSDBiRHVLaE...

430 B
630 B

23ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_lJv5nx4WFlGaGVjV0ZuUkk2a3JqWlRkT3czbFVDOUJSU25GMFZFa2t2Z1FHSldvYlFqZDlHbWszdmdXN24rajRhTDdwZ2hxUmttYkNEcWlGb2JYdUhjbklQOTRFYkRnYlB4NVRrd24xejRsYTFmV0Z0NHpnSDBiRHVLaEhaOFpKQWVJTEl2dXN2OGQ5TWRJMndlUmgxR3hnWnNmMzUvWDB2M2JxSVVMeVpPSFhwaURQa0toR09XdEhuT1p0a2NhRFZkZHZ0UEZXckY0MUF0RVVwUWZjSWlxaTl4Z3FKdy9hUDdvY3BIRVJaQnNTbWdkangyeFJiaTNIN1djcGxHcklUL2F0ZFZlcWE4UUxiWE5MRHNIY0pQV0ZhNis3Q0ZHZjRPWVBMV2dyWFI0Z1pLSnRtNVRKbGErbjhOY1lHcEViU0MxZ2EzVExHUjY1YTVTaVNpaHFuUTBzbG02N0wycVBJWmpJcnhmZjBGOWZHWDA9fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b8c677265bfbb8f23a164720a6663400784cd9935b15be79144784841cf12e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:39 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3398
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:38 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=_lJv5nx4WFlGaGVjV0ZuUkk2a3JqWlRkT3czbFVDOUJSU25GMFZFa2t2Z1FHSldvYlFqZDlHbWszdmdXN24rajRhTDdwZ2hxUmttYkNEcWlGb2JYdUhjbklQOTRFYkRnYlB4NVRrd24xejRsYTFmV0Z0NHpnSDBiRHVLaEhaOFpKQWVJTEl2dXN2OGQ5TWRJMndlUmgxR3hnWnNmMzUvWDB2M2JxSVVMeVpPSFhwaURQa0toR09XdEhuT1p0a2NhRFZkZHZ0UEZXckY0MUF0RVVwUWZjSWlxaTl4Z3FKdy9hUDdvY3BIRVJaQnNTbWdkangyeFJiaTNIN1djcGxHcklUL2F0ZFZlcWE4UUxiWE5MRHNIY0pQV0ZhNis3Q0ZHZjRPWVBMV2dyWFI0Z1pLSnRtNVRKbGErbjhOY1lHcEViU0MxZ2EzVExHUjY1YTVTaVNpaHFuUTBzbG02N0wycVBJWmpJcnhmZjBGOWZHWDA9fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2155
content-length: 653
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 24ms
24ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220221&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f18286414c3c5642e2deed8ba7971b26610508dcd93839ca7a0739642ae579b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 09:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9879
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0988 13 KB
5 KB 24ms
19ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=picrew.me

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 3401
date: Thu, 24 Feb 2022 09:09:38 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame ED86 185 B
487 B 38ms
33ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=119&profileId=184&cb=6211592314

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

63b24216a40370d122b99cae7ce588a0771fd7332e986e4dd812d7ce70252c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 169

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 09:09:39 GMT

GET /
n.amoad.com/n/v1/ Frame 2BA8 0
0

GET
H2 200 pixels Show response
ssp-sync.criteo.com/user-sync/ Frame ED86 13 B
352 B 16ms
15ms XHR
application/json 178.250.0.189
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-sync.criteo.com/user-sync/pixels?countrycode=DE

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.189 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:38 GMT
content-encoding: br
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
cache-control: public,max-age=299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;

POST
H2 204 events
bidder.criteo.com/csm/ Frame ED86 0
265 B 13ms
13ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK log.ashx
ssp-bidapi.i-mobile.co.jp/api/v1/ Frame ED86 631 B
932 B 346ms
345ms Image
image/jpeg 3.113.178.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp-bidapi.i-mobile.co.jp/api/v1/log.ashx?asid=1765888&msg=cdb_err_no_ad&type=1&id=21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.178.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 09:09:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 631
Expires: -1

GET
H2 200 adroute_ads.js Show response
static.pc-adroute.focas.jp/js/ Frame 55AF 9 KB
3 KB 329ms
14ms Script
application/javascript 2a04:4e42:3::738
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.pc-adroute.focas.jp/js/adroute_ads.js
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::738 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 77807c6bc2831c6690326134a38f5e0ef1d56140e96cc6d9efe4480bb8d08e56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:40 GMT
via: 1.1 varnish
last-modified: Thu, 30 Jan 2020 04:33:46 GMT
server: Apache
age: 1752741
etag: "22b6-59d53f67acefe"
x-served-by: cache-fra19179-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
accept-ranges: bytes
content-encoding: gzip
content-length: 3294
x-timer: S1645693780.020838,VS0,VE0
x-cache-hits: 10

GET
H/1.1 200
OK imp_count.ashx Show response
ssp-bidapi.i-mobile.co.jp/ajax/imp/ Frame ED86 12 B
638 B 310ms
256ms XHR
text/plain 3.113.178.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/ajax/imp/imp_count.ashx?pid=70754&mid=509875&asid=1765888&bidid=113f5ca8-a316-4aeb-aed7-3141e2dd66b5&demander_type=1&demander_id=5&spec=0&nemu=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.178.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 09:09:39 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 132
Expires: -1

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0988
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com&sn=ChromeSyncframe&so=0&topUrl=picrew.me&lsw=1
https://mug.criteo.com/sid?cpp=XvkjH3xJR0F5bndNUkErVFdNYndXZ2dqK09NclExOTB3ak1qaTFpeW1sQ2I3SmhqUndpZzdOWnVTcUpTcWhYOU84Qm5hZ3pQTThFNHZmRm1kcjJRem54aTNUNEVLd1QxQlZpVkUyeFpkVit4SWZXTFJFSkREdzNiQlFiVH...

433 B
637 B

32ms
31ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XvkjH3xJR0F5bndNUkErVFdNYndXZ2dqK09NclExOTB3ak1qaTFpeW1sQ2I3SmhqUndpZzdOWnVTcUpTcWhYOU84Qm5hZ3pQTThFNHZmRm1kcjJRem54aTNUNEVLd1QxQlZpVkUyeFpkVit4SWZXTFJFSkREdzNiQlFiVHFpdXlVQWx5N1FtUHNnQ0kzOFZCbEpuTlhtS2ZkVzE3UjZMVEtmbkQ0dUQ3MDJiV0ZLRlEySzlZVklGZjVYQzJhdUFwUUttVkJIaHVIdHNLa3NpQS9ZVVNYL0x4VE5CaWZrNXVhMEpQYlhhb0hPWGhIZndYTnhHMHprcDRwTXJSU1gwR3VtNmJqdkNxRmxqanVjcFJNbDdFQ3lzVWt4UFduL1ZtWDg2akwzRWRmTDRqV1ZEaWtlUmdkZUdkSU55cTUvZEg5emQ3TVk0SmNnTmtqc0tvdE9GUkFEbjJWdXV0Qno0bFM2SkJhM2FPOVdVZHM4S2c9fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d1fe051cc085ae4a8a1a2aea42a78dc0a5c05a73aa520e5db729337f2831faca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:39 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4045
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:39 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=XvkjH3xJR0F5bndNUkErVFdNYndXZ2dqK09NclExOTB3ak1qaTFpeW1sQ2I3SmhqUndpZzdOWnVTcUpTcWhYOU84Qm5hZ3pQTThFNHZmRm1kcjJRem54aTNUNEVLd1QxQlZpVkUyeFpkVit4SWZXTFJFSkREdzNiQlFiVHFpdXlVQWx5N1FtUHNnQ0kzOFZCbEpuTlhtS2ZkVzE3UjZMVEtmbkQ0dUQ3MDJiV0ZLRlEySzlZVklGZjVYQzJhdUFwUUttVkJIaHVIdHNLa3NpQS9ZVVNYL0x4VE5CaWZrNXVhMEpQYlhhb0hPWGhIZndYTnhHMHprcDRwTXJSU1gwR3VtNmJqdkNxRmxqanVjcFJNbDdFQ3lzVWt4UFduL1ZtWDg2akwzRWRmTDRqV1ZEaWtlUmdkZUdkSU55cTUvZEg5emQ3TVk0SmNnTmtqc0tvdE9GUkFEbjJWdXV0Qno0bFM2SkJhM2FPOVdVZHM4S2c9fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2166
content-length: 653
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7AA2 13 KB
5 KB 12ms
12ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Feb 2022 08:57:58 GMT
expires: Fri, 24 Feb 2023 08:57:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3B24 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8448521cb91c09ca9d99e78fd89ad0ac0bc5ed7426c293886e7c431176487dce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iQ3CvPkOaZyR83AgI+LN8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 24 Feb 2022 09:09:39 GMT
date: Thu, 24 Feb 2022 09:09:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-iQ3CvPkOaZyR83AgI+LN8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3B24 0
0 59ms
59ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220221&jk=899883404839875&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AA2 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 20:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13530
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 20:21:46 GMT

GET
H2 200 icon_cJ0jWDTq5evmHVP3.png
cdn.picrew.me/app/image_maker/1358598/ 59 KB
59 KB 8ms
8ms Image
image/png 18.66.97.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.picrew.me/app/image_maker/1358598/icon_cJ0jWDTq5evmHVP3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75d010e6c0b5caa6cb8d3016d66a8af17a2d24514ee025c469d700baa4e17798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 22:27:49 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 22:27:42 GMT
server: AmazonS3
age: 556911
etag: "07f569233c715808d5ca73044ff32946"
x-cache: Hit from cloudfront
x-amz-version-id: 67Xim3WpXJAzh_DTQA6S64oz9vuZlI3e
cache-control: max-age=25292000
x-amz-replication-status: PENDING
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/png
content-length: 60370
x-amz-cf-id: i2CkPOT5Xxa-X6YYFV0v8qLEtZWb7NVzIhl9XzA7QRWml5fgEs38cQ==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7AA2 0
9 B 8ms
8ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cQyWPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK log.ashx
ssp-bidapi.i-mobile.co.jp/api/v1/ Frame 46D2 631 B
932 B 331ms
330ms Image
image/jpeg 3.113.178.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp-bidapi.i-mobile.co.jp/api/v1/log.ashx?asid=1749267&msg=render_err_no_fill&type=1&id=23
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.178.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 09:09:40 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 631
Expires: -1

GET
H2 200 adroute_ads.js Show response
static.pc-adroute.focas.jp/js/ Frame 40E8 9 KB
3 KB 15ms
15ms Script
application/javascript 2a04:4e42:3::738
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.pc-adroute.focas.jp/js/adroute_ads.js
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::738 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 77807c6bc2831c6690326134a38f5e0ef1d56140e96cc6d9efe4480bb8d08e56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:09:40 GMT
via: 1.1 varnish
last-modified: Thu, 30 Jan 2020 04:33:46 GMT
server: Apache
age: 1752741
etag: "22b6-59d53f67acefe"
x-served-by: cache-fra19179-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
accept-ranges: bytes
content-encoding: gzip
content-length: 3294
x-timer: S1645693780.038594,VS0,VE0
x-cache-hits: 11

GET
H/1.1 200
OK imp_count.ashx Show response
ssp-bidapi.i-mobile.co.jp/ajax/imp/ Frame 46D2 12 B
638 B 234ms
234ms XHR
text/plain 3.113.178.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/ajax/imp/imp_count.ashx?pid=70754&mid=509875&asid=1749267&bidid=ead363d8-0535-434e-80aa-85c112ed9b3d&demander_type=1&demander_id=5&spec=0&nemu=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20181121
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.178.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-178-99.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 09:09:39 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 132
Expires: -1

GET show_page.html
pc-adroute.focas.jp/ads/ Frame 0F88 0
0

GET adr_id.php
pc-adroute.focas.jp/ads/ Frame BE75 0
0

GET show_page.html
pc-adroute.focas.jp/ads/ Frame 068A 0
0

GET adr_id.php
pc-adroute.focas.jp/ads/ Frame 55AF 0
0

GET show_page.html
pc-adroute.focas.jp/ads/ Frame D3C1 0
0

GET adr_id.php
pc-adroute.focas.jp/ads/ Frame 40E8 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5221 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOPAdXJFAlj9WPf0kOtF_JWM2wz6HxJ393Il3HkS67CMp1T7_uUV4tIAZgomYZu3OxsAX1BP5w2YkylyO6G1MiMtjFMF9Osfjqx2SFQqFv61KmKoJ9&sig=Cg0ArKJSzHbWOHDmKhTyEAE&id=lidar2&mcvt=1001&p=881,1012,1481,1312&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=0.53&if=1&app=0&itpl=19&adk=344814881&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645693777596&rpt=1777&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220221&jk=899883404839875&bg=!kpGlkdXNAAbf-5Dq3_s7ACkAdvg8Wj3yeMMnCGjqlydNcJDR6YpTFVadixBhT3ynC4RFha7q_DbTzgIAAABjUgAAAAJoAQcKAELlqbnjkcnXjFfzLz3eVDOBwqtHbB-e4I-iHP7ZtDPQ9pRRYe6S35m9kdO1NDXQx2_bJ11l21zl9csP5QNyr5lpqt-ZArIsI2Q8fBpv-Zd36QIuAhpwwUD8gmz6eSEz06oHHHlsZEUnh59HKU1KZLoh2m3J5Zldf3ivCWeTpRBCr4ZTlsFl3m6MqY4_3ZF3jruaxQl0Hudl4QtviIguysdUF0BYCjJKqwqhDGZV5SV_JQG4YL60zUMv-Y5LIzg3skML5zaxcC2IdJ8vjYvg_ZVk2Cjeb6bRGVHUZMOe6WZW99wJPX1h8r-1L80gUgoBWQG-r_CXGwDfP-nJxmnnKREhAIksfJfyBeWnAp8sYidNi9XvncelHJbl8p0VmNIn3vYPvQUDCu_BCJTWO88RaECIhD9xwJSTcOj_U-LoLVcjtxoCeE5hH_gdN4IkcoqsDzHOYZ0cm4PeletjVedntqIVCsHaz_BYQ7ePzWzb4QB0oPggXEuuS8q3BVguBbanyZVi3tumQw9gfTN-8qTHN_Wr4z0wNOfF0EJ4ckXFWxn1xOtVAJfimQOg6xxU4wCFlHC0sPyDxVkr4rf2ofU3j41TUSvq502jtidWCXipVg4T9WIjPJgDQ-LxNmuhn7TKzIpHq5U3lowKb90lKSyaQxU0B5EqF9vDeox3GD5CihGNEd12nda8SLlHBWaJLDsX1KZ2p-FAMbkH8DwMH6NyF4qPDIX_hOuAmn8Evjmxl15dzNYFg9ADDSeu3BQSjktkGBX__o_lmQxffiVHfwABSzZmjArhAGpfmC8FRgz4lIa0ZtoyeEz3EDxJaJpuvIn8LAiTmA-y-wQcYsqCFLZBymuWgn0fimJh3i0_EM5lmai1vguLGv29srWaa87fzX6U6tIyAOVU9ucXmbv_eLjBMXyWSBGwPaXgn1JU6mWp6mJ9_RT2IAlEdeWwPuwWm7U4e-_wijE1ex_wIbmW2JSUehixFx6O3yBevaL38gT5d5oBr44FvP0Tr2c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://picrew.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 09:09:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: n.amoad.com
URL: https://n.amoad.com/n/v1/?sid=62056d310111552cc1ccc926a2530d490bb28195d64335b6e50b41af94f4adb5&url=https%3A//4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&ref=&cb=__amoadNativeCallback&plog=com_amoad_sw%3A1600%7Ccom_amoad_sh%3A1200&ssl=1&rnd=237&version=6.3.42

Domain: pc-adroute.focas.jp
URL: https://pc-adroute.focas.jp/ads/show_page.html?mid=115542&type=1&block=adblock_115542_2&inner_w=728&inner_h=90&scr_w=1600&scr_h=1200&time=1645693780

Domain: pc-adroute.focas.jp
URL: https://pc-adroute.focas.jp/ads/adr_id.php

Domain: pc-adroute.focas.jp
URL: https://pc-adroute.focas.jp/ads/show_page.html?mid=124360&type=1&block=adblock_124360_16&inner_w=300&inner_h=600&scr_w=1600&scr_h=1200&time=1645693780

Domain: pc-adroute.focas.jp
URL: https://pc-adroute.focas.jp/ads/adr_id.php

Domain: pc-adroute.focas.jp
URL: https://pc-adroute.focas.jp/ads/show_page.html?mid=124361&type=1&block=adblock_124361_1&inner_w=300&inner_h=250&scr_w=1600&scr_h=1200&time=1645693780

Domain: pc-adroute.focas.jp
URL: https://pc-adroute.focas.jp/ads/adr_id.php

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
picrew.me/	1970-01-20 01:18:18	Name: AWSALBTG Value: 9hdtPuQoN/8Rjs8ZaVrES+xKDCN8y+THJPbhtxvVT8kUEsyACR+8hTwPGK6cbJWX2X74Od/hpOSj7a0LvOIB11MmaWZ5Z0bHZjqmH1TXVu8RiZtZ/I4rpatt9M5kqRHOyMsMm3vsDzB6AValADkA29ZjQY8hj9I6rd9DX/P7Yowx
picrew.me/	1970-01-20 01:18:18	Name: AWSALBTGCORS Value: 9hdtPuQoN/8Rjs8ZaVrES+xKDCN8y+THJPbhtxvVT8kUEsyACR+8hTwPGK6cbJWX2X74Od/hpOSj7a0LvOIB11MmaWZ5Z0bHZjqmH1TXVu8RiZtZ/I4rpatt9M5kqRHOyMsMm3vsDzB6AValADkA29ZjQY8hj9I6rd9DX/P7Yowx
.facebook.com/	1970-01-20 03:17:49	Name: fr Value: 0nx0nPOKp7N7dmct1..BiF0tQ...1.0.BiF0tQ.
.picrew.me/	1970-01-20 01:09:40	Name: _gid Value: GA1.2.2037566884.1645693777
.picrew.me/	1970-01-20 01:08:13	Name: _gat_UA-37779012-8 Value: 1
.picrew.me/	1970-01-20 18:39:25	Name: _ga_TXZ7V095SJ Value: GS1.1.1645693776.1.0.1645693776.0
.picrew.me/	1970-01-20 18:39:25	Name: _ga Value: GA1.1.1742949966.1645693776
.picrew.me/	1970-01-20 10:29:49	Name: __gads Value: ID=876abf6c0adf09ce:T=1645693776:S=ALNI_MaonVOHtzOZQp479LCP7Im3oqLbBA
.doubleclick.net/	1970-01-20 10:29:49	Name: IDE Value: AHWqTUnd_IxfrqSXeAHIj9BAhU94bM3pE9mb8WRRmqKkQ3EFiVCNp-JlSas-7nOHrCw
.doubleclick.net/	1970-01-20 01:08:17	Name: DSID Value: NO_DATA
.ladsp.com/	1970-01-20 01:08:17	Name: cr Value: 1
.ladsp.com/	1970-01-20 18:39:25	Name: smn_uid Value: Dl-yhYhcn9xNZ_2rLTCrDg47b6Hs9Mc
.criteo.com/	1970-01-20 10:29:49	Name: uid Value: 57028c3a-1868-4f6d-a8ed-9be2ec17b5bb
.bidswitch.net/	1970-01-20 09:53:49	Name: tuuid Value: 2476dcc1-bfcb-4e40-86e9-798544533b92
.bidswitch.net/	1970-01-20 09:53:49	Name: c Value: 1645693779
.bidswitch.net/	1970-01-20 09:53:49	Name: tuuid_lu Value: 1645693779
.bidr.io/	1970-01-20 10:36:43	Name: bito Value: AAESaU7ELpcAAH86S5mV3g
.bidr.io/	1970-01-20 10:36:43	Name: bitoIsSecure Value: ok
.betweendigital.com/	1970-01-20 09:53:49	Name: dc Value: was1
.betweendigital.com/	1970-01-20 09:53:49	Name: tuuid Value: 589523a3-aaac-5337-8018-0460e20f4f33
.betweendigital.com/	1970-01-20 09:53:49	Name: ss Value: 1
.betweendigital.com/	1970-01-20 09:53:49	Name: ut Value: YhdLVAABTAhDXPH1HZIYAhiH7qg8QJZkYkFw4w==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4def3123c43e4c11e07c0e3c6e847432.safeframe.googlesyndication.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adservice.google.es
bidder.criteo.com
c.amazon-adsystem.com
cd.ladsp.com
cdn-fluct.sh.adingo.jp
cdn.picrew.me
cdn.syndication.twimg.com
cdnjs.cloudflare.com
connect.facebook.net
cr-p31.ladsp.jp
cr-pall.ladsp.com
dad.ladsp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
imp-adedge.i-mobile.co.jp
j.amoad.com
match.prod.bidr.io
mug.criteo.com
n.amoad.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pc-adroute.focas.jp
picrew.me
platform.twitter.com
securepubads.g.doubleclick.net
share-cdn.picrew.me
ssp-bidapi.i-mobile.co.jp
ssp-sync.criteo.com
static.criteo.net
static.pc-adroute.focas.jp
stats.g.doubleclick.net
sync.taboola.com
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
n.amoad.com
pc-adroute.focas.jp
104.244.42.200
13.32.119.188
13.32.99.41
13.32.99.43
130.211.14.194
141.226.228.48
142.250.181.226
178.250.0.189
178.250.2.131
178.250.2.146
18.66.112.114
18.66.112.34
18.66.127.68
18.66.97.119
2600:9000:236e:3400:1f:2964:4340:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:125e
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9d
2a02:2638::1c
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::738
3.113.178.99
3.126.204.78
52.213.253.251
52.222.210.175
52.222.214.49
96.46.186.59
005851d638bad7d26ea73a3595a0ab7722edbf1dbcdde195414043a94ebc711c
020b033de4b89691ca7d5062f894009698d85e68a1057c35ce7beb7d6d4d6a28
0280b5ec07025974d745833d91f3f71aff053cdb5aebbe37ab368b0284a56f81
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0862cba97e32d121c4b97badf91da074a845f9dfa4d2527e4cdf462ded1a4e7a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0e8bb154fcb18c88aeb5a0f8f2e19885df316658fc189dfddcdf05ca13e0bd30
0f421cd9c538701b2399f41b5e65fea622a771087cdc5cf4fe0e086988dba324
0fe3c7bdc89b2a7719a87f87db32a70914ba9fcb5eb297d10833860d5089f277
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fd5c8c48eb66518ab88bc8ed331bdd7c7a275767cede6ec4e89b86c8dade71
12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3
157e70989ce236952d153e1bb72e9080c10de4dedaf282c20eb1c904cea0281e
16cad2e6beabbaba2649cdac66affba5d690012a4d8437529ef5780734f06af1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18f17feacc01dcb919f7a06768f7407592d1578ee94a5bd36d9d214f0ca70722
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1bf34e77ed7eba013e27e995b8a9264ad7156c94c9e57d2883ecd2708e254277
1c912b63f0bc7bac4f0b3bded5510f9fc901613744429c18d9b0fc962879e3bb
1cdee12cfea4989bae5db527ea864db56297886006be5af128812c00581a1182
1d850d5a1e842b0986d034e2fcdb5e4a4274b9f0d0ba2ad0688ee7f018a2839e
1edc83f7137848a661dbf5a61dbe4bb3b42fc7d064004560ea0269b45747e7d3
21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4
24062633a1da9cb6cd061e9faca3a7ea84d02c15cc7b312aacc6cb1c1c16e650
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
25a95b3c878dc75218dc64253c799f54d5146215130a08652bd0437efddaa698
2b40868a269d29692abde9947972e7122d4e8b1687ea497e2684b858a4388719
2b533fe5c53324b1ed9a449bbd2d899930396f3b03b05b4c06ee83dd98879074
2b65a8bf8d25642b29e9a3e518b0f5e489b6243dbe9a2cfc002cde358763af68
3234b6ec3276a2056d3bb8ba5f8ee9e42538edf0685310b0315a7e8a6d72973e
342245848b6ba171bf23a54eed05aac9d589fc25ec56ae717fdc517178c88492
37d11f02bf952841680f2a99490d0012bd6fa3cef318db86442f324c1a378a77
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
3f5bc9e9ab4d43a162687ff2b189d055f1d35be494cdb5575a86176d2190ad18
3fefa63cc90985e2e674a2681e2e53c98f82bf1e0108c437557165b8852bd1cb
40adfb9150d6a8533ed889c7ce80805df4b3ddb0e3d93743f1c260a65ed308c0
41568ba8144f47b70f0e4189b2d731a9f5a81da15257ca330da0a6f6db9b30a5
41d557e5430453c9223fde9cc2e2ab3030a37628310635ac468b2bc558933781
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
44110b3ae85203f5d4abce14d4b3489a9a2071381c909b98527407310816d767
44225fe49c69b257f2e09a0133dcd7c7a5e15e27bff44dc577ab63b74e2b620e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
47ec87be6c8e77237819637e92b791b88e0da3d8cc2348735c5a63b24679bb0f
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
4addc437675fcd66ec3a60c7456118520379aedb240eaabcf33b69ec5c85e84d
4c66b4578170fd18c4f67b0822f1563f9b3b7407682978cad99b91e87d51f94b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9c19f33bdf6b04a5963ba3c2d81a794ed71c4eedb233acb5da724dab88e228
4fc7839b6879b5e3b3605484e1ab69e4f0c3583dde2831953f6cc7face1a4be4
51cf7fe67a40a5337ea51d1e0cedc61268e213c7f53a1b8e6d488a057f838ea2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101
5a1b80ee6e5bd5b24d257d38b3e9d961f84139ba41344895962748c533215d15
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5bc401528e210d05de92040de97620a3d079d8c5f93907ce6e5beed90a178b8e
5bf8c54c34b6a6b2b1257247252911bccb86e28ec9c09f3a62723819dbaeb56a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b24216a40370d122b99cae7ce588a0771fd7332e986e4dd812d7ce70252c29
652a384127b16fecd7564ffd3858bc4d7b9b78fb4c6b65d8d3698b20f6ef4268
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6c4034c1dcbfbce768f4d0f888b6126104ca00dcbd5884baacb4fac99df1f79b
71879ba0bf5893175fb534702b7827eaaf137aaccc06d875302c1c1dfccafaef
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75d010e6c0b5caa6cb8d3016d66a8af17a2d24514ee025c469d700baa4e17798
77807c6bc2831c6690326134a38f5e0ef1d56140e96cc6d9efe4480bb8d08e56
77fa57a9b5ec666af048ba2941551957b8e556e0f3111dcd527ccb8da87a642f
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
786b6adc2e6f5d2306b13b852a601c0f9d59345e92adc1388ff9a7060bfbf9e2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ae94c60f70a00801d0a4f8ca5866256d9b36d10e66b27893858bc34d7a447a5
7bb1de516325d27d889ca6dd51eca7728ed969f3b5e6b9e3d26ec272602e7605
7dd21c9cea9dadb7e0531c837945e64ecbf1b4fdc2ec4f5c0b736715064f7ebc
825dd16d8f642ff84080e41219f2642bdd77fc30df9b8bb50dbe240c42b8b393
8285c162faba73f57257892f4cac256e6c5efc648820a24e7591ac582ceec359
8448521cb91c09ca9d99e78fd89ad0ac0bc5ed7426c293886e7c431176487dce
8463cfd4cb847430b645a098c0e528c17cabfa130558c155f257a6cab9f73e15
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
8964b626d4f92d0c6dc7399bb4a84bb8092deba700d0fe409b04cb8b41911609
896adbef37156db8b4872b6f9ca2ee08ef76b22759c1706b7c34fd537b3f59d3
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8e2dc2bd0f61381332190d172daf5293260c8177673e1105ec4df098e5a9d651
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
98e0a7b748464c158db9d0781e9d19c12eb2bd493dd97b6503a4331f5aa3e712
99561e203607f3fb2add517965719836da0fcdb7d769d963ad19d39df03cf082
9c9f6c4b3fd9b75343e8ce729b29ca612905ed7898ac32dc7c76be6355a44087
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b5e22a9b8fdea1ee7437306ff87774f380705242619b0f0be2473a187daf7f
a5f856c739e3ab13065193cce31648f4ed7bc82d0c0bb0f5095001aed8149356
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ae7854ae440a4389fd7d9789c55bd80c7365dc0de4ac53f1702df4d07426f4cb
b4c923ed1aa906fafe4b279acf928cd43e89ffd396d6fab9c011ce69e1f0ca4d
b4ef5f66aeb06d70aadd6111f594dfb662a57988a2dbbda2668bef10ce737090
b6188815623690e449a84664fcad58a888cd72b70e2968ef38fea5b67dc78787
b6227515defa43493593661bd5eb5fa369c22843fab1cf4156d137ed5d7b439d
b86c0ca25e32a1e5d2451eb9e2255781a2f3a21a5bf5cc0f55a16ce73865a45c
b8c677265bfbb8f23a164720a6663400784cd9935b15be79144784841cf12e2f
b9aa9a36b1dd593347ad492182b05cebf6c5fb46162fa127f6ab6907a2dc2cd9
ba6200bb87b3dc57e108b40edfa4ff3a0cf2f7dec8d66f90fcd0f95a458bdeb9
c5b1f6f8e33b122ae20445896f2799f9e9cb7f251741ed44242b0c86489307b1
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9823f05cd02d18682dfe7a5947e0912591a95bfe11f549fb3a9b2927fddf2c9
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
cca5a3d1a8326827e8a2667927ac8c241ada0405301532f31bab460e14fd8b75
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
d1fe051cc085ae4a8a1a2aea42a78dc0a5c05a73aa520e5db729337f2831faca
d5d21146ddc435062b30bea09b3ed227e490a7a9ead7b44309be7ed638c6e436
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1688c4fc97581a18e248aae6b930d2ec9016896c369ded6a5a8591ba7df88e6
e2c01cfa00f16ffdfefadb1e081929b1680a3c91a4f82bf9831f0c82cb4d6954
e330612f423c424761ea932c9d2a04696576c340b2133c8b812df982ed462edf
e356ed130c233407ae93696fdef45d64f93808ab0c2dd832ddf53726fcfd3036
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
edef583e1ad70d406280aa3c838a88220638b9d42d1daa8c9930ed26e99ae5f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18286414c3c5642e2deed8ba7971b26610508dcd93839ca7a0739642ae579b8
f196431583517ee475b637b19a0eb01ada9f75e0cae8e1c31cdf85e0eb6ee012
f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047
f5495af1da4870dc43a39bf20f709d780b98284c230e4bf9a8cf34554ab8cc1d
f5afb63950c19ed7954509fb218b1a90be4fb6460e488ee0d521516ec1192cce
fc937004dc56ed1196a0a6ae3078450d97f249f8483f9c42d806b7cba0a39165
fd0bdc2ecef3cd5a25ca70ad811749101f50da49a43eb4de1877482531dbc84c
fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ffe6c1d218c4ab3128d2ce01070022a7340b1f379b2a8abaca3ac1992f0ced81

picrew.me Open in urlscan Pro 52.222.214.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

202 Requests

92 %HTTPS

55 %IPv6

30 Domains

49 Subdomains

40 IPs

7 Countries

2714 kBTransfer

6486 kBSize

22 Cookies

8 Outgoing links

Page URL History

Redirected requests

202 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

picrew.me Open in urlscan Pro
52.222.214.49 Public Scan

Screenshot
Live screenshot

Full Image

202
Requests

92 %
HTTPS

55 %
IPv6

30
Domains

49
Subdomains

40
IPs

7
Countries

2714 kB
Transfer

6486 kB
Size

22
Cookies

202 HTTP transactions
20 data transactions