urlscan.io logo urlscan.io
SecurityTrails logo

newyear2022.ecarepk.com Open in urlscan Pro
161.97.78.118  Public Scan

Go To Rescan Add Verdict Report
URL: https://newyear2022.ecarepk.com/
Submission Tags: phishingrod
Submission: On January 27 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 5 countries across 22 domains to perform 116 HTTP transactions. The main IP is 161.97.78.118, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is newyear2022.ecarepk.com.
TLS certificate: Issued by R3 on January 27th 2024. Valid for: 3 months.
This is the only time newyear2022.ecarepk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 161.97.78.118 51167 (CONTABO)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 15.204.22.185 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
14 2a02:2638:3::3 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
11 2a02:2638:3::10 44788 (ASN-CRITE...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.2.49 54113 (FASTLY)
6 142.250.186.98 15169 (GOOGLE)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 1 18.193.107.248 16509 (AMAZON-02)
1 35.214.149.91 15169 (GOOGLE)
1 1 51.89.9.254 16276 (OVH)
1 1 35.186.193.173 15169 (GOOGLE)
2 2a02:2638:d::c 44788 (ASN-CRITE...)
1 2600:1901:0:7... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 91.121.248.44 16276 (OVH)
116 27
20    161.97.78.118 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: niazitv.pk
newyear2022.ecarepk.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    15.204.22.185 (Hillsboro, United States)

ASN16276 (OVH, FR)
PTR: ip185.ip-15-204-22.us
db.onlinewebfonts.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
10    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
9    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
14    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
11    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
8    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    18.193.107.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-107-248.eu-central-1.compute.amazonaws.com
d.agkn.com
1    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
2    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
1    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
Apex Domain
Subdomains		 Transfer
28 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386
csm.eu.criteo.net — Cisco Umbrella Rank: 8850
195 KB
20 ecarepk.com
newyear2022.ecarepk.com
758 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
312 KB
15 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
62 KB
10 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 29340
ad4m.at — Cisco Umbrella Rank: 11475
assets.ad4m.at — Cisco Umbrella Rank: 41583
91 KB
6 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 8778
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15704
101 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
195 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344
static-de.ad4mat.net — Cisco Umbrella Rank: 164401
1016 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
148 KB
1 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 41332
327 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 7224
670 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
444 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
235 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 776
788 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
757 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
589 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
30 KB
1 onlinewebfonts.com
db.onlinewebfonts.com — Cisco Umbrella Rank: 38421
685 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
4 KB
116 22
Domain Requested by
20 newyear2022.ecarepk.com newyear2022.ecarepk.com
14 static.criteo.net ads.eu.criteo.com
11 imageproxy.eu.criteo.net ads.eu.criteo.com
10 pagead2.googlesyndication.com newyear2022.ecarepk.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
9 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 cm.g.doubleclick.net googleads.g.doubleclick.net
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
3 csm.eu.criteo.net ads.eu.criteo.com
3 www.googletagservices.com googleads.g.doubleclick.net
2 assets.ad4m.at as.ad4m.at
2 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
2 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com newyear2022.ecarepk.com
www.googletagmanager.com
1 pv.medialead.de as.ad4m.at
1 static-de.ad4mat.net as.ad4m.at
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 ius.ctnsnet.com 1 redirects
1 onetag-sys.com 1 redirects
1 x.bidswitch.net googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 um.simpli.fi 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com newyear2022.ecarepk.com
1 db.onlinewebfonts.com newyear2022.ecarepk.com
1 cdnjs.cloudflare.com newyear2022.ecarepk.com
116 33

This site contains no links.

Subject Issuer Validity Valid
newyear2022.ecarepk.com
R3		 2024-01-27 -
2024-04-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.onlinewebfonts.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-22 -
2024-11-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-03 -
2024-02-28		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-03-03		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2024-01-18 -
2024-04-17		 3 months crt.sh
ad4mat.net
GTS CA 1P5		 2024-01-16 -
2024-04-15		 3 months crt.sh
pv.medialead.de
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh

This page contains 16 frames:

Primary Page: https://newyear2022.ecarepk.com/
Frame ID: A5F84EFB0D87B6BB686E7CB6480ECDCC
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 529E0C501AAB7BFE1A1777B382A2BA12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&adk=1812271804&adf=3025194257&lmt=1706360990&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989926&bpp=3&bdt=870&idt=383&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5503378232960&frm=20&pv=2&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=399
Frame ID: CFF2F891AE1877141F38DDF3FE0C5C9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=483746688&adf=3501923860&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989929&bpp=1&bdt=872&idt=403&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=407
Frame ID: 18132138AB0D0E928D6EC0F403D508D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=685168323&adf=3878751071&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989930&bpp=1&bdt=873&idt=413&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=416
Frame ID: 757D10AACF0247D77C3C86C7003BA24E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Frame ID: 11CEE7FD8AF2C424D86F102A95FFD92B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8F8E2D18C8B5EAFFABBC61F5CA8954BA
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Frame ID: 74FF3A2934C695FCF641165FF76379A8
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Frame ID: 4F05A001B4FB751228472534A15ECBA4
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kyfpterjz0dbjxsc3tv8sdtrj9a1dhgqf7g95tnpswpxk34gmnpmxkgjsbs2fyb3nyb9xpsf1p1xgc9yc4rnp5ct9zebbeq43sav285ymhhz47kze76qerbjey1p2mppthywd98v56vzpgrer3hvtebkbk737gwn1nf12k6vz5yw74f3mx4t0zq6cac5d4m2573tts45ecb7mqjkndj5xy9npst20xq64wwrj71d89bj3746d812z98mr63261tnzeyzycw9rh0qhgj3rbfe16dmpdb3c66jpew7evy2h51exh9qv54et39dzy6qdpy4asfs9eg3hdh5hwmegept69c7adddvrcz7eba431ba3zx7y12g6beth2mt2m8jf3506j40xkghm9b7fd53xy1bvfhrm93r9rkw1br94g543y4zjhwvexw9ktkwte46wek524k7f0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%26client%3Dca-pub-7538371298685357%26adurl%3D
Frame ID: 612504C57AC864916C9014FB8DB801DD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Frame ID: 6D2CE57A6039ABD9B788AF5EBE2CBBBA
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 40D1BA5B84CB412FAC46B9639BBCFD74
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 1C3AF6FA8839E5078F4015CAC260830F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=86b418230bfcf36970a3031ac0d04652%2F4319365691901555846&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1706360991797&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1grz4t06w2t1rg90dfxrzmek176343p98wtwt3jkqnpnxcg9ex094q39s4962echt9p07pj6h41mhek8we2v4m0803qhdnjwpsd15ptnmh9c05hrv1b0t6w7p2tvfrwgdv18rzwjq90g1reea44yzx45gtkwtmn1dp5t26d6p3256xavkenq3nss1889pk50zw80zsxavwy7xg5hx7h5qe80kr27cf2ra2p2sss3v29khrpe16v8mjjhsws2aqs0wt6t75d9rbzm6wf6611qyapw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%2526client%253Dca-pub-7538371298685357%2526adurl%253D&y=1&s=&z=0
Frame ID: 53C6434D9D95D8804AF8A2E4AF33B33A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4CF97719FC02378D60AD8C8688478C3A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B0F7AA258000430A43B8E03A9A78338
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Surprise for you from !

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

95 %
HTTPS

65 %
IPv6

22
Domains

33
Subdomains

27
IPs

5
Countries

1921 kB
Transfer

3918 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIwny-a43twTPw8IQu5Clpc&google_cver=1&google_push=AXcoOmSpmbYt5-q4r5Ez3b4UqEsJg8rJq8BwyuG84A6MjKTOi-6eFSNkqHJktcpBEVijkceScgnQwcNIEExgGcb-rt_LOzZm0H-FMebMxwMGNxgL4oLTfrd1UVnzvyyAIdfHze7-m-aexcSW6jJtu88sqFIyp0Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSpmbYt5-q4r5Ez3b4UqEsJg8rJq8BwyuG84A6MjKTOi-6eFSNkqHJktcpBEVijkceScgnQwcNIEExgGcb-rt_LOzZm0H-FMebMxwMGNxgL4oLTfrd1UVnzvyyAIdfHze7-m-aexcSW6jJtu88sqFIyp0Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIwny-a43twTPw8IQu5Clpc&google_cver=1&google_push=AXcoOmSpmbYt5-q4r5Ez3b4UqEsJg8rJq8BwyuG84A6MjKTOi-6eFSNkqHJktcpBEVijkceScgnQwcNIEExgGcb-rt_LOzZm0H-FMebMxwMGNxgL4oLTfrd1UVnzvyyAIdfHze7-m-aexcSW6jJtu88sqFIyp0Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSpmbYt5-q4r5Ez3b4UqEsJg8rJq8BwyuG84A6MjKTOi-6eFSNkqHJktcpBEVijkceScgnQwcNIEExgGcb-rt_LOzZm0H-FMebMxwMGNxgL4oLTfrd1UVnzvyyAIdfHze7-m-aexcSW6jJtu88sqFIyp0Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 83
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFTVJL-9B7xCmhNjdfZrXnQ&google_cver=1&google_push=AXcoOmR2c6o_QEOfNuGwv3rUdhLnFZFsL9FA_9Ux40l-jakaKloYJQ23thF40Oc3C37K_3yK50sNaLFaAj6d8CMm8OhzTxaf7hObJSvNoLPXND3lf91LRkvHjREikqhVAieUSDHvYJMJG_m_zGtg_IkifDUZjEE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFTVJL-9B7xCmhNjdfZrXnQ&google_push=AXcoOmR2c6o_QEOfNuGwv3rUdhLnFZFsL9FA_9Ux40l-jakaKloYJQ23thF40Oc3C37K_3yK50sNaLFaAj6d8CMm8OhzTxaf7hObJSvNoLPXND3lf91LRkvHjREikqhVAieUSDHvYJMJG_m_zGtg_IkifDUZjEE
Request Chain 84
  • https://um.simpli.fi/gp_match?google_gid=CAESECEksuR4OzmCP9aHDD1OE6U&google_cver=1&google_push=AXcoOmR4NsiDOQ53yXpHlHcWf4sReY1m4RSCuIoblGo_Hd9GucBij1mtdhgebBeVyEabQWsmqNoJsqaLkHQalrL2CO0u1RBDb1Kj0wan0bAymtJKPTPy-b49nxNZz-etUHQ2zMcBkSlfkjq3cTg5sb2VXtZWDg8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=214F00E5C5F54DE698EFBA321C0A51E4&google_push=AXcoOmR4NsiDOQ53yXpHlHcWf4sReY1m4RSCuIoblGo_Hd9GucBij1mtdhgebBeVyEabQWsmqNoJsqaLkHQalrL2CO0u1RBDb1Kj0wan0bAymtJKPTPy-b49nxNZz-etUHQ2zMcBkSlfkjq3cTg5sb2VXtZWDg8
Request Chain 85
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEMu4KaDr2P_TJOCCpIKFaQA&google_cver=1&google_push=AXcoOmTiuyR3JJhuGEdvfWiYfWMWzCfffKcddp8Dh52nr5WXzfFQiABctJwd8OH8057McwvVQszQCr5sIn7131EP2LXijuCNDXLy9JE0lphGbyilu7wR4J8r8myYh7rurLqQfN5laxRg-2Hu1NUR9i6xG2d0gHk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTiuyR3JJhuGEdvfWiYfWMWzCfffKcddp8Dh52nr5WXzfFQiABctJwd8OH8057McwvVQszQCr5sIn7131EP2LXijuCNDXLy9JE0lphGbyilu7wR4J8r8myYh7rurLqQfN5laxRg-2Hu1NUR9i6xG2d0gHk&google_hm=Q0FFU0VNdTRLYURyMlBfVEpPQ0NwSUtGYVFB
Request Chain 87
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKoNfsGYoa7xB8RFBldyncw&google_cver=1&google_push=AXcoOmQn26k3vt05qD9hPKDS-fPWIrRXDtCnEv1TnsJ3LMouFGZbp35V5HVjKzh4DFGNkKWuFweVSLFIn6g79YvNyCJOnIsQsWdr4nF_n0l8TTSxQh3DtCyE767VJczs3jkEFH8BzgaBga1LnfZIyW7hx71tB08 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQn26k3vt05qD9hPKDS-fPWIrRXDtCnEv1TnsJ3LMouFGZbp35V5HVjKzh4DFGNkKWuFweVSLFIn6g79YvNyCJOnIsQsWdr4nF_n0l8TTSxQh3DtCyE767VJczs3jkEFH8BzgaBga1LnfZIyW7hx71tB08
Request Chain 88
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESECnyqFJgtvNO4X8tEhU3RQk&google_cver=1&google_push=AXcoOmROskA_ykLeyvhOoNs5UzksOFKEW6F4M_kMJc2L99DDDr_Bx_IzM1VDmUvAgf3xLw0j0QEXiXyGAMR7R5c6-2i-fndKkHel1pkGl836TBRjP2w3SmRHvyEC5xv9RBTElOsYjcpKfeRT_hRdQ5codkp9VJ70 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmROskA_ykLeyvhOoNs5UzksOFKEW6F4M_kMJc2L99DDDr_Bx_IzM1VDmUvAgf3xLw0j0QEXiXyGAMR7R5c6-2i-fndKkHel1pkGl836TBRjP2w3SmRHvyEC5xv9RBTElOsYjcpKfeRT_hRdQ5codkp9VJ70&google_hm=AMm0m7MWSlmMmQv5Qps_ht0

116 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newyear2022.ecarepk.com/ 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
dd70d0ce99c8fce7f144cf9ef8126ea202cce89b6765d958909091b1e207d2a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
4771
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 13:09:49 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.58 (Ubuntu)
Upgrade
h2,h2c
Vary
Accept-Encoding
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1534745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TEEb8jqdMfqqmCx2o2MS2Ig2bVbGlZwoUloSEbBrmCFXbi%2FYOJQsMpSaFI0vzlq4Jzm6EWkFN41EwVSF6fGY5i0Ba3ZeibHmM5biAKwRjYygCGTej3kcSuK5t%2FaiIK7%2BK10gpnYXwgt3FigP0p302Cf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84c13b761a283bd2-WAW
expires
Thu, 16 Jan 2025 13:09:49 GMT
1c0f6618f877568764787163e8f22a1c
db.onlinewebfonts.com/c/ 		1 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://db.onlinewebfonts.com/c/1c0f6618f877568764787163e8f22a1c?family=SF+Espresso+Shack
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.22.185 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-15-204-22.us
Software
nginx /
Resource Hash
54ce4253f435ae1183352b55f8da52e7cc338a4473a00c7593e4780e088fab51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:06:23 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
nginx-cache
HIT
cache-control
public,max-age=86400,must-revalidate
access-control-allow-headers
X-Requested-With
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 08:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 08:11:23 GMT
slide.js
newyear2022.ecarepk.com/js2/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newyear2022.ecarepk.com/js2/slide.js
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Jul 2021 20:16:00 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"e11-5c793b8e9c000-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
828
year.jpg
newyear2022.ecarepk.com/js2/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/year.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
c94bc7b9c749864052c3716aea764aeb9f5a155efc130692dc17baf7e05e1ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Tue, 21 Dec 2021 15:49:14 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"1ea5d-5d3a9f2715280"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
125533
newyear.png
newyear2022.ecarepk.com/js2/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/newyear.png
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
1cca90308fb1897725dc4305db5c7493e58176eaca69a23f9a7704ffcc6def6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Fri, 24 Dec 2021 11:21:06 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"14851-5d3e28d0c0c80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
84049
4.jpg
newyear2022.ecarepk.com/js2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/4.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
09cde94bfc7f5f9d14191b1799b684b4c4ac7074a821383eb7fee55cecfe0fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Thu, 23 Dec 2021 14:52:46 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"22ba-5d3d1642f4b80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
8890
1.jpg
newyear2022.ecarepk.com/js2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/1.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
6f345ba86a5be677414a6a2c8552eab2cc0c84a76a81345e6d05253b4357f91f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Thu, 23 Dec 2021 14:46:05 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"4c7-5d3d14c488540"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1223
5.jpg
newyear2022.ecarepk.com/js2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/5.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
9b7352f5ead69920d1b7914ae242de89fae162ec60a60e686cf0414523ef703c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Thu, 23 Dec 2021 14:46:05 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"b51-5d3d14c488540"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
2897
2.jpg
newyear2022.ecarepk.com/js2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/2.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
c8f3b8759961e8ec1976bae9c91c5cf4c9526ab5c967c1ad4ab0223280306c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Thu, 23 Dec 2021 14:46:05 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"d7b-5d3d14c488540"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
3451
6.jpg
newyear2022.ecarepk.com/js2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/6.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
97954a4885270a0311b7c4e028c423e1cecd4885176c990632fc80b5a911686c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Thu, 23 Dec 2021 14:46:05 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"fa2-5d3d14c488540"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
4002
3.jpg
newyear2022.ecarepk.com/js2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/3.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
cca978ced7bebba2b7d80ae065bb9e970f9edacffc4d842c917bc968cf3eaeac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Thu, 23 Dec 2021 14:46:05 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"d62-5d3d14c488540"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
3426
7.jpg
newyear2022.ecarepk.com/js2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/7.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
c29e6ca0875a3d2234dd561fe33c606e27aebec20cf54de9bde3fd42d1d46e09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Thu, 23 Dec 2021 14:46:05 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"da6-5d3d14c488540"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
3494
8.jpg
newyear2022.ecarepk.com/js2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/8.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
6b94a42eb6dc53e24fdaca1e6e592f43eae44fb1da3704ec2aebe2ce93b7369f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Thu, 23 Dec 2021 14:46:05 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"d41-5d3d14c488540"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
3393
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7538371298685357
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57fbeff3e5ac489079cbbe78a7dc3ec482a49ba009d487794bc9e2e91f7381d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newyear2022.ecarepk.com/
Origin
https://newyear2022.ecarepk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51199
x-xss-protection
0
server
cafe
etag
1780285906609224365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 27 Jan 2024 13:09:49 GMT
wishkn.gif
newyear2022.ecarepk.com/js2/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/wishkn.gif
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
9af5d029a2b21e965ae26231f9f27578c6173d521e3e261023e33e87e3c98a30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Tue, 20 Jul 2021 19:51:42 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"9bac-5c79362026f80"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
Content-Length
39852
newyear2022.gif
newyear2022.ecarepk.com/js2/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/newyear2022.gif
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
703c4c10549a08cb4bd9f9052df7063c517d40b330f086ffce83947653c1d8b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Tue, 21 Dec 2021 15:53:46 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"4a0df-5d3aa02a7b680"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=85
Content-Length
303327
22.png
newyear2022.ecarepk.com/js2/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/22.png
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
9f70e15e12de0807999557996dbe7d3460cdcb2ab74eaf0cb42bfc583aa84d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Tue, 21 Dec 2021 16:20:11 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"17b56-5d3aa6120e4c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=84
Content-Length
97110
ce1.jpg
newyear2022.ecarepk.com/js2/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/ce1.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
b9c4f80c80658d69f114f21f13e1642ef25d1dc26008f486c940ee7495bdea97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Last-Modified
Tue, 21 Dec 2021 16:32:09 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"747b-5d3aa8becb440"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
29819
ce2.jpg
newyear2022.ecarepk.com/js2/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/ce2.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
0cd27b40c67de8ed58ab223475e23362837367ada689359c6437ccf9b31e6116

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:50 GMT
Last-Modified
Tue, 21 Dec 2021 16:32:09 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"73f1-5d3aa8becb440"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=83
Content-Length
29681
ce3.jpg
newyear2022.ecarepk.com/js2/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/js2/ce3.jpg
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
d2c39a5bd294a1894aa91ab99427ddb347ac9990f9d36174afd74846eb7b4822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:50 GMT
Last-Modified
Tue, 21 Dec 2021 16:32:09 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"6031-5d3aa8becb440"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=82
Content-Length
24625
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111510798-12
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed892fa66ada8bdc0c6904b6cd7287737f28636452fb6c3622d8c5c90b9183b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69612
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Jan 2024 13:09:49 GMT
/
newyear2022.ecarepk.com/img/ 		286 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newyear2022.ecarepk.com/img/
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
822ea53b7d5d9188f9dab761d0e5fc00b7fcf936923abfcdc616a781300a614d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:49 GMT
Server
Apache/2.4.58 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=89
Content-Length
286
Content-Type
text/html; charset=iso-8859-1
happy.mp3
newyear2022.ecarepk.com/js2/ 		68 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://newyear2022.ecarepk.com/js2/happy.mp3
Requested by
Host: newyear2022.ecarepk.com
URL: https://newyear2022.ecarepk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.97.78.118 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
niazitv.pk
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash

Request headers

Referer
https://newyear2022.ecarepk.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 27 Jan 2024 13:09:50 GMT
Last-Modified
Thu, 23 Dec 2021 17:10:34 GMT
Server
Apache/2.4.58 (Ubuntu)
ETag
"11af2-5d3d350fef680"
Content-Type
audio/mpeg
Content-Range
bytes 0-72433/72434
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=81
Content-Length
72434
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7538371298685357&plah=newyear2022.ecarepk.com&bust=31080696
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7538371298685357
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3794087f573b17100e06cce685453e1a9ac6c8ddc3b6044a5191ccc7de4a9915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140837
x-xss-protection
0
server
cafe
etag
9615203155733889366
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:09:50 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 529E 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7538371298685357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newyear2022.ecarepk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 14:56:01 GMT
etag
3890843268177463596
expires
Fri, 09 Feb 2024 14:56:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J4JFEG91D3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111510798-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
791668590126239e8fda98c50f3040406b816ed80280277ca3f71f9795648495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81755
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jan 2024 13:09:49 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111510798-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 27 Jan 2024 11:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4901
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 27 Jan 2024 13:48:09 GMT
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-J4JFEG91D3&gtm=45je41o0v9122006790&_p=1706360989609&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=151192504.1706360990&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1706360990&sct=1&seg=0&dl=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&dt=Surprise%20for%20you%20from%20!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2765
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J4JFEG91D3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newyear2022.ecarepk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=402595937&t=pageview&_s=1&dl=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&ul=en-us&de=UTF-8&dt=Surprise%20for%20you%20from%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=300407121&gjid=2100558581&cid=151192504.1706360990&tid=UA-111510798-12&_gid=752459724.1706360990&_r=1&gtm=457e41o0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1812667033
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newyear2022.ecarepk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newyear2022.ecarepk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CFF2 		57 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&adk=1812271804&adf=3025194257&lmt=1706360990&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989926&bpp=3&bdt=870&idt=383&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5503378232960&frm=20&pv=2&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=399
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7538371298685357&plah=newyear2022.ecarepk.com&bust=31080696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9191735534a681bee448cbd0a32d8f199600c5fd252d18b0eea135253e6f040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newyear2022.ecarepk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
19418
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:09:50 GMT
expires
Sat, 27 Jan 2024 13:09:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1813 		847 B
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=483746688&adf=3501923860&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989929&bpp=1&bdt=872&idt=403&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=407
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7538371298685357&plah=newyear2022.ecarepk.com&bust=31080696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b36bd07bb5ee6cc929b75c8ffdd455497b791a419a7ad9b8a7237d67579045e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newyear2022.ecarepk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
409
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:09:50 GMT
expires
Sat, 27 Jan 2024 13:09:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 757D 		36 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=685168323&adf=3878751071&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989930&bpp=1&bdt=873&idt=413&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=416
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7538371298685357&plah=newyear2022.ecarepk.com&bust=31080696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28ca935c6ea5d5c3b05fbc0f9e0f013dc9396906531ada71f646a28e94aced88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newyear2022.ecarepk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14903
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:09:50 GMT
expires
Sat, 27 Jan 2024 13:09:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/reactive_library_fy2021.js?bust=31080696
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7538371298685357&plah=newyear2022.ecarepk.com&bust=31080696
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ab991cfd1c0be8310c33fc6853306e6bde085fe96fcc5d96813a59f488b4c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57009
x-xss-protection
0
server
cafe
etag
1708138407555808560
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:09:50 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 11CE 		48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7538371298685357&plah=newyear2022.ecarepk.com&bust=31080696
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beba71c40626784c3bca59b46a2e4fe98d3baf670322f6cc5b8880f997909bc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newyear2022.ecarepk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17978
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:09:51 GMT
expires
Sat, 27 Jan 2024 13:09:51 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7538371298685357&plah=newyear2022.ecarepk.com&bust=31080696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newyear2022.ecarepk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 8F8E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7538371298685357&plah=newyear2022.ecarepk.com&bust=31080696
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newyear2022.ecarepk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 11:59:51 GMT
etag
3890843268177463596
expires
Sat, 10 Feb 2024 11:59:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 74FF 		172 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=685168323&adf=3878751071&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989930&bpp=1&bdt=873&idt=413&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
727ec9e0c40807a1725e2b1b3839de2099389dd9de0e40885f61ad328dc430e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:09:50 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=QMJuTb4e1keeN3YewrQbJTzxQvESRNsintqAKKKxBtmIZ7IoplSie1JS78WmC6UY4_2Ah1iLKWbT3ejwFN5NYTnnwahz-lxybeKyfyV_vC25ke4fe-ERxXLyh885tCS9t6OoxSDis7lgwHo-6mVc88M7fpKT9W8W53ql8YOTg2IiCFoJ9FhPysUknOFVQ1-BtJDIC1g5DOgoInOznAyuwGZbH7eyTB1uvg5S4OXpHipWNjYH1T9HBPgigJOwZICDKpPhyA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
61930999
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 757D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=685168323&adf=3878751071&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989930&bpp=1&bdt=873&idt=413&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 12:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3636
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 12:09:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 757D 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=685168323&adf=3878751071&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989930&bpp=1&bdt=873&idt=413&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
48474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 757D 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=685168323&adf=3878751071&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989930&bpp=1&bdt=873&idt=413&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:09:51 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4F05 		140 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cfe9395c4123749aad6775581575920bf46b583a6e061985fbfdf462a8095dfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:09:50 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=_M2dLr4e1keeN3Yeg1-4Ufw3ZTL1AG5Xsk_UKBnpjjB4NGp4cgc6693nMqWSYunDKt3jnDgT250vHEIJXb69YJoVfD2Hw2hb8LG_rQ-YQg2oNWQrVFLgGHBQHoS9qn3aIgeC6I8QjkGgteNnxKy_on9Vzxma4zBjZYnmDbcL7a3jLEJyeXfKUXE93kd2QjQuKOMMKiTGFKUR3ueWdbedwBN417b2OBXd6UufleeHWRHAhc-EBJhQoHVjdP0H7sZ9QXb2mA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
47939303
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8F8E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 12:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3636
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 12:09:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8F8E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
48474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8F8E 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:09:51 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4F05 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:09:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4F05 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:09:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4F05 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 21 Jan 2025 13:09:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4F05 		293 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 21 Jan 2025 13:09:51 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4F05 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ZgoFV97_owfTsP22XiXvkUAGKflY1nQ4-5jV9whbnpdKrhmo9eNgMo3xXqOzZ2k8BtPAU5-m10r-Z4nLD2fBv5T57PitunyWHWW0SWguD1Q5PSAk1a8vawKwTRSWtWpDlkemx12X7n1WWhoZGUqCY-uwljgRk4CX8792Brpe1T2q3sk05sxs4qCIuKV3zSWtjVviACfOqTtfNjej9CkCDTaHTq47XdfDO943drOCg4XYykQLpE6DzAFv50EszHJBz_NuUg-hyIVuPgJJPIstE9Q-BX0mz5PA2vH18pmJcBU_9up3uR2XkrCcBHMJrjN2xn_ZQYvLGBou7T2V1lWL7X7IAjX7hqhqsSY4DQEJhtKvniQ-fIZv-TF6BPHvz2TWrII-SJdX0-2tv1BpqV11t9berhLzO095VyUKpvGhubiPd7U4HF4225rNyL3r9D_N5oynsA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1813216
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 757D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
387b40b67b78526d88ef730fff9386c8d8eba78e400daa028a3c00398f3bd3f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8F8E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7bb73ad391657cafd0b0aa39101a892bf995dc797f1eabb8d1a814be5551acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame 4F05 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:09:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4F05 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=464&rid=4&s=c_cOnFQ3mQ-lq2sDUSwtdDCf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc98677b8fc84565b57a5c326dba02188b03fa3005be24110c6caf9c7aadca21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
21291
expires
Mon, 06 Jan 2025 04:52:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4F05 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=u33XSXyHuVIVHKM5y7bQsqKb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4F05 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F11129_102.jpg%3F1636111187_2&v=3&w=400&rid=4&s=OwJrqLXLfgkHQjehgtmTQxXg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98a2fbbfdf666c4b875ed5d04436b77dc3890b85788f085967b51bb0305bbee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
3748
expires
Fri, 02 Feb 2024 22:15:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4F05 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F2200_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=6OORgUOI7KJbx7_gxHpfZNi1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
17770
expires
Sun, 04 Feb 2024 20:24:17 GMT
all
csm.eu.criteo.net/ Frame 4F05 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=_M2dLr4e1keeN3Yeg1-4Ufw3ZTL1AG5Xsk_UKBnpjjB4NGp4cgc6693nMqWSYunDKt3jnDgT250vHEIJXb69YJoVfD2Hw2hb8LG_rQ-YQg2oNWQrVFLgGHBQHoS9qn3aIgeC6I8QjkGgteNnxKy_on9Vzxma4zBjZYnmDbcL7a3jLEJyeXfKUXE93kd2QjQuKOMMKiTGFKUR3ueWdbedwBN417b2OBXd6UufleeHWRHAhc-EBJhQoHVjdP0H7sZ9QXb2mA&sds=2&rev=90371&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 13:09:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4F05 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:09:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4F05 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:09:51 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 74FF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:09:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 74FF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:09:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 74FF 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 21 Jan 2025 13:09:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 74FF 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 21 Jan 2025 13:09:51 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 74FF 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=KE5LRd6CE6D-1zVCyUDLT1rTLHQQLSzlLlsZbTCAdcPQrzjyi7VpTXm0h_3JeQOD7ww1umZRVSSnm7ZZduZipTG7aH0XWI0elWCFp_SCfTKhu42MSfVnn4XIRLhdCjvjgoxjMvIOb6mbnjqKRUUi7ir2ztR4lvDJ1zfdQ44W-4srHTz5f6S-S0IWJEwX26gj18Q_ECMiAOAMd0je1vBWj7wVQk68qK3IWAtMiCKfgynrxE_WGXL4bhgSj3D6I1nP-zETlTgRKzHUR_3eFR6DhzEf9MRL2PIHlITnkPHizHANPsZ9vVDJZsoYY6w62bWBEN_Ekj6-Um_MVczyzFBx-Z3op9ihijGUbpejgA0pJ76VCQ96nWOSg-8MqIXW-bA7UMOorRThsWsRro-daxXEVZMJifprJqEHs4nQZgyNw2uxPyj6N3E42zyyAF2iLV1EonRIeA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1877536
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 74FF 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:09:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame 74FF 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F2200_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=6OORgUOI7KJbx7_gxHpfZNi1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
17770
expires
Sun, 04 Feb 2024 20:24:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame 74FF 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=278&rid=4&s=BZvhPR92__bO5GkyOYPYfs-o
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b4ae9a254738a91f08b2c8963063f9423fc1d25c2798e383302a6f3c463f98ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
25382
expires
Mon, 06 Jan 2025 01:54:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame 74FF 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=400&rid=4&s=Y7TV4IKYmPwHaoQnJZw2a1ST&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
22540
expires
Sat, 03 Feb 2024 04:28:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame 74FF 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=400&rid=4&s=y6WD4NEI1u8djBjaHxlKjpLy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 74FF 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F14484_102.jpg%3F1661517606_2&v=3&w=400&rid=4&s=KRhrsFBZCKYtK6BJGxisaza_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
3432
expires
Fri, 02 Feb 2024 12:22:48 GMT
all
csm.eu.criteo.net/ Frame 74FF 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=QMJuTb4e1keeN3YewrQbJTzxQvESRNsintqAKKKxBtmIZ7IoplSie1JS78WmC6UY4_2Ah1iLKWbT3ejwFN5NYTnnwahz-lxybeKyfyV_vC25ke4fe-ERxXLyh885tCS9t6OoxSDis7lgwHo-6mVc88M7fpKT9W8W53ql8YOTg2IiCFoJ9FhPysUknOFVQ1-BtJDIC1g5DOgoInOznAyuwGZbH7eyTB1uvg5S4OXpHipWNjYH1T9HBPgigJOwZICDKpPhyA&sds=2&rev=90371&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 74FF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:09:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 74FF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:09:51 GMT
dr
as.ad4m.at/ad/ Frame 6125 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kyfpterjz0dbjxsc3tv8sdtrj9a1dhgqf7g95tnpswpxk34gmnpmxkgjsbs2fyb3nyb9xpsf1p1xgc9yc4rnp5ct9zebbeq43sav285ymhhz47kze76qerbjey1p2mppthywd98v56vzpgrer3hvtebkbk737gwn1nf12k6vz5yw74f3mx4t0zq6cac5d4m2573tts45ecb7mqjkndj5xy9npst20xq64wwrj71d89bj3746d812z98mr63261tnzeyzycw9rh0qhgj3rbfe16dmpdb3c66jpew7evy2h51exh9qv54et39dzy6qdpy4asfs9eg3hdh5hwmegept69c7adddvrcz7eba431ba3zx7y12g6beth2mt2m8jf3506j40xkghm9b7fd53xy1bvfhrm93r9rkw1br94g543y4zjhwvexw9ktkwte46wek524k7f0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%26client%3Dca-pub-7538371298685357%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0e8c6d1f405ec57c0b4f59124413be2b0dcd8b5ccf8b8bc2f340a76537fcb16
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
84c13b849e738fdd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:09:51 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6D2C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 12:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3636
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 12:09:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 40D1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Sun, 28 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6D2C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
48474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:41:57 GMT
l
www.google.com/ads/measurement/ Frame 6D2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGpZt7uUuZUwBPLb7kKYtIkZEYhGs5Gc7kgoEnieAxET1b4upk7NDeWeMI7f2hAe-ssM-qYyTPU4nPhWAjH2yXVc9wuw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6D2C 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:09:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4F05 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F2200_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=6OORgUOI7KJbx7_gxHpfZNi1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
17770
expires
Sun, 04 Feb 2024 20:24:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame 74FF 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F2200_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=6OORgUOI7KJbx7_gxHpfZNi1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&u=%7CCQKkaVVbcMwwBUwBce7R2%2Bp2Awy9zj0plsyOmOHNfpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZ608drBVHMSKW3SYnV42AAsODbZi97hm64o6S_ZNHgw7K7SCAvjSWOx5JolFoPjRskc1FiJ56oiYAH0DtdsFxZMztO3Ee3pbmojluh1LXozJxCbS8xtpqmIvgjvPEo9g3CEQUYX_YcI1qk39wfmStC5-70aIR7D0O4EXEdUlhr6XqudoHOpgbwSQcCKHM3A3GbO2SNH9h9dysgJA967MxogNNHBQ1ik4nrkGKGQq5gI9sTjxp_1GhyjI277VZBKTuNIZprqnFSYU1KQZQvmEHSJe0tWvZHerEaGn4i8SHXEWV-FCyatCqkxu-0BNgqsb1Y3yVoeE1v6eCNJxFbj0Ur1Eh2zwdGCAWcKtYb13B0emrhJjIL9-toT-UIkhshv4qok3IUSAYlXRzd_KwwtSxfRKzIAjS2Awev0544hdzXsMy_yPacdJWM4sqbsJHrL8CHqZ1CekDza0sU-_qx1cMQ2unHYDxVavqGI7blMtv_EFTIA84J_Dqh_rRQdeAqWA5m9mjT33wtcmW09kOke1sDkHkY7uPvMHAFoiQK7pjuOFuw6vNRd5L2n9fVptSWrHEnyT9RYPRQSQC5aojRFerAiWViALAu35sSoukl_N8Vn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0jTAngC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT-AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elSjwOS8PsWA3PW9rfLdKWM47U7-V1xBFf9wPKnGGl6YJcJXQlOv2EXK7gAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pp5Z22X-Crmh1QvY_hlRSo50Knw%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
17770
expires
Sun, 04 Feb 2024 20:24:17 GMT
i.match
s.tribalfusion.com/z/ Frame 40D1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIwny-a43twTPw8IQu5Clpc&google_cver=1&google_push=AXcoOmSpmbYt5-q4r5Ez3b4UqEsJg8rJq8BwyuG84A6MjKTOi-6eFSNkqHJktcpBEVijkceScgnQwcNIEExgGcb-rt_LOzZm0H-FM...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIwny-a43twTPw8IQu5Clpc&google_cver=1&google_push=AXcoOmSpmbYt5-q4r5Ez3b4UqEsJg8rJq8BwyuG84A6MjKTOi-6eFSNkqHJktcpBEVijkceScgnQwcNIEExgGcb-rt_LOzZm0H-...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIwny-a43twTPw8IQu5Clpc&google_cver=1&google_push=AXcoOmSpmbYt5-q4r5Ez3b4UqEsJg8rJq8BwyuG84A6MjKTOi-6eFSNkqHJktcpBEVijkceScgnQwcNIEExgGcb-rt_LOzZm0H-FMebMxwMGNxgL4oLTfrd1UVnzvyyAIdfHze7-m-aexcSW6jJtu88sqFIyp0Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSpmbYt5-q4r5Ez3b4UqEsJg8rJq8BwyuG84A6MjKTOi-6eFSNkqHJktcpBEVijkceScgnQwcNIEExgGcb-rt_LOzZm0H-FMebMxwMGNxgL4oLTfrd1UVnzvyyAIdfHze7-m-aexcSW6jJtu88sqFIyp0Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:51 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84c13b860ea944f8-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:51 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
792
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIwny-a43twTPw8IQu5Clpc&google_cver=1&google_push=AXcoOmSpmbYt5-q4r5Ez3b4UqEsJg8rJq8BwyuG84A6MjKTOi-6eFSNkqHJktcpBEVijkceScgnQwcNIEExgGcb-rt_LOzZm0H-FMebMxwMGNxgL4oLTfrd1UVnzvyyAIdfHze7-m-aexcSW6jJtu88sqFIyp0Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSpmbYt5-q4r5Ez3b4UqEsJg8rJq8BwyuG84A6MjKTOi-6eFSNkqHJktcpBEVijkceScgnQwcNIEExgGcb-rt_LOzZm0H-FMebMxwMGNxgL4oLTfrd1UVnzvyyAIdfHze7-m-aexcSW6jJtu88sqFIyp0Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84c13b84bbeb44f8-TXL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 40D1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFTVJL-9B7xCmhNjdfZrXnQ&google_push=AXcoOmR2c6o_QEOfNuGwv3rUdhLnFZFsL9FA_9Ux40l-jakaKloYJQ23th...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFTVJL-9B7xCmhNjdfZrXnQ&google_push=AXcoOmR2c6o_QEOfNuGwv3rUdhLnFZFsL9FA_9Ux40l-jakaKloYJQ23thF40Oc3C37K_3yK50sNaLFaAj6d8CMm8OhzTxaf7hObJSvNoLPXND3lf91LRkvHjREikqhVAieUSDHvYJMJG_m_zGtg_IkifDUZjEE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230134-FRA
pragma
no-cache
date
Sat, 27 Jan 2024 13:09:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1706360992.502687,VS0,VE96
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFTVJL-9B7xCmhNjdfZrXnQ&google_push=AXcoOmR2c6o_QEOfNuGwv3rUdhLnFZFsL9FA_9Ux40l-jakaKloYJQ23thF40Oc3C37K_3yK50sNaLFaAj6d8CMm8OhzTxaf7hObJSvNoLPXND3lf91LRkvHjREikqhVAieUSDHvYJMJG_m_zGtg_IkifDUZjEE
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 40D1
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECEksuR4OzmCP9aHDD1OE6U&google_cver=1&google_push=AXcoOmR4NsiDOQ53yXpHlHcWf4sReY1m4RSCuIoblGo_Hd9GucBij1mtdhgebBeVyEabQWsmqNoJsqaLkHQalrL2CO0u1RBDb1Kj0w...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=214F00E5C5F54DE698EFBA321C0A51E4&google_push=AXcoOmR4NsiDOQ53yXpHlHcWf4sReY1m4RSCuIoblGo_Hd9GucBij1mtdhgebBeVyEabQWsmqNoJsqaLkHQalrL...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=214F00E5C5F54DE698EFBA321C0A51E4&google_push=AXcoOmR4NsiDOQ53yXpHlHcWf4sReY1m4RSCuIoblGo_Hd9GucBij1mtdhgebBeVyEabQWsmqNoJsqaLkHQalrL2CO0u1RBDb1Kj0wan0bAymtJKPTPy-b49nxNZz-etUHQ2zMcBkSlfkjq3cTg5sb2VXtZWDg8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=214F00E5C5F54DE698EFBA321C0A51E4&google_push=AXcoOmR4NsiDOQ53yXpHlHcWf4sReY1m4RSCuIoblGo_Hd9GucBij1mtdhgebBeVyEabQWsmqNoJsqaLkHQalrL2CO0u1RBDb1Kj0wan0bAymtJKPTPy-b49nxNZz-etUHQ2zMcBkSlfkjq3cTg5sb2VXtZWDg8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 26 Jan 2024 13:09:51 GMT
pixel
cm.g.doubleclick.net/ Frame 40D1
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEMu4KaDr2P_TJOCCpIKFaQA&google_cver=1&google_push=AXcoOmTiuyR3JJhuGEdvfWiYfWMWzCfffKcddp8Dh52nr5WXzfFQiABctJwd8OH8057McwvVQszQCr5sIn7131EP2LXijuCNDXLy9...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTiuyR3JJhuGEdvfWiYfWMWzCfffKcddp8Dh52nr5WXzfFQiABctJwd8OH8057McwvVQszQCr5sIn7131EP2LXijuCNDXLy9JE0lphGbyilu7wR4J8r8myYh7rurLqQ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTiuyR3JJhuGEdvfWiYfWMWzCfffKcddp8Dh52nr5WXzfFQiABctJwd8OH8057McwvVQszQCr5sIn7131EP2LXijuCNDXLy9JE0lphGbyilu7wR4J8r8myYh7rurLqQfN5laxRg-2Hu1NUR9i6xG2d0gHk&google_hm=Q0FFU0VNdTRLYURyMlBfVEpPQ0NwSUtGYVFB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 13:09:51 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTiuyR3JJhuGEdvfWiYfWMWzCfffKcddp8Dh52nr5WXzfFQiABctJwd8OH8057McwvVQszQCr5sIn7131EP2LXijuCNDXLy9JE0lphGbyilu7wR4J8r8myYh7rurLqQfN5laxRg-2Hu1NUR9i6xG2d0gHk&google_hm=Q0FFU0VNdTRLYURyMlBfVEpPQ0NwSUtGYVFB
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
x.bidswitch.net/ Frame 40D1 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELulVKmB6lATuO9FCPoJgWE&google_cver=1&google_push=AXcoOmQwQFI0EV1hDYI8Pfcn97qwGJZEEedScUiMNk8KTKxJXtN80mxkQbDculYxa9EmegFq1-uf7-l9uhcxp9AgyFoo_1hPxE0YYGxwYN3q_5Dc14weHhle6xUfcImLpsQ4cZ3CaNqSLh0ePZsplkTt30ktTw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:09:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 40D1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKoNfsGYoa7xB8RFBldyncw&google_cver=1&google_push=AXcoOmQn26k3vt05qD9hPKDS-fPWIrRXDtCnEv1TnsJ3LMouFGZbp35V5HVjKzh4DFGNkKWuFweVSLFIn6g7...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQn26k3vt05qD9hPKDS-fPWIrRXDtCnEv1TnsJ3LMouFGZbp35V5HVjKzh4DFGNkKWuFweVSLFIn6g79YvNyCJOnIsQsWdr4nF_n0l8TTSxQh3DtCyE...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQn26k3vt05qD9hPKDS-fPWIrRXDtCnEv1TnsJ3LMouFGZbp35V5HVjKzh4DFGNkKWuFweVSLFIn6g79YvNyCJOnIsQsWdr4nF_n0l8TTSxQh3DtCyE767VJczs3jkEFH8BzgaBga1LnfZIyW7hx71tB08
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQn26k3vt05qD9hPKDS-fPWIrRXDtCnEv1TnsJ3LMouFGZbp35V5HVjKzh4DFGNkKWuFweVSLFIn6g79YvNyCJOnIsQsWdr4nF_n0l8TTSxQh3DtCyE767VJczs3jkEFH8BzgaBga1LnfZIyW7hx71tB08
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 40D1
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESECnyqFJgtvNO4X8tEhU3RQk&google_cver=1&google_push=AXcoOmROskA_ykLeyvhOoNs5UzksOFKEW6F4M_kMJc2L99DDDr_Bx_IzM1VDmUvAgf...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmROskA_ykLeyvhOoNs5UzksOFKEW6F4M_kMJc2L99DDDr_Bx_IzM1VDmUvAgf3xLw0j0QEXiXyGAMR7R5c6-2i-fndKkHel1pkGl836TBRjP2...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmROskA_ykLeyvhOoNs5UzksOFKEW6F4M_kMJc2L99DDDr_Bx_IzM1VDmUvAgf3xLw0j0QEXiXyGAMR7R5c6-2i-fndKkHel1pkGl836TBRjP2w3SmRHvyEC5xv9RBTElOsYjcpKfeRT_hRdQ5codkp9VJ70&google_hm=AMm0m7MWSlmMmQv5Qps_ht0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:50 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmROskA_ykLeyvhOoNs5UzksOFKEW6F4M_kMJc2L99DDDr_Bx_IzM1VDmUvAgf3xLw0j0QEXiXyGAMR7R5c6-2i-fndKkHel1pkGl836TBRjP2w3SmRHvyEC5xv9RBTElOsYjcpKfeRT_hRdQ5codkp9VJ70&google_hm=AMm0m7MWSlmMmQv5Qps_ht0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 40D1 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JziALbD_eqFKUms81IRw-RW-1xi4rslf14Sfh8cW1mh2wSHuHpym21APeuaidvtA4B-pUfjA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 8F8E 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpzikngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT2AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn5cOO16pZu3cRkEbRyTLZSo9UImmzJ4mkeBW2eqkHARXhhxmLEgV4AG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1MzgzNzEyOTg2ODUzNTcYAA&sigh=gYqf9SjZqGU&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_-HTkLvw5v6wQCfqBHt3mfT-TdBvk1JSjPhsJdjHNUHVwTtquIDfb-tOQo4MF8w19FmR2pQ9yMuU7gddqCFUZvTEEZYAnkf-z4oUYAQ&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 13:09:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 8F8E 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RO0HfJ2DYgICAAAAFwkiwqTqz5IQngC1ZVs9ncRCx66tmK4AABIAAAoKQVFVRER3RUJEdw&wp=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:50 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
156633
server
Kestrel
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame 757D 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8AxingC1ZfSJG5LxxtYP7Im1-AjJntKxXPXalvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT7AU_QWdSnDbBsy34XjM3nRLsJSFmalmLF33SdAsNJ0K05DrdjsAB-OOj9EOmmA6QQCAzEcUqCR9Nj9FjjgzEGJqAO2IVHSKCoXMjguYEeomxfM-ADwSOPUKHNcKPllLb0YvzHJegspXY4hD84OAc--RxgWzYXZIDE0PhGd4-IDt4me01ys9OuNoGBM7VdEAzvIwjgJFKEc1b7Z_VLb9VkdlmoGovVhs0rko1k0QJJqTkdUHvepspJ6XDjSRFQGwK6beJ95KiaJQaNSi2hUuc8_9hjDT6elWryGL2PIrAKm79MpjtqsWo1dLUj3T5d_WjHF9d0KLglaA0aAMsfgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY8YnDhdL9gwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzUzODM3MTI5ODY4NTM1NxgA&sigh=-TmdpQIVlzk&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_MqS2rTEnMTdzpDGfMPIqpJUWeEvJUQZXst_P-ia-ya-GfnvjjEjPYV5qUp7mQtVeg2K7DsJVwvoil4FsESH7DR6wqYlkvQA4PRgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=685168323&adf=3878751071&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989930&bpp=1&bdt=873&idt=413&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=416
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=685168323&adf=3878751071&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989930&bpp=1&bdt=873&idt=413&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=416
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 13:09:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 757D 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RMIDmAKdg2ICAgAAAC7R0o8NOVh-EJ4AtWWKmuyC2iuI4lMCAAASAAAKCkFRVUJEd0VCRHc&wp=ZbUAngAGxPQE0biSAA1E7N47ouh2b6heyo5X7Q&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=685168323&adf=3878751071&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989930&bpp=1&bdt=873&idt=413&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:50 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
124574
server
Kestrel
content-length
0
truncated
/ Frame 6D2C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14ad4fd3668ead3ed3c34f96a2df38554ca3aa1a5e048bf4f8cfe2f9a6c23081

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6125 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kyfpterjz0dbjxsc3tv8sdtrj9a1dhgqf7g95tnpswpxk34gmnpmxkgjsbs2fyb3nyb9xpsf1p1xgc9yc4rnp5ct9zebbeq43sav285ymhhz47kze76qerbjey1p2mppthywd98v56vzpgrer3hvtebkbk737gwn1nf12k6vz5yw74f3mx4t0zq6cac5d4m2573tts45ecb7mqjkndj5xy9npst20xq64wwrj71d89bj3746d812z98mr63261tnzeyzycw9rh0qhgj3rbfe16dmpdb3c66jpew7evy2h51exh9qv54et39dzy6qdpy4asfs9eg3hdh5hwmegept69c7adddvrcz7eba431ba3zx7y12g6beth2mt2m8jf3506j40xkghm9b7fd53xy1bvfhrm93r9rkw1br94g543y4zjhwvexw9ktkwte46wek524k7f0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kyfpterjz0dbjxsc3tv8sdtrj9a1dhgqf7g95tnpswpxk34gmnpmxkgjsbs2fyb3nyb9xpsf1p1xgc9yc4rnp5ct9zebbeq43sav285ymhhz47kze76qerbjey1p2mppthywd98v56vzpgrer3hvtebkbk737gwn1nf12k6vz5yw74f3mx4t0zq6cac5d4m2573tts45ecb7mqjkndj5xy9npst20xq64wwrj71d89bj3746d812z98mr63261tnzeyzycw9rh0qhgj3rbfe16dmpdb3c66jpew7evy2h51exh9qv54et39dzy6qdpy4asfs9eg3hdh5hwmegept69c7adddvrcz7eba431ba3zx7y12g6beth2mt2m8jf3506j40xkghm9b7fd53xy1bvfhrm93r9rkw1br94g543y4zjhwvexw9ktkwte46wek524k7f0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%26client%3Dca-pub-7538371298685357%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1751314
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgvCIkVOwP4V6%2BlEomEzPb2OToHaKocuLvIRTk0AI%2BYR%2FCGSMHfMIiacPzN%2Bd%2BLEl7ZYAY6WQaV2icfTICeNuwgFq%2BPdpGn9Rq2irD3mb8W1XsvNIoyb6sI8zwcabW2o7Nqc1cReXyY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
84c13b850eda8fdd-FRA
expires
Sun, 28 Jan 2024 13:09:51 GMT
r62eglto.js
ad4m.at/ Frame 6125 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kyfpterjz0dbjxsc3tv8sdtrj9a1dhgqf7g95tnpswpxk34gmnpmxkgjsbs2fyb3nyb9xpsf1p1xgc9yc4rnp5ct9zebbeq43sav285ymhhz47kze76qerbjey1p2mppthywd98v56vzpgrer3hvtebkbk737gwn1nf12k6vz5yw74f3mx4t0zq6cac5d4m2573tts45ecb7mqjkndj5xy9npst20xq64wwrj71d89bj3746d812z98mr63261tnzeyzycw9rh0qhgj3rbfe16dmpdb3c66jpew7evy2h51exh9qv54et39dzy6qdpy4asfs9eg3hdh5hwmegept69c7adddvrcz7eba431ba3zx7y12g6beth2mt2m8jf3506j40xkghm9b7fd53xy1bvfhrm93r9rkw1br94g543y4zjhwvexw9ktkwte46wek524k7f0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
370133
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tahS02yrb67U4qMjhV67BSENUFa4tUaasOPWM4Hv3VgOj8DgdZj9id49DMM2wAygZN3URDIzwXeSoQfdPKOGjEi%2F7xlB1SJPpbFJvEds2RduOoeKBlu89Pz%2BJh%2FEyPRloN8Z76I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
84c13b852ee88fdd-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jan 2024 06:20:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6D2C 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgY3pngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE-QFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoTLNbo3MLwAnGUbf98S-qRic4O01BBC7KXhzDv2tOvOjd-PHd1GuABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzUzODM3MTI5ODY4NTM1NxgA&sigh=bygCgJq5QRE&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_TSxPlqx3uFbEJxAPPn0M_k4qSbZ_ViYRVJPI3e4MplzUiIIuj374KnriX4_sJCcn1nCNSEZTGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 13:09:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 6D2C 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gssy668k7ddehcw16vxw1tjv3fsw3a2w4hr2qwzpngrkxrg7f25nf0wrhgx16ebwk29srqd25qan2q00y1m5bkavahwnzgw6kahs77ajeb37kp661wwphxj6tf8key6qzhav3f3vxjcasa2b5ggc845h5z4kkpjefatx6rqjta6wda275q8c63nqcc4gtvn5smr5641tbp4fe77adr15f0d1m7wdkd5r1rfznkq2nw3c9t174pvsapp7bg7t8vbzdg208hf5yw7dha0qn8ahxyk6ghyje2693a7n1hqxnsjtf925va5az9sbkwgphqdh87wkty7csdrs6nk485mvf6x7cmktea9qmp7rcjgvkqmpccb32cw94vffjkp4cz2dhbtqm3m92tkah8&b=ZbUAngAOr6MGdhanAADkbChFfUBf9Znz7jJ-2g&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=50&adk=1439213102&adf=3825658272&pi=t.aa~a.3874535753~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&to=qs&pwprc=5903923013&format=450x50&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360990839&bpp=1&bdt=1783&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55ba592f6e5737fa%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q&gpic=UID%3D00000d4aaa78670e%3AT%3D1706360990%3ART%3D1706360990%3AS%3DALNI_MYohKHAys--NbFGIkSMZXWC7ftapA&eo_id_str=ID%3Dcf0843790bd98e25%3AT%3D1706360990%3ART%3D1706360990%3AS%3DAA-AfjbfpE6rmMzTIpfDnJR3kVGw&prev_fmts=0x0%2C450x280%2C450x280&nras=2&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 13:09:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6125 		350 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5878239
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MROZ2kSaQESWJ4X9Y7vzQuDIskGIJvqQPG%2Bd2rkKeFA%2BfXl3j2lTlGgAq5384KbrzI6eoRu6i%2FUJsr6ft3EGAKknRq5InE%2Bs5nskWLoZcGVpk3MHfexm7o%2F43Gh%2FUxl1UVduXoepBeMwK075pJCnDkht"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84c13b865f0837fd-FRA
expires
Tue, 19 Nov 2024 12:19:12 GMT
cookie-frame.html
ad4m.at/ Frame 1C3A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2367677
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
84c13b857a3b6ab9-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Sat, 27 Jan 2024 13:09:51 GMT
expires
Sat, 30 Dec 2023 10:37:00 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL3x8cWdUpbMCjmUrnB%2BISskb3aRvv3Kl%2BOeE%2FcZeswFAvFu9U3ThNO%2B6sCbtCm4uFAjZo%2BvRlYqQAw6MCu9DHD91oJ3UFRYwh8TjR6Q6bNLvdbqIK7u9GBllKoPeulCXZxebG8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84c13b869ac5049b-FRA
content-length
24
content-type
text/plain
date
Sat, 27 Jan 2024 13:09:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKCgz9g4C4ZuwLLOlSLzTdltpi791jK%2F%2BeFNXZYm1eEYUQXmDnN%2FZNqTjIGIGBK2EW6DyYfiLMtIcf40g8iJ%2FuGxqQl3pPfBp2y61GBj%2BW6k%2FVSKlZ24IAbakPusofF8k0SKDGs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-fjnr
rs
ad4m.at/ Frame 6125 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e0b6c48a585fa2789ef6e999b8e5cd6029690b674340c5f69ac4674bd9f430

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4MTPYylN35KkJWYDD%2FPGHrSwUXdlPfAdpkNiPPEQaDzu5DsB7S9kuED3vZCfYEeXTD5niRv0ZJTtI8AFpjcWj1uM2oTjznPjbJjBmPNzcXypngUglS7buZ9%2BSJgRRhlclN6g4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
84c13b86fb2b049b-FRA
x-backend-server
aa-reachservice-group-europe-west1-fjnr
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7538371298685357&plah=newyear2022.ecarepk.com&bust=31080696
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7876255b24664dfb21da1eebf1eca0e711c3c54bdb674dbf2cf97e50066ee28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12333
x-xss-protection
0
rar
as.ad4m.at/ad/ Frame 53C6 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=86b418230bfcf36970a3031ac0d04652%2F4319365691901555846&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1706360991797&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1grz4t06w2t1rg90dfxrzmek176343p98wtwt3jkqnpnxcg9ex094q39s4962echt9p07pj6h41mhek8we2v4m0803qhdnjwpsd15ptnmh9c05hrv1b0t6w7p2tvfrwgdv18rzwjq90g1reea44yzx45gtkwtmn1dp5t26d6p3256xavkenq3nss1889pk50zw80zsxavwy7xg5hx7h5qe80kr27cf2ra2p2sss3v29khrpe16v8mjjhsws2aqs0wt6t75d9rbzm6wf6611qyapw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%2526client%253Dca-pub-7538371298685357%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1508c46eab07f0e2728ab02b5bca20d396ae00eadf4b6f689613cf8d56d31028
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kyfpterjz0dbjxsc3tv8sdtrj9a1dhgqf7g95tnpswpxk34gmnpmxkgjsbs2fyb3nyb9xpsf1p1xgc9yc4rnp5ct9zebbeq43sav285ymhhz47kze76qerbjey1p2mppthywd98v56vzpgrer3hvtebkbk737gwn1nf12k6vz5yw74f3mx4t0zq6cac5d4m2573tts45ecb7mqjkndj5xy9npst20xq64wwrj71d89bj3746d812z98mr63261tnzeyzycw9rh0qhgj3rbfe16dmpdb3c66jpew7evy2h51exh9qv54et39dzy6qdpy4asfs9eg3hdh5hwmegept69c7adddvrcz7eba431ba3zx7y12g6beth2mt2m8jf3506j40xkghm9b7fd53xy1bvfhrm93r9rkw1br94g543y4zjhwvexw9ktkwte46wek524k7f0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%26client%3Dca-pub-7538371298685357%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
84c13b876cbb6ab9-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:09:51 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7538371298685357&plah=newyear2022.ecarepk.com&bust=31080696
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 13:09:51 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 53C6 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=86b418230bfcf36970a3031ac0d04652%2F4319365691901555846&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1706360991797&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1grz4t06w2t1rg90dfxrzmek176343p98wtwt3jkqnpnxcg9ex094q39s4962echt9p07pj6h41mhek8we2v4m0803qhdnjwpsd15ptnmh9c05hrv1b0t6w7p2tvfrwgdv18rzwjq90g1reea44yzx45gtkwtmn1dp5t26d6p3256xavkenq3nss1889pk50zw80zsxavwy7xg5hx7h5qe80kr27cf2ra2p2sss3v29khrpe16v8mjjhsws2aqs0wt6t75d9rbzm6wf6611qyapw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%2526client%253Dca-pub-7538371298685357%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=86b418230bfcf36970a3031ac0d04652%2F4319365691901555846&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1706360991797&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1grz4t06w2t1rg90dfxrzmek176343p98wtwt3jkqnpnxcg9ex094q39s4962echt9p07pj6h41mhek8we2v4m0803qhdnjwpsd15ptnmh9c05hrv1b0t6w7p2tvfrwgdv18rzwjq90g1reea44yzx45gtkwtmn1dp5t26d6p3256xavkenq3nss1889pk50zw80zsxavwy7xg5hx7h5qe80kr27cf2ra2p2sss3v29khrpe16v8mjjhsws2aqs0wt6t75d9rbzm6wf6611qyapw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%2526client%253Dca-pub-7538371298685357%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2452788
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75JF%2FG82SAOx8nzbK8rU6U9u2Jq5VaoapvKHxWRkjz3dOpQ%2FVvB0e5IO8QTqC8a7kqa%2F6EOVPjkQljECFGOQ0jRLl5n2oEkJPZOwLy8%2FTroQKwFdjGjm%2Blyw9zAUTA7v48%2FbiqbYN0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
84c13b87cd2f6ab9-FRA
expires
Sun, 28 Jan 2024 13:09:51 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 53C6 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=86b418230bfcf36970a3031ac0d04652%2F4319365691901555846&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1706360991797&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1grz4t06w2t1rg90dfxrzmek176343p98wtwt3jkqnpnxcg9ex094q39s4962echt9p07pj6h41mhek8we2v4m0803qhdnjwpsd15ptnmh9c05hrv1b0t6w7p2tvfrwgdv18rzwjq90g1reea44yzx45gtkwtmn1dp5t26d6p3256xavkenq3nss1889pk50zw80zsxavwy7xg5hx7h5qe80kr27cf2ra2p2sss3v29khrpe16v8mjjhsws2aqs0wt6t75d9rbzm6wf6611qyapw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%2526client%253Dca-pub-7538371298685357%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4959386
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrVGBfjaIbIjVqOMhBSvK4FXCEk5GtCEQRKVkkcqV7nWQlxqbarYnpZbRvBMzoq3ucmKsEgNo1xXpRUhHiiRytKUlWkJXIFxUFebilaclY4YF1IeomsKroHWJKvYrH5FcuhR%2FWE7OX7mupMz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84c13b87d9568fdd-FRA
9FB056525501524262388D97DEDDB09AEB7E375E0B62F61BF671559B79A15D7100305FA36C0A16F6413D9771A7EA1F14F1497DE1656B28A0779F6CDD55130A1C
assets.ad4m.at/ Frame 53C6 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/9FB056525501524262388D97DEDDB09AEB7E375E0B62F61BF671559B79A15D7100305FA36C0A16F6413D9771A7EA1F14F1497DE1656B28A0779F6CDD55130A1C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=86b418230bfcf36970a3031ac0d04652%2F4319365691901555846&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1706360991797&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1grz4t06w2t1rg90dfxrzmek176343p98wtwt3jkqnpnxcg9ex094q39s4962echt9p07pj6h41mhek8we2v4m0803qhdnjwpsd15ptnmh9c05hrv1b0t6w7p2tvfrwgdv18rzwjq90g1reea44yzx45gtkwtmn1dp5t26d6p3256xavkenq3nss1889pk50zw80zsxavwy7xg5hx7h5qe80kr27cf2ra2p2sss3v29khrpe16v8mjjhsws2aqs0wt6t75d9rbzm6wf6611qyapw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%2526client%253Dca-pub-7538371298685357%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e61065657240f494e42b23f80d0a0ed0d3d6cbb2405b6d599e6d4687e1828b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1611492
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
36812
cf-bgj
imgq:85,h2pri
last-modified
Mon, 08 Jan 2024 21:31:39 GMT
server
cloudflare
etag
"423ee60d766ebce01b5d2ae586006477"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVHJi%2BjggNiqlfLs%2Buss%2BvNITSNvwcxyfDbluUu4RNgj1EU4tBWeonCiFg19iPDgp3M53GDxu0TDOh%2Fu%2Fw0P%2BESboFsPZuVUUn57OwjYyXG5PQ0tuN6%2BXZ%2Ft5B847ZFx4k2e7l1bFGDMmD2q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
84c13b87d9578fdd-FRA
2aed39855b5f46b7d90f959867be60f8
pv.medialead.de/trck/epv/ Frame 53C6 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=86b418230bfcf36970a3031ac0d04652%2F4319365691901555846&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1706360991797&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1grz4t06w2t1rg90dfxrzmek176343p98wtwt3jkqnpnxcg9ex094q39s4962echt9p07pj6h41mhek8we2v4m0803qhdnjwpsd15ptnmh9c05hrv1b0t6w7p2tvfrwgdv18rzwjq90g1reea44yzx45gtkwtmn1dp5t26d6p3256xavkenq3nss1889pk50zw80zsxavwy7xg5hx7h5qe80kr27cf2ra2p2sss3v29khrpe16v8mjjhsws2aqs0wt6t75d9rbzm6wf6611qyapw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUXzAngC1ZaPfOqet2OMP7MiDkAiQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03NTM4MzcxMjk4Njg1MzU3yAEJqQJn1FlvWTWyPqgDAcgDAqoE_AFP0HG7HDhazqgW4t9-otzy_mMEPD0cSA_Vnjw90hy0ywU1XzjZ5nlzIteBHe8WL3PkFlax38kTz2a7i5FGFt6d4U4IW3vDinaYAnUBek81tknAe6MhtSO8UvmnJZiFnZN4lY2Vk00ERcCWQSZIII0kNfwJfU7gAQFz-VYLu5hrj7uivZNImTlK0lv7yzNrHiQTHV_8e5jCUSrM7Mu9R3WiRn9ZkowLdt7ffkj5Qzig__t8IyS7DG3ccgfvPYdxjjqBJoc4Klxn6bAtTpZ0bpfyMwPoDrF6MaTyR0kO1v9rK2Y4tB4sMeBLKjYX3t6KLZPaosTFLS1ClKOEP0CABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYs73hhdL9gwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5HLZ5pQ1NPjNG5chZ7V8SzXm2w%2526client%253Dca-pub-7538371298685357%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:52 GMT
attribution-reporting-register-source
{"source_event_id":"17200573720104426","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4CF9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newyear2022.ecarepk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3636
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 12:09:16 GMT
expires
Sun, 26 Jan 2025 12:09:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8B0F 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a05879a715af4d8132fa4359f010afc8ed7e7182fc99a44043da5ced6e58eaaa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h5eW1SDBC1bt3zfg4Ok8rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newyear2022.ecarepk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-h5eW1SDBC1bt3zfg4Ok8rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:09:52 GMT
expires
Sat, 27 Jan 2024 13:09:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 4CF9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 12:09:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
3635
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Jan 2025 12:09:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8B0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=2847983070038611&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4CF9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iUjxkw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:09:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8F8E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQXTVuco8E3v66py0AHvW3pvSNFysSI5Evo7dJA2iwS2Xi7K-MGRsKMNXsAo5NY73PnEgP8F50GTnfXJorYY9GabpREI-O4K8UFuBsDpI0XxGD71H6AL2_wgEDbAgV&sig=Cg0ArKJSzJluc77lmVOqEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=86,769,1000,1012,1012&tos=86,683,231,12,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170636099100&rst=1706360990951&rpt=391&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:09:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 4F05 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=_M2dLr4e1keeN3Yeg1-4Ufw3ZTL1AG5Xsk_UKBnpjjB4NGp4cgc6693nMqWSYunDKt3jnDgT250vHEIJXb69YJoVfD2Hw2hb8LG_rQ-YQg2oNWQrVFLgGHBQHoS9qn3aIgeC6I8QjkGgteNnxKy_on9Vzxma4zBjZYnmDbcL7a3jLEJyeXfKUXE93kd2QjQuKOMMKiTGFKUR3ueWdbedwBN417b2OBXd6UufleeHWRHAhc-EBJhQoHVjdP0H7sZ9QXb2mA&sds=2&rev=90371&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbUAngAGyPkGdhWyAA_GDiAZVb5zfN4zDDl6sw&u=%7CCQKkaVVbcMyzXom12P4Wp4goLrlADEgsSfzwkDelgz4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nqybZW4ekH4HQMRsdsHk4jjjMyXRBEFYr6MlsXyH9SEmux2FrXhHlIspdXZmoPOtKovVLbXLhUEPWgphWhjzJ47Pv4_ooSB5JlsszwA2f0iGS5aZuS51O6IotI49JDihmjNNAySWSUbuOk-c_cut8X4D0khLENdFLqTbLjTuLnQgu1mSOBU4aSUOuCAWJNNvgFrH88nA2_g5ApdPzHnsOynBUsRxe8QDXcGOVK7YCcNub6Z-TAwGVwBheQz1DD2JqZKoST2-1-y6_qLo4RPYb_PQoXu3ro5wUK6UdUefBjajs1Zn0ZlbmxeUpqabPdtzofCVl_rnh1P73IOkcnLafeaEGtM_fRbIxMdn4S7MSIZFj0_RF8SWXnUPqmSPJyocVMA22mF2KllTUZXpZrOyyQKhYnHXRTG-D7jmWWF9sk9TDG43f2CvFIwWo290UcrxEym0aMAaItQ19kCzXWOHs3CeVArrHbu1xWf2PuK1Ec3rpbTuS1OT65Lj4Y7e8Jgv5FLZx5uOPWqtN2QFMab0ExvsW4tWr_sYUQy0D9yzd99PIRj9gIK9amd66n1GikITpEfcfrEyNHxFbJEeOAgmenw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCewarngC1ZfmRG7Kr2OMPjoy_0AjJntKxXM2jlvdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTc1MzgzNzEyOTg2ODUzNTfIAQmpAmfUWW9ZNbI-qAMByAMCqgT5AU_QoF0eIQP2N5zosVoWoI-WSPPd2yPIqEARMmTMQ98Ertww_hZhWenhHqCmhyO7kWBFs45izY8dHHhQqmpHxjjG3FxlYPRm4KeyMW1PkiF4bd_tfgE4f3Rnv6cgwWFSeRcd6powrhvw3tzyd4eh4KAncHhT0ZI7sneTiKG2RBMjZlgP1pmQyMpSQN-tJxaesleyiet_w_OP7JL7hxW7LPLYtEiztwSGY029RCDjVXBiKJc3qOSSRINsOHCMayYbkmLszRYcwiJ812A8BeiKWn4eOszoJQhnTL_USsYfDX0M-2UsLThWgsU1k1oMYs8PcgDpUiUAviL_zIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJ_xwYXS_YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qyC54-Sgu86rYeKg5T_1KF3mLLA%26client%3Dca-pub-7538371298685357%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 13:09:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=2847983070038611&bg=!QUKlQg3NAAa8BdJLnAU7ADQBe5WfOFcyxvyDzWNB_1MqyFXOC-pAj0H8APEgZ9RMGUQVC898ygaMfyE5dz6aeZ8QIWs3AgAAAD9SAAAAA2gBBwoAkN4_t9QWYEuuSPEjJw68AdyehSI2xFggoC03in9hqqzbI0cCrXWJNoy4Yl1MTCKzN2mbNzeSughrqHzQqy30zewuyrvJKZR9xHzomFgP3zSkcEXAKqqOP6c2RbcopjW-sJP8LkuPIfWcN2FTsIsIB6f9amXr5ABy49r8x13raShwv6u8Pr-_JMdUspLH8p8gcJkCyrw09vt-JYS_6gDe81fjNxTb_i9-vfiu3G5J25QKWRZZFUqJpqxfLnYgBW9opi1vZS8GmjR3TlJhEvLdaL1BYdB6CjabVOIog0hUaKOUQHk6PH3bpPMyVZ59TtQFq_2CTb8u6vQ1A7aIutijfN1LkHZBNpk4szusD2saT_15HnFxRGrGUYxTUo9wWvYqdN_f0BGrnxPvjiIOqxwND6W8XmqrReVYmFrkukdw1Isi9q8U-lH5jXhTHZCf6BcR51VOfGrYDzgadxB2QP79K_08uFnGBOLOsa1Jy3ZrKiLWNNkUfShRqBHa31xi1ojnSscDmS4xnj5ibQGexxZ5naJwVdjerzIQ7YLKKaBhzyM3YUOUA9SZr-Vlx7eh5jQBt5bKgcCwmTmfKsT4pWsAp0Ln0moNqMTav2WRb2gbUh4W4RgtJY-27XIvOyDuhbMWCLf8Zsli-8gHclnNZVA4f6BMfGZdKl1HeN8kiNpPIAbF080tto9xf10cMe1-HG5KLflbxei-gi80OCChSZoAq9hHYIfOO4jDd-4tr04tC7qRiFC6JNcToRcRC3v9-pE2314usk72klMvGWwkXZimWtesQvp2SdMWN-2O3r5GkJj809rdUnM4vQoEGVC7sQih_U6PbhkWkxl4EDnIdNDIRhQM6gfVozeC_No5U4M4xbJxXa-EoGjdx41QE5O8c-Hni_vYjP7wvfUY6qIDsetpFqAhmJKuhV816KUMaPbb7U2rxtswOfXGZZH_QmPUVY1hx3RKWqub4iD2RItFFwCow8lfzav5UeZ8TNTFBUOd3j7xt4JupkIW-0F4fB3qHqNY3Bnf8EvlPjgD9OGtdPqXwnWN_S7QL7T05lSRcwkEzaPYLyLHPnFfrWDbTV89quHBvThuUNMqZtllwvjb3G7s2FqrU5DtYSFjUYShGaOcLODJC6cK_Js5wtfgfyv9CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newyear2022.ecarepk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery object| adsbygoogle number| myIndex function| carousel number| countDownDate number| x function| PlaySound function| gtag object| dataLayer boolean| $curtainopen object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

16 Cookies

Domain/Path Name / Value
.ad4m.at/cookie-frame.html Name: userId
Value: 7ff02-6Ip2mFqIoLhG0na4A7-BsXypYm
.ecarepk.com/ Name: _ga_J4JFEG91D3
Value: GS1.1.1706360990.1.0.1706360990.0.0.0
.ecarepk.com/ Name: _ga
Value: GA1.2.151192504.1706360990
.ecarepk.com/ Name: _gid
Value: GA1.2.752459724.1706360990
.ecarepk.com/ Name: _gat_gtag_UA_111510798_12
Value: 1
.ecarepk.com/ Name: __gads
Value: ID=55ba592f6e5737fa:T=1706360990:RT=1706360990:S=ALNI_Ma0nPwJYUjKyCUWSXZnI8u1MUoc8Q
.ecarepk.com/ Name: __gpi
Value: UID=00000d4aaa78670e:T=1706360990:RT=1706360990:S=ALNI_MYohKHAys--NbFGIkSMZXWC7ftapA
.ecarepk.com/ Name: __eoi
Value: ID=cf0843790bd98e25:T=1706360990:RT=1706360990:S=AA-AfjbfpE6rmMzTIpfDnJR3kVGw
.doubleclick.net/ Name: IDE
Value: AHWqTUnTytzGvTvn4aJUBjZbGEUjhjv55ezX6TLLVYICk4vUT7aa-i5srnwfqNigNgM
.ctnsnet.com/ Name: gid_CAESECnyqFJgtvNO4X8tEhU3RQk
Value: 1
.ctnsnet.com/ Name: cid_00c9b49bb3164a598c990bf9429b3f86
Value: 1
.simpli.fi/ Name: suid
Value: 214F00E5C5F54DE698EFBA321C0A51E4
.agkn.com/ Name: ab
Value: 0001%3AKPLrvB44iUJkjTPIvoEardStIFVfg%2FRP
.agkn.com/ Name: u
Value: C|0CEAtR70fLUe9HwAAAAAAAQ13AQCAAQpAAAAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZbUAnwAAAM3DvQA9
.tribalfusion.com/ Name: ANON_ID
Value: aJntuJp26Ua8e4OCaQoUx69N31BGUndJFU53iSYL7pnqvCHt8BNTXv4LZbcd6ESULCdWo57C4YMYT1SNsoh6e79Zcv

4 Console Messages

Source Level URL
Text
network error URL: https://newyear2022.ecarepk.com/img/
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7538371298685357&output=html&h=280&slotname=4219775052&adk=685168323&adf=3878751071&pi=t.ma~as.4219775052&w=450&fwrn=4&fwrnh=100&lmt=1706360990&rafmt=1&format=450x280&url=https%3A%2F%2Fnewyear2022.ecarepk.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706360989930&bpp=1&bdt=873&idt=413&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=5503378232960&frm=20&pv=1&ga_vid=151192504.1706360990&ga_sid=1706360990&ga_hid=402595937&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=575&ady=1630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795922%2C31080696%2C95321957%2C95320869%2C95320893%2C95321627%2C95322163%2C95323004&oid=2&pvsid=2847983070038611&tmod=1464299773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=416
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad4m.at
ads.eu.criteo.com
ajax.googleapis.com
as.ad4m.at
assets.ad4m.at
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
d.agkn.com
db.onlinewebfonts.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
ius.ctnsnet.com
newyear2022.ecarepk.com
onetag-sys.com
pagead2.googlesyndication.com
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s.tribalfusion.com
static-de.ad4mat.net
static.criteo.net
sync-tm.everesttech.net
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
142.250.186.98
15.204.22.185
151.101.2.49
161.97.78.118
178.250.1.6
18.193.107.248
2001:4860:4802:34::36
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6811:190e
2606:4700::6812:19ad
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2004
2a00:1450:4001:812::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
34.91.62.186
35.186.193.173
35.214.149.91
51.89.9.254
91.121.248.44
08e61065657240f494e42b23f80d0a0ed0d3d6cbb2405b6d599e6d4687e1828b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
09cde94bfc7f5f9d14191b1799b684b4c4ac7074a821383eb7fee55cecfe0fe3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd27b40c67de8ed58ab223475e23362837367ada689359c6437ccf9b31e6116
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
14ad4fd3668ead3ed3c34f96a2df38554ca3aa1a5e048bf4f8cfe2f9a6c23081
1508c46eab07f0e2728ab02b5bca20d396ae00eadf4b6f689613cf8d56d31028
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b36bd07bb5ee6cc929b75c8ffdd455497b791a419a7ad9b8a7237d67579045e
1cca90308fb1897725dc4305db5c7493e58176eaca69a23f9a7704ffcc6def6b
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
28ca935c6ea5d5c3b05fbc0f9e0f013dc9396906531ada71f646a28e94aced88
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3794087f573b17100e06cce685453e1a9ac6c8ddc3b6044a5191ccc7de4a9915
387b40b67b78526d88ef730fff9386c8d8eba78e400daa028a3c00398f3bd3f8
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
4ab991cfd1c0be8310c33fc6853306e6bde085fe96fcc5d96813a59f488b4c87
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ce4253f435ae1183352b55f8da52e7cc338a4473a00c7593e4780e088fab51
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57fbeff3e5ac489079cbbe78a7dc3ec482a49ba009d487794bc9e2e91f7381d1
5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b94a42eb6dc53e24fdaca1e6e592f43eae44fb1da3704ec2aebe2ce93b7369f
6f345ba86a5be677414a6a2c8552eab2cc0c84a76a81345e6d05253b4357f91f
703c4c10549a08cb4bd9f9052df7063c517d40b330f086ffce83947653c1d8b5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
727ec9e0c40807a1725e2b1b3839de2099389dd9de0e40885f61ad328dc430e4
7876255b24664dfb21da1eebf1eca0e711c3c54bdb674dbf2cf97e50066ee28e
791668590126239e8fda98c50f3040406b816ed80280277ca3f71f9795648495
822ea53b7d5d9188f9dab761d0e5fc00b7fcf936923abfcdc616a781300a614d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
97954a4885270a0311b7c4e028c423e1cecd4885176c990632fc80b5a911686c
98a2fbbfdf666c4b875ed5d04436b77dc3890b85788f085967b51bb0305bbee8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af5d029a2b21e965ae26231f9f27578c6173d521e3e261023e33e87e3c98a30
9b7352f5ead69920d1b7914ae242de89fae162ec60a60e686cf0414523ef703c
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f70e15e12de0807999557996dbe7d3460cdcb2ab74eaf0cb42bfc583aa84d2e
a05879a715af4d8132fa4359f010afc8ed7e7182fc99a44043da5ced6e58eaaa
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b4ae9a254738a91f08b2c8963063f9423fc1d25c2798e383302a6f3c463f98ee
b6e0b6c48a585fa2789ef6e999b8e5cd6029690b674340c5f69ac4674bd9f430
b9191735534a681bee448cbd0a32d8f199600c5fd252d18b0eea135253e6f040
b9c4f80c80658d69f114f21f13e1642ef25d1dc26008f486c940ee7495bdea97
bc98677b8fc84565b57a5c326dba02188b03fa3005be24110c6caf9c7aadca21
beba71c40626784c3bca59b46a2e4fe98d3baf670322f6cc5b8880f997909bc9
c29e6ca0875a3d2234dd561fe33c606e27aebec20cf54de9bde3fd42d1d46e09
c7bb73ad391657cafd0b0aa39101a892bf995dc797f1eabb8d1a814be5551acd
c8f3b8759961e8ec1976bae9c91c5cf4c9526ab5c967c1ad4ab0223280306c9a
c94bc7b9c749864052c3716aea764aeb9f5a155efc130692dc17baf7e05e1ada
cca978ced7bebba2b7d80ae065bb9e970f9edacffc4d842c917bc968cf3eaeac
cfe9395c4123749aad6775581575920bf46b583a6e061985fbfdf462a8095dfc
d0e8c6d1f405ec57c0b4f59124413be2b0dcd8b5ccf8b8bc2f340a76537fcb16
d2c39a5bd294a1894aa91ab99427ddb347ac9990f9d36174afd74846eb7b4822
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
dd70d0ce99c8fce7f144cf9ef8126ea202cce89b6765d958909091b1e207d2a9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b
ed892fa66ada8bdc0c6904b6cd7287737f28636452fb6c3622d8c5c90b9183b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1