www.powershow.com Open in urlscan Pro
64.251.10.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.powershow.com/
Effective URL:
https://www.powershow.com/
Submission Tags: falconsandbox
Submission: On February 22 via api (February 22nd 2023, 8:53:03 pm UTC) from US — Scanned from DE

Summary HTTP 254 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 16 domains to perform 254 HTTP transactions. The main IP is 64.251.10.90, located in Miami, United States and belongs to INFOLINK-MIA-, US. The main domain is www.powershow.com. The Cisco Umbrella rank of the primary domain is 219402.
TLS certificate: Issued by R3 on January 16th 2023. Valid for: 3 months.

This is the only time www.powershow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	64.251.10.90 64.251.10.90	15083 (INFOLINK-...) (INFOLINK-MIA-)
1	2a00:1450:400... 2a00:1450:400d:804::200a	15169 (GOOGLE) (GOOGLE)
87	52.217.89.158 52.217.89.158	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:402::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
12	2600:9000:211... 2600:9000:211a:e400:a:83e6:9c80:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
17	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
8	2600:9000:206... 2600:9000:206f:4800:0:a73e:a3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::f 2a02:2638:3::f	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
254	27

7 64.251.10.90 (Miami, United States) 1 redirects

ASN15083 (INFOLINK-MIA-, US)
PTR: www.powershow.com

www.powershow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

87 52.217.89.158 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:211a:e400:a:83e6:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

revjet.lendingtree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:206f:4800:0:a73e:a3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

pix.lendingtree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::f (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	amazonaws.com s3.amazonaws.com	5 MB
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	511 KB
28	criteo.net static.criteo.net — Cisco Umbrella Rank: 630 csm.eu.criteo.net — Cisco Umbrella Rank: 8410 pix.eu.criteo.net — Cisco Umbrella Rank: 8393	139 KB
20	lendingtree.com revjet.lendingtree.com — Cisco Umbrella Rank: 15624 pix.lendingtree.com — Cisco Umbrella Rank: 16789	101 KB
18	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	129 KB
17	revjet.com cdn.revjet.com — Cisco Umbrella Rank: 6067	253 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	153 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	336 KB
7	powershow.com 1 redirects www.powershow.com — Cisco Umbrella Rank: 219402	73 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 298 fonts.googleapis.com — Cisco Umbrella Rank: 43	36 KB
5	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8334 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15146 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9696	105 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 270	115 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9006	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	603 B
254	16

	Domain	Requested by
87	s3.amazonaws.com	www.powershow.com s3.amazonaws.com
29	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
17	static.criteo.net	ads.eu.criteo.com static.criteo.net
17	cdn.revjet.com	srcdoc cdn.revjet.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.powershow.com googleads.g.doubleclick.net
12	revjet.lendingtree.com	www.powershow.com revjet.lendingtree.com
11	pagead2.googlesyndication.com	www.powershow.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	pix.lendingtree.com	srcdoc
7	pix.eu.criteo.net	ads.eu.criteo.com
7	www.googletagservices.com	googleads.g.doubleclick.net
7	www.powershow.com	1 redirects www.powershow.com
6	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	googleads.g.doubleclick.net srcdoc
4	csm.eu.criteo.net	ads.eu.criteo.com
3	s0.2mdn.net	srcdoc
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.powershow.com www.google-analytics.com
1	rtb.fr.eu.criteo.com	www.powershow.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	www.powershow.com
254	26

This site contains links to these domains. Also see Links.

Domain
powerpoint.crystalgraphics.com
www.crystalgraphics.com

Subject Issuer	Validity	Valid
powershow.com R3	`2023-01-16` - `2023-04-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.lendingtree.com Amazon	`2022-09-15` - `2023-10-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-18` - `2023-05-20`	3 months	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://www.powershow.com/
Frame ID: 66B829F7FBC9DBCBDF7E3E1767497974
Requests: 51 HTTP requests in this frame

Frame: https://s3.amazonaws.com/html5.powershow.com/powershowplayer.html?pid=9756233&lg=n&lse=y&ols=n&replay=n&_=00b353e875fcd723003237bb793d9a7e
Frame ID: B32E6C682E3A58B625EDE05497D2F1C8
Requests: 3 HTTP requests in this frame

Frame: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
Frame ID: A08ECBE6ACF59F2CF158384CAFF777F3
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20190131/zrt_lookup.html
Frame ID: 24B032E184E99E0B71904855B3C447CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=368384325&adf=243876893&pi=t.ma~as.6859575253&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173307&bpp=3&bdt=1932&idt=235&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2403813146999&frm=20&pv=2&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CjWap3z9xB&p=https%3A//www.powershow.com&dtd=258
Frame ID: CD4547D3B4EB37EE1BCBA99F6108C12B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=3005130858&adk=2328504725&adf=2566914574&pi=t.ma~as.3005130858&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173310&bpp=1&bdt=1935&idt=264&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=2403813146999&frm=20&pv=1&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zb5IRqf4tw&p=https%3A//www.powershow.com&dtd=266
Frame ID: 26122ABC76A471C2F3FDB1DFB061DC9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=588683012&adf=849813065&pi=t.ma~as.6859575253&w=730&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173310&bpp=1&bdt=1935&idt=272&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=2403813146999&frm=20&pv=1&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tBkAncFzbH&p=https%3A//www.powershow.com&dtd=274
Frame ID: CF1FC4E58FC339EF1A931F237F4FB88E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&adk=1812271804&adf=3025194257&lmt=1677099173&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fwww.powershow.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173322&bpp=1&bdt=1947&idt=276&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C730x280&nras=1&correlator=2403813146999&frm=20&pv=1&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=290
Frame ID: C08200ACB4DFDBB699A10E36B9438BE2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58449B3CE897A1B307697312A855E662
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D6021426EA1F1AD26BBBD25723FC9ED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CIZprpYD2Y5KjKems7APLz6K4Baf42eVupYKcjuEQqJPMtt4JEAEglsu0DWCV-vCBjAegAYX32f4DyAEJqAMBqgTQAU_QKWTOl2LpFXQfKNx0tkndRxRT8-UoCKaNOYRtud57BWtP9jyOoYKtW0-2hysHQ1ZINo4vasz0Jri6C3-K7DBMzFResxr2Nlee0mzfvPAbJv12mabOOZD_6mijPegVugYlwX9qzTpoKDCx-f7wAUfcvRGESv7P2WnbOp3gZApeRRFrA1CdmQVTc8PR41NhSUOwsQem5yue4KGANSY7Gjb7Rw1Y4zbqHmCLLlhbiKycbkP26yS1BZqKhZCiPQapo70qg7EgAl4G964A9R04f4XABL7oi-CTBJIFBAgEGAGSBQQIBRgEoAYRgAegh60iqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3qkN0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMDUyOTMwNTM4ODI3MDA2MBgA&sigh=jz_F58Vzcr4&uach_m=[UACH]&cid=CAQSGwDUE5ymlodBp9F_Ijjjc8KIMtAKjiGq8cxtOBgB
Frame ID: EBA81511DF5C84517276015009F0FAF6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Ca9zupYD2Y47PJcOK7APs66ngD6f42eVupYKcjuEQqJPMtt4JEAEglsu0DWCV-vCBjAegAYX32f4DyAEJqAMBqgTLAU_QCoBrcRVcxiKc7oYfUc-_kqkwxcZZfh7hYo8wgq_0BOIHfIlTcTvYkTMu-Rttxrop-nZVFWVWpfHixLQhaeQxGtu-s58X3bD0IK-RpPgpkwNPO5DC-Rer5xUtp8euFgvCA_plObbVKLqsGyqB11MG1piFRCQytEkjtvWZStX4_UMdKo0NTm2DW0g2q7VVJ_2Ey0zwVaCz2jTxKhxGZPtV8XYHn1f0OhWZ7f-jZiMVTG_erCw_AmMRBl-jISjgOxHUMzAVn2p-zqdNwAS-6IvgkwSSBQQIBBgBkgUECAUYBKAGEYAHoIetIqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPGvCtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTA1MjkzMDUzODgyNzAwNjAYAA&sigh=av1NZBzF924&uach_m=[UACH]&cid=CAQSGwDUE5ym5YUgbW_T7H3o_QHybQvrW7IrFsMA3RgB
Frame ID: 20B7F7CA485EA6A84D45DA4F25EB3A04
Requests: 11 HTTP requests in this frame

Frame: https://revjet.lendingtree.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: BAC4842EBF18FC971F2A46A68ABF414A
Requests: 1 HTTP requests in this frame

Frame: https://revjet.lendingtree.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: A97B6D99378B2199A3474E06A6FD8E3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Frame ID: A54E302DC01EB9097E54D65F51D17DFE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Frame ID: B644CD92AFA9BD673440B8390631FEA0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1ED24CDC2F479C60C14494E35F8E32AC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Frame ID: 316CA2C79AC5B03BBB476EEDCE424453
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_aApQAJ_7YKexwCAAw50eadMbwyy4JsdN4nAQ&u=%7C4HDPcQf5GbJWVhAY4pR4cD4OIMazupH2KcTlhjQYjLg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHh-E1cp6hbAuV0zmZ7P8dIDBmQ4nR1aE_vTKN9lubsHPkYDiX91SHukUVHbe8vlVpXys183eahF1j3pUssTSv81ovYsrjpJ5alEQNOELg4YZfAu4onaaDB9jdn5NwhtZFcgechRUemGvCfd61txB-laLteon6UXgO_Dur_tmjV0JjJiQtVOuLqQRNMFFCCZByWsBwUJvAC3NtdSNQSViA7uEhV7Ykt2KIwLKvihVtMfM5QkjYGoFToHt8FPLwInmE5Q76MKmt1s3IvY0cRt1ZoA5LRHX0Z3IkqGgAujZ-aOpvvFJuVQY2B_vV9FEgdz7nH_agV2IRWY05-tnS9AJgYr2G-9YRiNsnG9j-STK04tWDRCcsOhm6xri0Fq-4_OwcC_GtVCydoooQw3Zs7feddMeFZMPGaFIJWO5PO8fDVMooklT1ZM6U7mcYvc0WLOtb9jluhwTSF67rHJIKgQKTUJpVvnAsrqFS35aT3gwh_NxoC_9gDlC0KzsOewiJSW2vvB0jlb23e7ztZP1KJATW4ajQtmZNoMcLNSzhJM_aZVHZn9g5pigLHFfwiDtBNrkvHA9HjWQSEFxg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVcw2pYD2Y7b_J4K47APR87CoA8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMDUyOTMwNTM4ODI3MDA2MMgBCakCxWIdQTnesT6oAwGqBL8BT9BI3Ku1VNfN6p4dt5PeUabcvPC1O-g7gkv03BbqKfkLsg92xi1DF30ydtRLR-JVv1C0uTOmzTmQQyn_7RNTcA1OymRhaJbsPRk_5PDD7A_vlvmctkCdWnOfeDY2H90eWj1ZMPpDarSoh-64WWdDnFmWwgUJA22CufHMECcyCHCwPNQKhTO-m0li8i1l10j5k2J7DxY_2W8w565Xy0islSMDz3vCPx9P2_9rNVN4OZGwtYnIiCm8i-awx1jYZbiABsGo56HD_sWwkgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BGmOmyG4xuDtPwkQVqv2muao7BQ%26client%3Dca-pub-0529305388270060%26adurl%3D
Frame ID: 50299D059897BB37E410E5FA21FADDAA
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_aApQAJ_7cKexwCAAw50Xsgi5zLc7aYhN4wMw&u=%7C4HDPcQf5GbLlB7sHzWqejys49u4xPA3a%2FUTPQDJA92g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4UCR1GnmPW4iJoLWqMqsNRmJaQW_AIJ-XPwtQXpW2-B437GTQQuR-cazoAyGAq5HD8HA6lXrJ8yenHIoojXaQfLgU6BMvtcQSs2xZQYQvj9WCDKmux94dPjJQZlLNRR84DIXzE8MdWsyC86hyQJEzdMsi0qDLpcqun0JmZ73wq5mcLHSSixWsHN15MC-aE5KmD6ep7MIDFCqKmYH8jg2QXkoeVWDikkW7QFGjbYpRL9IuSv0BudS51uN7wxoXa6iN2dOp7vhiNwbCXa2rjKepBMt7VhD9ZU5DK7hYvKu9HxHNwDqn5-fAkaRTrkAOTmblsanEYDSm8HLNzwHQGZZlXM9olemhRwZhTcBPXEMbsdX4kndd3thhgZdO5LhWuoQQWvfzBCK9On_1Wt2KHxLyw4YEl8bRTH_nQ_8uQnQ0nMjvgwj4MmB74nUvXFRf96RbbXCEYG8QmBTKFi8tW9QdxqtgyKLYzCGdHMbM5xXXj2dNAtrMH95ddlDEX2MaCC6ea4dHrotS9ooJMw-sSHLVlhvAhxZ_O3c2KT2c_1rUUKwZ16c7cxTtaF-493jbnVuJh4widPpIm3Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3FEipYD2Y7f_J4K47APR87CoA8me0rFchf6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMDUyOTMwNTM4ODI3MDA2MMgBCakCxWIdQTnesT6oAwGqBMEBT9AKTbkjf9Ef8HaoecKl9UAJl6DXtYwT4-uK32XizO_F8PYfhr5GNGcQV7IiyWps4oHu50AEBRmSKwB0jwgzWsbQ_LGR7u0ReO84mbgaQLi4jFezTI5gwbTxQUUXgxMcBYFr6g3uHteEB1SBohe5TsgbzRsVu6cygnIu0Z367rpubVXDDwTB2c9CBvSXNiMYrmPt37cKDkj8CWuU3sgtbB9mBqRM2pDygWYYUzt5-O2HKt1krzGb3j1-_7TloPDzPYAGwajnocP-xbCSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Xo8Fo-n0MFrmmjwxQqfUal3-QVg%26client%3Dca-pub-0529305388270060%26adurl%3D
Frame ID: 905252C90DEE5F8176E1EAE0CFBF595A
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CVybmpYD2Y5SQJdihYsyUk6gFp_jZ5W6lgpyO4RCok8y23gkQASCWy7QNYJX68IGMB6ABhffZ_gPIAQmoAwGqBMgBT9CJFU6a9IS35XFar7oYNTKLn33UWh3iGU_tKa6-90cGuvYcKUigOsTOWsJ2_q607AN1ApP6ko1OVhnpoC1Uj9xHj621yOzNMCTJAdRKZeIqjSknQNBBJxGxb2Dv_8NzvWIOnnSle5veWcHzW88pHa7m7VVpYL8IC5RmCNlY1Sl8qQnmWpX6KlDTQ4UjFtKmO5nPZ5qeLnKtsJgwceT27Ssb3CSTM8a65U4AOSjuMwRwoYUa06V3xZQOZCjv6pwCDHI4IZUT_EzABL7oi-CTBJIFBAgEGAGSBQQIBRgEoAYRgAegh60iqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_aIk0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMDUyOTMwNTM4ODI3MDA2MBgA&sigh=7Ww5ScqkUps&uach_m=[UACH]&cid=CAQSGwDUE5ymdFZxYxV21GpxRDhqkHgktuLScfaLkhgB
Frame ID: 05081872FB36C0323F713DBEEF560E60
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4C4D8369B65924AEAC8F813B5C00C304
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 64FABBAEC9935DAFD58AD7B53B8DE3D3
Requests: 7 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Frame ID: B889D13860B82540576202DA80CC97D4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: AA1F55F34FABA0E627CE952D0711CCE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 13C66D537539E531BE6AD72F7AEC8260
Requests: 2 HTTP requests in this frame

Frame: https://revjet.lendingtree.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: CBFA58AB2DD3CDB7BAAF9D940F5B69D0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Frame ID: 3EC8057E1E0714EDA1B1C2F7A2463968
Requests: 5 HTTP requests in this frame

Frame: https://cdn.revjet.com/s3/csp/1672762103028/style.css
Frame ID: FCF8F66DE7422D234C7ECD6899C0BDE2
Requests: 8 HTTP requests in this frame

Frame: https://cdn.revjet.com/s3/csp/1665783310556/style.css
Frame ID: DFFF24253BFE2E5B79817702339DFA48
Requests: 7 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Frame ID: 991A4A1DAD1D9B213D52AFB20067AE71
Requests: 5 HTTP requests in this frame

Frame: https://cdn.revjet.com/s3/csp/1672762103028/style.css
Frame ID: 24BA29A89FED6AD41C9802BA06C9CBD9
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

View millions of PowerPoint presentations! Free PowerPoint PPT downloads | PowerShow.com

Page URL History Show full URLs

http://www.powershow.com/ HTTP 301
https://www.powershow.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

254
Requests

100 %
HTTPS

85 %
IPv6

16
Domains

26
Subdomains

27
IPs

5
Countries

6958 kB
Transfer

10119 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://powerpoint.crystalgraphics.com/powerpoint-templates.html

Search URL Search Domain Scan URL

URL: https://www.crystalgraphics.com/
Title: CrystalGraphics

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.powershow.com/ HTTP 301
https://www.powershow.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 165

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

254 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.powershow.com/
Redirect Chain

http://www.powershow.com/
https://www.powershow.com/

68 KB
16 KB

1551ms
1296ms

Document
text/html

64.251.10.90
INFOLINK-MIA-

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powershow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.251.10.90 Miami, United States, ASN15083 (INFOLINK-MIA-, US),

Reverse DNS

www.powershow.com

Software

Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9 /

Resource Hash

85d4e365cfb0a4e315975eb037c97c315bdbd78e2960bcc1d6851a3fc30541e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 15554
content-security-policy: default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
content-security-policy-report-only: default-src 'self' 'unsafe-inline'; img-src data: https:; script-src-elem 'self' https: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; connect-src https:; frame-src https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
content-type: text/html; charset=UTF-8
date: Wed, 22 Feb 2023 20:52:50 GMT
referrer-policy: origin-when-cross-origin
server: Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 22 Feb 2023 20:52:49 GMT
Server: Varnish
X-Varnish: 169406559
location: https://www.powershow.com/

GET
H2 200 resp.min.css
www.powershow.com/themes/default/css/ 159 KB
32 KB 152ms
151ms Stylesheet
text/css 64.251.10.90
INFOLINK-MIA-

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powershow.com/themes/default/css/resp.min.css?v=8.8.0

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.251.10.90 Miami, United States, ASN15083 (INFOLINK-MIA-, US),

Reverse DNS

www.powershow.com

Software

Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9 /

Resource Hash

ffd9f1490ba6679eb88cbb0979a21b0513b801e93b156a2dfd8231ce6964eefc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 22 Feb 2023 15:52:12 GMT
content-security-policy: default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
x-content-type-options: nosniff, nosniff
content-encoding: gzip
age: 18038
via: 1.1 varnish (Varnish/6.0)
content-length: 32013
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Sat, 17 Sep 2022 03:53:03 GMT
server: Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9
etag: "27abc-5e8d76a5770fd-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-varnish: 178750778 174824073
cache-control: max-age=864000, public
accept-ranges: bytes
x-cache-hits: 13561

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 97ms
21ms Script
text/javascript 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 13:02:06 GMT

GET
H2 200 common.min.js Show response
www.powershow.com/js/ 20 KB
6 KB 667ms
666ms Script
application/javascript 64.251.10.90
INFOLINK-MIA-

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powershow.com/js/common.min.js?v=8.8.0

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.251.10.90 Miami, United States, ASN15083 (INFOLINK-MIA-, US),

Reverse DNS

www.powershow.com

Software

Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9 /

Resource Hash

cc5fbc11576ed0d67a7ffbc4f1dda25bbaf97b6b7cc14dbc66445d43fac68e0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:51 GMT
content-security-policy: default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff, nosniff
last-modified: Sat, 17 Sep 2022 03:53:03 GMT
server: Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9
content-encoding: gzip
etag: "4f5c-5e8d76a573664-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000, public
accept-ranges: bytes
content-length: 6152
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK loading.gif
s3.amazonaws.com/img.powershow.com/themes/default/images/ 6 KB
7 KB 369ms
136ms Image
image/gif 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/img.powershow.com/themes/default/images/loading.gif
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 576c5e7a7d6ed7b766160ac5fa4fbce22e2993d0f098c2747460227ed43473ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:52 GMT
Last-Modified: Thu, 30 Oct 2014 17:52:23 GMT
x-amz-meta-jets3t-original-file-date-iso8601: 2012-09-28T05:29:39.888Z
Server: AmazonS3
x-amz-request-id: D5VDTJ0RXK1HXT9E
ETag: "46aa908c19ef87532955b20bef60bd4c"
Content-Type: image/gif
Cache-Control: max-age=1209600
x-amz-meta-md5-hash: 46aa908c19ef87532955b20bef60bd4c
Accept-Ranges: bytes
Content-Length: 6638
x-amz-id-2: D9p2oZ8EwjxXsrMEDdKTdGkdxsJ27FFEA76W3lLpGTQ92E0agg7iWUPNNNxffIInx+9m5D5pcQk=

GET
H/1.1 200
OK powershowplayer.html Show response
s3.amazonaws.com/html5.powershow.com/ Frame B32E 30 KB
31 KB 115ms
115ms Document
text/html 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/powershowplayer.html?pid=9756233&lg=n&lse=y&ols=n&replay=n&_=00b353e875fcd723003237bb793d9a7e
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fa86f05478db870d2f391e48483de84eeb0858cf8c40d2e21e04ec7150ff237e

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 30851
Content-Type: text/html
Date: Wed, 22 Feb 2023 20:52:53 GMT
ETag: "790d50589d2d7584985c30c9d0ddf984"
Last-Modified: Thu, 23 Sep 2021 05:32:33 GMT
Server: AmazonS3
x-amz-id-2: 9UxZH/vS/K8gGnqTMFCscOuvOG4RbO+/nNJ5U1vs4HRMXUCv4GkGkV1XX0tmpfUvgatZY0Ur3KQ=
x-amz-meta-jets3t-original-file-date-iso8601: 2021-09-15T08:12:41.083Z
x-amz-meta-md5-hash: 790d50589d2d7584985c30c9d0ddf984
x-amz-request-id: 7MZC5HEZC9XBX0S3

GET
H/1.1 200
OK bluebox-corners.png
s3.amazonaws.com/img.powershow.com/themes/default/images/ 441 B
956 B 314ms
123ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/img.powershow.com/themes/default/images/bluebox-corners.png
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/themes/default/css/resp.min.css?v=8.8.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3edf1cbc24d7398145e847d41480fcd2e2a6a173e8eca87f0017b1ea9044eb21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
Last-Modified: Thu, 30 Oct 2014 17:52:14 GMT
x-amz-meta-jets3t-original-file-date-iso8601: 2012-09-28T05:30:02.312Z
Server: AmazonS3
x-amz-request-id: 7MZ0RFWV25XK43WE
ETag: "48a168e7aaa651bd78cc69cad1646bb8"
Content-Type: image/png
Cache-Control: max-age=1209600
x-amz-meta-md5-hash: 48a168e7aaa651bd78cc69cad1646bb8
Accept-Ranges: bytes
Content-Length: 441
x-amz-id-2: dQ6gn/LtXrTMCKT7qtO14mo8go1bqkPFtf+Gm4Dk8A5HpMh/yxL7/YVUEWQj5OmbP08XMZEhK9E=

GET
H2 200 wideheader1.png
www.powershow.com/themes/original/images/ 591 B
811 B 162ms
162ms Image
image/png 64.251.10.90
INFOLINK-MIA-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powershow.com/themes/original/images/wideheader1.png

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/themes/default/css/resp.min.css?v=8.8.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.251.10.90 Miami, United States, ASN15083 (INFOLINK-MIA-, US),

Reverse DNS

www.powershow.com

Software

Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9 /

Resource Hash

1022a89178d394bb0675fdd5509512db7a4b2c11acc4343c435f9d0e53600372

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/themes/default/css/resp.min.css?v=8.8.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 22 Feb 2023 15:52:13 GMT
content-security-policy: default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
x-content-type-options: nosniff, nosniff
via: 1.1 varnish (Varnish/6.0)
age: 18038
content-length: 591
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 23 Feb 2018 22:19:23 GMT
server: Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9
etag: "24f-565e88d6b70c0"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 172052040 172982660
cache-control: max-age=864000, public
accept-ranges: bytes
x-cache-hits: 13138

GET
H/1.1 200
OK buttons-header.png
s3.amazonaws.com/img.powershow.com/themes/default/images/ 4 KB
4 KB 323ms
125ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/img.powershow.com/themes/default/images/buttons-header.png
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/themes/default/css/resp.min.css?v=8.8.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 59c88ea0438111afc8677753ae9ce6eebad62366ec88cde50254fa9ca4dcdc07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
Last-Modified: Thu, 30 Oct 2014 17:52:09 GMT
x-amz-meta-jets3t-original-file-date-iso8601: 2012-09-28T05:29:56.686Z
Server: AmazonS3
x-amz-request-id: 7MZ25BV3HMV3P0J0
ETag: "d11aea54a72580bce3cf4343940df9ee"
Content-Type: image/png
Cache-Control: max-age=1209600
x-amz-meta-md5-hash: d11aea54a72580bce3cf4343940df9ee
Accept-Ranges: bytes
Content-Length: 3662
x-amz-id-2: boSKM7UXIQjWOB6T3ba7EmvhRaHzfshM3bk4hTh3RmW3qvwBPNw2+RS280u2smsL3fqCjt1oknQ=

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pagination.png
s3.amazonaws.com/img.powershow.com/themes/default/images/ 356 B
871 B 298ms
106ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/img.powershow.com/themes/default/images/pagination.png
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/themes/default/css/resp.min.css?v=8.8.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c2067494c2e4020bae938b3ed900cfff7c5f53a5ac53210e727a6e75e060465f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
Last-Modified: Thu, 30 Oct 2014 17:52:19 GMT
x-amz-meta-jets3t-original-file-date-iso8601: 2012-09-28T05:29:25.168Z
Server: AmazonS3
x-amz-request-id: 7MZF9BAJ2D5SXHGR
ETag: "a2fc51823aad2620df4344f2eec01b80"
Content-Type: image/png
Cache-Control: max-age=1209600
x-amz-meta-md5-hash: a2fc51823aad2620df4344f2eec01b80
Accept-Ranges: bytes
Content-Length: 356
x-amz-id-2: LtljIXoemUdoZqnbXQs5Nd1/2eqc/aEMNiikYbCeMsVnWQwlEWPI3QjVnXtw44FhZ+g3xjkyGnI=

GET
H/1.1 200
OK footer.png
s3.amazonaws.com/img.powershow.com/themes/default/images/ 201 B
716 B 597ms
407ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/img.powershow.com/themes/default/images/footer.png
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/themes/default/css/resp.min.css?v=8.8.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 403673992e02a1adeb721266339c490efe71f81b03354a19e8b71b9a815e81ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
Last-Modified: Thu, 30 Oct 2014 17:52:06 GMT
x-amz-meta-jets3t-original-file-date-iso8601: 2012-09-28T05:29:51.592Z
Server: AmazonS3
x-amz-request-id: 7MZBRSXKD2JXFWST
ETag: "207da71176dc3b43adcf183f4e13a835"
Content-Type: image/png
Cache-Control: max-age=1209600
x-amz-meta-md5-hash: 207da71176dc3b43adcf183f4e13a835
Accept-Ranges: bytes
Content-Length: 201
x-amz-id-2: qt1arUt9FtR+V9ZXLzy/I2UQcxzVHbeZb6vy96h27IBMnCLBJbQ1olZwVQt5u6hkX+bJh7AjUVM=

GET
H2 200 PowerShow.com_logo.jpg
www.powershow.com/themes/default/images/ 8 KB
8 KB 145ms
140ms Image
image/jpeg 64.251.10.90
INFOLINK-MIA-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powershow.com/themes/default/images/PowerShow.com_logo.jpg

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.251.10.90 Miami, United States, ASN15083 (INFOLINK-MIA-, US),

Reverse DNS

www.powershow.com

Software

Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9 /

Resource Hash

1433e6e22a225bacb8efed049c7cf4ee5ae31dfb320b8c37dca690fc2ebf9903

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 22 Feb 2023 15:52:13 GMT
content-security-policy: default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
x-content-type-options: nosniff, nosniff
via: 1.1 varnish (Varnish/6.0)
age: 18038
content-length: 7846
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 29 Jun 2022 10:29:52 GMT
server: Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9
etag: "1ea6-5e293a2284c1e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 172052041 167667129
cache-control: max-age=864000, public
accept-ranges: bytes
x-cache-hits: 11986

GET
H2 200 ps_header_ad.png
www.powershow.com/themes/default/images/ 10 KB
10 KB 155ms
151ms Image
image/png 64.251.10.90
INFOLINK-MIA-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powershow.com/themes/default/images/ps_header_ad.png

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.251.10.90 Miami, United States, ASN15083 (INFOLINK-MIA-, US),

Reverse DNS

www.powershow.com

Software

Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9 /

Resource Hash

d738fe8eea839a2b1a2ea229de259f24e5071d7638d6d1a3c37d1f7730bc5cbb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 22 Feb 2023 15:52:13 GMT
content-security-policy: default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
x-content-type-options: nosniff, nosniff
via: 1.1 varnish (Varnish/6.0)
age: 18038
content-length: 10361
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 29 Jun 2022 10:29:52 GMT
server: Apache/2.4.53 (codeit) OpenSSL/1.1.1n mod_fcgid/2.3.9
etag: "2879-5e293a2284c1e"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 172052042 162360800
cache-control: max-age=864000, public
accept-ranges: bytes
x-cache-hits: 10969

GET
H/1.1 200
OK 3672452.th0.jpg
s3.amazonaws.com/images.powershow.com/ 5 KB
5 KB 307ms
115ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/3672452.th0.jpg?_=20220120082
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 27ed1d8e2de14c8cef6c4d1b85587b812447529c00ca469bc59016b49e22b1ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: ONWlpkbM.goFm0Gs55bUNTHPa.0Ojkn5
Last-Modified: Thu, 09 Jul 2020 06:40:57 GMT
Server: AmazonS3
x-amz-request-id: 7MZ34PWN18XZEH5F
ETag: "457c77b03f23d59b8ff3ce403760ec91"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 4950
x-amz-id-2: bIUZjq/mr5L/QUWpycAv4McbD1iqapbGMTQWvrtIS5ZjWmEvBEzCZDrdFh6Ns1SqWVeqjQHKFjw=
Expires: Wed, 02 May 2035 00:00:00 GMT

GET
H/1.1 200
OK 3674482.th0.jpg
s3.amazonaws.com/images.powershow.com/ 4 KB
4 KB 379ms
112ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/3674482.th0.jpg?_=202201200712
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e07942cd290c68aa71ec0eec535a372fd37a87a34d745c40e30958bdbe97611a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: ALiWL_Uk2pu5dGs2eZosYczX1jlZB3ns
Last-Modified: Thu, 24 Sep 2020 04:32:00 GMT
Server: AmazonS3
x-amz-request-id: 7MZ1X1SS6H8KSF1K
ETag: "0c3d28433b955e874e0bc67f8199e1cb"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3702
x-amz-id-2: yZaw5bTLthWVfWEeR576kADsD0mvT4UM48QeDLlehL/35giGnrQydbD5tFus4jmZVF7/ZRnJ5+Y=

GET
H/1.1 200
OK 9763859.th0.jpg
s3.amazonaws.com/images.powershow.com/ 5 KB
6 KB 126ms
113ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/9763859.th0.jpg?_=20220603024
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: beb348572bb3f63557dd9d79fcba9f9e398ce6cb4bfb1790450891fb63b57487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: fnnaYpBC8QCwVUpjkd6d116zT2vfXBdi
Last-Modified: Fri, 03 Jun 2022 06:18:27 GMT
Server: AmazonS3
x-amz-request-id: 7MZBKC7K3SMPNCMJ
ETag: "b598e6cf88715a249725672c27093a62"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 5311
x-amz-id-2: D122OWjHNY+O3LNPlGtawk7J9sWq7WesUjHbR/1VDrMnfsqjatSg464pLByoqP22g15TsAY1Kuo=

GET
H/1.1 200
OK P1225226110kqBjx.th0.jpg
s3.amazonaws.com/images.powershow.com/ 7 KB
7 KB 132ms
106ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1225226110kqBjx.th0.jpg?_=20210610063
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c37a091722b8a0adc25f3b897115743a6b4af2689d9ed96de04fa720ea28db8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: g76oxW7E4Vnadg5gmaFLRvxipSF5b2Wj
Last-Modified: Fri, 17 Jul 2020 08:42:26 GMT
Server: AmazonS3
x-amz-request-id: 7MZDZABJRJGFERRE
ETag: "7049de325576d337b9fcb2be56e84668"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 7150
x-amz-id-2: twEQa8XWOvOW/w0Su/LOdu58IAxZLl1ALtuppbVvJhMZ2NHQzndnQ+eU9n2rGlt0hk9JLrn8Axg=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1229025518vgTqh.th0.jpg
s3.amazonaws.com/images.powershow.com/ 4 KB
5 KB 194ms
108ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1229025518vgTqh.th0.jpg?_=20200212091
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8cacc4bcf65398d5c3f88cbb3045bebf1e152c1950aa6d801cd4984175c2a1c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: XOPJjNzFUuQstq5ioNXmvVXNhHR0VyFV
Last-Modified: Fri, 17 Jul 2020 08:42:46 GMT
Server: AmazonS3
x-amz-request-id: 7MZECHFKS1NBESAR
ETag: "9ee8704312685f9a2d28d8fcef727e37"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 4502
x-amz-id-2: d4pMoX6E74nMZA0qOD750OjXt/2JfYgLyO0POIQqgQowoL/LuJsGftCiEcmpxAkkgnYDAvT08o8=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1229294960jAWTV.th0.jpg
s3.amazonaws.com/images.powershow.com/ 5 KB
5 KB 215ms
134ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1229294960jAWTV.th0.jpg?_=20190916063
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: df92f3c45850a67cee93edafc465ea688e9730c6e755c54fb0c2d850912e605b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: OFq4sSPo8TZ.fQy3CqoShGiZTYNFf2B3
Last-Modified: Fri, 17 Jul 2020 08:42:46 GMT
Server: AmazonS3
x-amz-request-id: 7MZCDCHDGCGXJ91T
ETag: "c68b985741b75a271b01f5b74a8c1a2b"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 4676
x-amz-id-2: qfF4JzymQKQCVWh8Th41B9/SXJw1Ef0oBrMIenHq4OEKuef5BjhgNybuI+vuk+JW/LfroOHdRQQ=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1233102901RfoIj.th0.jpg
s3.amazonaws.com/images.powershow.com/ 4 KB
4 KB 217ms
108ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1233102901RfoIj.th0.jpg?_=20190915097
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2e8974989ebd36d57aaeb68d12d16fd6da2055702b897db8582e300b5a881e7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: L5_x03dL6GXKTIai6tILuqtFpIbGgTXM
Last-Modified: Fri, 17 Jul 2020 08:43:18 GMT
Server: AmazonS3
x-amz-request-id: 7MZ80DZASWQ8NEQ9
ETag: "4ade2fbb5e79167d8e5a253c68ec117e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 4069
x-amz-id-2: QkDCC6aD56TFAuKiLQ5u5wUvU6ILvPUEkP53fbUTlY8vh7Tp0ih01cnt4SfwAs5LXKARw7rPaaU=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1233429133aGMJd.th0.jpg
s3.amazonaws.com/images.powershow.com/ 3 KB
4 KB 208ms
123ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1233429133aGMJd.th0.jpg?_=20190915065
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 044931dbcd875995e1ccebe1bcdfc829df69cf6c13108ffeb87efd848c476b94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: KWzp1q5hgWL_m2AMNaYV5miwzhUheFaR
Last-Modified: Fri, 17 Jul 2020 08:43:24 GMT
Server: AmazonS3
x-amz-request-id: 7MZ2T3Y34A54Z4QV
ETag: "d3bb6ef10e961f63c9d7b58332bf9d1c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 3416
x-amz-id-2: BEIPE1RQn0/RXyZnmHyhJW0UjLIEJx7TgqwDLBxrpypeXOxof6qOEUOGK4C6rLGYp+v00YxIdrU=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1241112567Pczwq.th0.jpg
s3.amazonaws.com/images.powershow.com/ 3 KB
4 KB 213ms
107ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1241112567Pczwq.th0.jpg?_=201909150711
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4e689184c283d3a147490721c28cf0cb73d3215ef46d479d958c0667f6551b33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: w.fTMKOl6Z70ftLV2UNe0MCld7ACuEqB
Last-Modified: Fri, 17 Jul 2020 08:49:27 GMT
Server: AmazonS3
x-amz-request-id: 7MZ4DZGKRNQF9323
ETag: "d6c12e330bd8bff7f17653298becc9fc"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 3462
x-amz-id-2: 0cFSb3R0Yg/y0200IWta7on/B4kPbIlFWaPXlzaQk0v+rvZoUygM1y6s3d6vWdFPWBgJRvGUIEI=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1241210231rJsFA.th0.jpg
s3.amazonaws.com/images.powershow.com/ 7 KB
7 KB 149ms
113ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1241210231rJsFA.th0.jpg?_=20200713087
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 44fdd51296bc3a6d6d79b152aa66e57036d48e86e203689703f85ed239494401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: CfJ7CQBFzc6R9nu8TOjN8nJDA9_dMFUY
Last-Modified: Fri, 17 Jul 2020 08:49:44 GMT
Server: AmazonS3
x-amz-request-id: 7MZAYM4FGPJX7V7Z
ETag: "778938bf365932798d19dfeecbb28e44"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 6778
x-amz-id-2: X1ulvgr5lovNL/K0pwV9T+HbR5ujwOVw35M6GTl5BHm91W6mNxBWFywwfnm5YUmioZd722LTRBc=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1241210231fqubo.th0.jpg
s3.amazonaws.com/images.powershow.com/ 6 KB
6 KB 169ms
111ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1241210231fqubo.th0.jpg?_=20200713087
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 622488f31b655814339d16d99ccc6431de342ed127bfd7ef630d962a9a8b4aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: 3ST8jzCild0FdCCVKJ79WeLJXv1FWMR7
Last-Modified: Fri, 17 Jul 2020 08:49:42 GMT
Server: AmazonS3
x-amz-request-id: 7MZB5GJF0VEJYHKY
ETag: "a83fd04f44f30c98f6cf9b3a283bfcf8"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 5888
x-amz-id-2: REo0WQnx6SQzAUT8IP2og3LUfnFmuZ1w+RGAPKRcfv6e+LsoHbLF6N1xSUdeu3bv1DdBvc+Arc8=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1245869569nrZUF.th0.jpg
s3.amazonaws.com/images.powershow.com/ 4 KB
5 KB 122ms
106ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1245869569nrZUF.th0.jpg?_=20210103117
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4793ec8941849e37910a7c064ab83c35c103bae3ce8158688f2f9489fb1e6465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: LeMwGRseL78rqfpM5.uyEUHXXKMVl63e
Last-Modified: Mon, 04 Jan 2021 04:35:05 GMT
Server: AmazonS3
x-amz-request-id: 7MZ67GJP9D1AC7D4
ETag: "d9906c6f1cb2dae64e35cdb9142645e1"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4381
x-amz-id-2: i0LpKe5NHp+NSabQlT0F3Gibu8N7fQ0/QXCCNN6TKS6G9lsb5rzfccaVYMBnjnt50jdaXxU5nhk=

GET
H/1.1 200
OK P1248711736pIVZJ.th0.jpg
s3.amazonaws.com/images.powershow.com/ 3 KB
4 KB 188ms
169ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1248711736pIVZJ.th0.jpg?_=20210103117
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 62388c1dc18724697f0d2157ad52287d5825554f96ee172002321f6ebd5955fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: E7xTCkBKPOvJr0SSdQpci6dxlgO0AEAg
Last-Modified: Mon, 04 Jan 2021 04:33:14 GMT
Server: AmazonS3
x-amz-request-id: 7MZ1XV1PE87XEK87
ETag: "5fb562f9a62f9c5540566ee82da67c60"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3396
x-amz-id-2: M1h8GmDAopontvAeXuEfjZ42pUsUvCcNnADWPNB8WtyTCr2k/t4JjmyC7kkeZQIwmiC0MaYB2Og=

GET
H/1.1 200
OK P1251950787UWMKD.th0.jpg
s3.amazonaws.com/images.powershow.com/ 8 KB
9 KB 120ms
107ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1251950787UWMKD.th0.jpg?_=201909160311
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d761d4bf8029219d06546f80a75d0b56feb3454c0d89fd35fc89ef524c6ed63d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: avDL2isqXBLJX.O6Oiw1X4OycQ8jRN2g
Last-Modified: Fri, 17 Jul 2020 19:21:11 GMT
Server: AmazonS3
x-amz-request-id: 7MZ5RH0DE0T2XFVQ
ETag: "a799b8bd51d6c9b49696a60d6a564f77"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 8254
x-amz-id-2: 7+HPAJljiDV7ibHHf8BbJjlQgIT5kGMsjYxJ6X1Wvf4KxvbpHNVHQBXFcRTaHE5yGKxfTAAugfQ=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1252428266WCFbQ.th0.jpg
s3.amazonaws.com/images.powershow.com/ 5 KB
6 KB 128ms
118ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1252428266WCFbQ.th0.jpg?_=20210103031
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 804cd2edee75cd44b5910874217407b0f6a46b3934b284816c7765558a2961f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: WNPe4A4D.63RaLf7PeY1U16yFEN8_vC_
Last-Modified: Sun, 03 Jan 2021 07:57:32 GMT
Server: AmazonS3
x-amz-request-id: 7MZCCN0CKBYY2GNE
ETag: "531708b568486443c40c03e7407243b3"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 5602
x-amz-id-2: XnaVLy3GhYrsO+GJTiUE1sPfzf6rnaB/9OT0MimOMklbpDbJEuvyKK7KVlqDJ3RAYR7PG5Hft50=

GET
H/1.1 200
OK P1252515911TUNqx.th0.jpg
s3.amazonaws.com/images.powershow.com/ 6 KB
7 KB 162ms
106ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1252515911TUNqx.th0.jpg?_=20200703068
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5a099b60229cc40e7ad52de6cbeb389f0d78ecddbfb32fa001140a3750eb237d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: zyZ2YuwJLcCfRlW_Gn3Uswa1J5PkTTGl
Last-Modified: Fri, 17 Jul 2020 23:46:26 GMT
Server: AmazonS3
x-amz-request-id: 7MZBYDBY7WZ6ZVPY
ETag: "86cd177471bfd1cacd6cf7bdf8cdfe49"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 6295
x-amz-id-2: PhC8MsahmLMQUgmhK7sbu2LHu7hS2OhPjpG0gkttl4RNNR+KdprPR+a5PbBCwZQ8xth1wAYNg5U=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1252719384vFGfs.th0.jpg
s3.amazonaws.com/images.powershow.com/ 5 KB
6 KB 116ms
105ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1252719384vFGfs.th0.jpg?_=20190915053
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: caa7504c1b525e6e9a33620671ef3f56e2847aa0c838a5f6867f10dc226ce315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: EmKkdIHhHjCE15.RS9mit9DO761HvuaR
Last-Modified: Sat, 18 Jul 2020 00:34:25 GMT
Server: AmazonS3
x-amz-request-id: 7MZ23KFSHADC4M87
ETag: "1e291d0631a90069d5872eba8a16d6e1"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 5404
x-amz-id-2: Yzn1vqkHkvg0GzrNkdVy9N1d8h6oDz6xE4YW+EYgNMEBZbnzfHQE+8/RvD1dBT6pq17gmHE+6bU=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1253036830biKlV.th0.jpg
s3.amazonaws.com/images.powershow.com/ 4 KB
4 KB 141ms
109ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1253036830biKlV.th0.jpg?_=202007030711
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4d93649fd78547738513bf871d8b225b69e3dc400b44c9728f161c540e0ef51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: bE2r590_gKGQYQ5yI0tmrlkQXAwEqqUd
Last-Modified: Sat, 18 Jul 2020 01:11:00 GMT
Server: AmazonS3
x-amz-request-id: 7MZ0EXY45YR99CKT
ETag: "85cce55e7acd93d80c147bbff5b8cff6"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 4007
x-amz-id-2: +RP8xd+wCnSf2PNUvkvRHYXMEp6HHw20d97WzqKZlWAs531cWxtkEbQKhjcY0ckdp7b9DhKuLgk=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1253037035Sswcx.th0.jpg
s3.amazonaws.com/images.powershow.com/ 8 KB
8 KB 133ms
113ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1253037035Sswcx.th0.jpg?_=202012280311
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 565f9be2dfca7b5fe2ea6220fffda132a61fc2512e9eb47f0b4e05223836dbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: SNgUtTDFZB4xWVPZR91d15cHVxLsdZg6
Last-Modified: Mon, 28 Dec 2020 08:52:09 GMT
Server: AmazonS3
x-amz-request-id: 7MZ4M7QXXDEG4RXM
ETag: "fa9f59e7377c9f60657466abfa5358af"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8249
x-amz-id-2: z6+Er8f0aqSnlXWXAAHqeCZBYb2aZnu0KcO/xxwtPQbTZ7u1Iy38pkTlfbE5AFP7ZiTGB27CtEs=

GET
H/1.1 200
OK P1254156847BqleX.th0.jpg
s3.amazonaws.com/images.powershow.com/ 4 KB
5 KB 136ms
108ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1254156847BqleX.th0.jpg?_=201806250310
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7ad9ceb3d74deffe2a278b7ab3a40ba3d272717a2dbc2675eb4de87231e36029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: kbpaMDJXlfM0rTjCFDKx2qIPoeU7NEpo
Last-Modified: Sat, 18 Jul 2020 08:56:01 GMT
Server: AmazonS3
x-amz-request-id: 7MZ2Q1ZA3F6PHWDD
ETag: "e2bcf63a8e446f907ed5ab844cd2adf8"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 4301
x-amz-id-2: eZJTrza7rONrlP2ZzRNS31pFG8NF3mfmVcprB7G6FcN2+uJ+V7rON3jinHebtsyh9JHNK8yiTPM=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1254156883ZEDrU.th0.jpg
s3.amazonaws.com/images.powershow.com/ 5 KB
5 KB 135ms
120ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1254156883ZEDrU.th0.jpg?_=20200830048
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c5f1872a2759bf66c0bcc249291d3c9bbe57c54dd3191b226df0a23fd5168f64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: ftnESEsFWejJsISOvPM69bAVjUubMgzj
Last-Modified: Sun, 30 Aug 2020 08:37:23 GMT
Server: AmazonS3
x-amz-request-id: 7MZ3744R81XVT70P
ETag: "b54929126636230830269f677b727fa0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 5077
x-amz-id-2: BNANroGkt1RWB4zTkhY/5u/6UlykeNaIjANnzxZcA6fiZq+cNcIZ7e/LdN3Rtspuf0omCOioUA4=

GET
H/1.1 200
OK P1254845880GerTj.th0.jpg
s3.amazonaws.com/images.powershow.com/ 6 KB
6 KB 119ms
108ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1254845880GerTj.th0.jpg?_=202006220811
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 974bfd78b0bd10e9b3931b2021d4024480c403e8933ac04bf9bbd730aa5737c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: O5db1IiR37ezpnwOdym0j.EqPKOH6440
Last-Modified: Sat, 18 Jul 2020 12:40:05 GMT
Server: AmazonS3
x-amz-request-id: 7MZ5VZZYGD79HNYC
ETag: "22a2a6d904a80e9f6b48ab6aa07810f3"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 6132
x-amz-id-2: lIqjMWwnkCTnBW39zI/Dofqvx5kn8KzVTnVyvIlXuLKezUVCz3WcJCEaCqd6JrZJpFt2PRw+/k8=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK P1256589142OCPWG.th0.jpg
s3.amazonaws.com/images.powershow.com/ 5 KB
5 KB 159ms
122ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/P1256589142OCPWG.th0.jpg?_=202007170312
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1d71ad4d7d240bb7931338a28bcd50177029759d7cb81ca867c21e296818314a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: th.dY_Bkx8ysnxU.vx7cRMZCOPdv94AC
Last-Modified: Sat, 18 Jul 2020 15:30:38 GMT
Server: AmazonS3
x-amz-request-id: 7MZ20WK7N6HXPR7R
ETag: "c9775e67b4b0e754215b6f5ab8ecdbb7"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 4879
x-amz-id-2: eDQViD2EaQVkuItujzhRdnRR3pJDakWwv75xEKY+ys03G23yyiZBIflonpl9BvPUZYrvqwyo96s=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK A1258689797jAodQ.th0.jpg
s3.amazonaws.com/images.powershow.com/ 3 KB
3 KB 144ms
120ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.powershow.com/A1258689797jAodQ.th0.jpg?_=20180326085
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7b6ff64247294d1bc08c4d2a2c878ab753c15addb772f18b11edbb2ffe61ea34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
x-amz-version-id: QqiaJP1bmCauwET.1i89lFHZfcEVLPJD
Last-Modified: Thu, 16 Jul 2020 10:52:38 GMT
Server: AmazonS3
x-amz-request-id: 92XC3VTG5QC6ANDJ
ETag: "d6848f15f071e3dc3e71269d240b3675"
Content-Type: image/jpeg
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 2886
x-amz-id-2: bzBB7t3U3f4ZUSdguwVau8y6Stzs1jHIjmtqU8ldVKssPF6sGjqlVRXfTW0NVibCLy1IQ0RaAqE=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK fullscreen.js Show response
s3.amazonaws.com/html5.powershow.com/js/ Frame B32E 1 KB
2 KB 165ms
111ms Script
application/javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/js/fullscreen.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/powershowplayer.html?pid=9756233&lg=n&lse=y&ols=n&replay=n&_=00b353e875fcd723003237bb793d9a7e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 281d6fa15a0fd49f21872dc72e78c62f3059f67979a348408a473573a5c09821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/powershowplayer.html?pid=9756233&lg=n&lse=y&ols=n&replay=n&_=00b353e875fcd723003237bb793d9a7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
Last-Modified: Sun, 12 Jul 2020 12:51:34 GMT
Server: AmazonS3
x-amz-request-id: 7MZDP5163133FJGC
ETag: "2b20f191bf393519e15e717c300e3bc5"
Content-Type: application/javascript
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 1497
x-amz-id-2: BDL6uVn34z6evO0wfpQ0t79CMUu+zm8kZ8Wha4egHQxL+Amd1hjvbGmTbAARGwMxZx2SSBasawg=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK nav_right_btn.png
s3.amazonaws.com/html5.powershow.com/img/ Frame B32E 19 KB
19 KB 282ms
114ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/img/nav_right_btn.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/powershowplayer.html?pid=9756233&lg=n&lse=y&ols=n&replay=n&_=00b353e875fcd723003237bb793d9a7e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee9e2f6f9b5c99b328ca6e05c627c9b513679b5b6383ac1a18b4c6385da5f6d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/powershowplayer.html?pid=9756233&lg=n&lse=y&ols=n&replay=n&_=00b353e875fcd723003237bb793d9a7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
Last-Modified: Sun, 19 Jul 2020 10:36:04 GMT
Server: AmazonS3
x-amz-request-id: 7MZ9ZB2WMV8KFT17
ETag: "d21e49e76bfb2b408650bd8f37dd646f"
Content-Type: image/png
Cache-Control: max-age=2592000,public
Accept-Ranges: bytes
Content-Length: 19350
x-amz-id-2: mr6H4EOWr/lHYcts2GswYg4IOgqeuXEVCjVIu9kzVGtZdkypyjfECbJDDum0B0b7xENpqCLNmbM=
Expires: Fri, 02 Feb 2035 00:00:00 GMT

GET
H/1.1 200
OK index.html Show response
s3.amazonaws.com/html5.powershow.com/9756233/ Frame A08E 14 KB
14 KB 118ms
107ms Document
text/html 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/powershowplayer.html?pid=9756233&lg=n&lse=y&ols=n&replay=n&_=00b353e875fcd723003237bb793d9a7e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 93ac90369f23f050a2e19e17ba352c5a3735d9fb555a4b45712c4b196c5a84b3

Request headers

Referer: https://s3.amazonaws.com/html5.powershow.com/powershowplayer.html?pid=9756233&lg=n&lse=y&ols=n&replay=n&_=00b353e875fcd723003237bb793d9a7e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 13981
Content-Type: text/html
Date: Wed, 22 Feb 2023 20:52:53 GMT
ETag: "fbecec50a68fe61cdcc781ac0f71cca1"
Last-Modified: Tue, 10 May 2022 06:30:20 GMT
Server: AmazonS3
x-amz-id-2: FheGvyHf8hFVm+37AzabP9NaRJTbO7PGOSTnanP/v/YM80og0Cl3qk6bAFHy0sdaT5HcDKGJ02I=
x-amz-request-id: 7MZAH26BK30GH2S5

GET
H/1.1 200
OK browsersupport.js Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 8 KB
9 KB 122ms
112ms Script
application/x-javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/browsersupport.js?160F4986
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d919480b6a087d69981501970bde2405230f5c3ec1beb5d5e37ba878b59d6502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
Last-Modified: Tue, 10 May 2022 06:30:20 GMT
Server: AmazonS3
x-amz-request-id: 7MZAJNCEF9NEWGBV
ETag: "8457ebaafcd61653e4986ad168727eb7"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 8500
x-amz-id-2: sY50789EeWhTEpnbpjH9GjwUQbu6GGNKcR92xerE2fCRxc1b8CpPk9rVzp4OOVsJt+qEmZPoCGo=

GET
H/1.1 200
OK player.js Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 949 KB
950 KB 135ms
118ms Script
application/x-javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1bc71371bbde0615d2b3476ccdd6796428a222f9e3bd4b7e120ede894ed94c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:53 GMT
Last-Modified: Tue, 10 May 2022 06:30:28 GMT
Server: AmazonS3
x-amz-request-id: 7MZ9TTWPH4EFB0XA
ETag: "35a419a458b7b1761d05caee7d2bb3d8"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 972195
x-amz-id-2: ahtBU29PrdLa5Fs9+qCtaJAZssAb1JWVD0DV8ZL+tJ6xe1M5S3nctyLj3WOvHP+m7gHAhw89XSg=

GET
DATA 200
OK truncated
/ Frame A08E 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d528dad212c082170958772339c591eeea66aa9266efd2217d878d53ff7d01ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 112ms
21ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/js/common.min.js?v=8.8.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 19:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6047
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 22 Feb 2023 21:12:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 97ms
58ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/js/common.min.js?v=8.8.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95d340135cafc29d7c7b7c6036c855d8d26145bc1bf0e2be69bdf1a7a17bd538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49355
x-xss-protection: 0
server: cafe
etag: 13151484483836748773
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 20:52:53 GMT

GET
H/1.1 200
OK slide1.css Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 468 B
823 B 147ms
147ms XHR
text/css 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide1.css?
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e147dbd8198212a381b532e5c8dec6aa756843b5b56f61d7788b47f9e38c4386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:54 GMT
Last-Modified: Tue, 10 May 2022 06:30:10 GMT
Server: AmazonS3
x-amz-request-id: 92X9HE54W457S789
ETag: "6a9e6c2ba3170e9e10af353b329d2fb1"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 468
x-amz-id-2: DWYb8AMt+ef2jvSseET/ZZ5ZtOGHi0jRDLW/L//qTgSyaqu5Jm6Er5z1wTP3HqjCzUQkDVQDr/Q=

GET
H/1.1 200
OK slide1.js Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
1 KB 151ms
151ms Script
application/x-javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide1.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3387197bcdf9654da28c3ec58f88676447c5fee5fc2978d52c19c2db1189baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:54 GMT
Last-Modified: Tue, 10 May 2022 06:30:10 GMT
Server: AmazonS3
x-amz-request-id: 92XDXTMY9EYNBX3H
ETag: "4e893bb2d126abceb9e11392ba62fcd5"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1115
x-amz-id-2: lijSvpStc+o7nwaJwW3nQTo8PxbwVK/GLLAnlU6qwlFn4f+uDN6cx7Dvb8VNtGey+Lu+FSvkDbk=

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
120 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=pub-0529305388270060&plah=www.powershow.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f5df39abfd45b373b92f69c158c3e8bbd84b21db16ba3bd1dcf9261f8132c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122952
x-xss-protection: 0
server: cafe
etag: 5201202339961029033
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 20:52:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230216/r20190131/ Frame 24B0 10 KB
5 KB 84ms
21ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230216/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 08:54:01 GMT
etag: 10353107486223812946
expires: Wed, 08 Mar 2023 08:54:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 42ms
41ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=885698487&t=pageview&_s=1&dl=https%3A%2F%2Fwww.powershow.com%2F&ul=en-us&de=UTF-8&dt=View%20millions%20of%20PowerPoint%20presentations!%20Free%20PowerPoint%20PPT%20downloads%20%7C%20PowerShow.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2129433877&gjid=682270405&cid=609918435.1677099173&tid=UA-2610266-2&_gid=1261990799.1677099173&_r=1&_slc=1&z=216109431

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powershow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.powershow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 81ms
24ms XHR
text/plain 2a00:1450:4025:402::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-2610266-2&cid=609918435.1677099173&jid=2129433877&gjid=682270405&_gid=1261990799.1677099173&_u=IEBAAEAAAAAAACAAI~&z=1404404235

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powershow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Feb 2023 20:52:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.powershow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fnt6.woff
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 85 KB
85 KB 130ms
130ms Font
application/octet-stream 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/fnt6.woff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 797a126a37cce11496fc3a6c9c7e83afa4591a5688da36211bbdb40495887672

Request headers

Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
Origin: https://s3.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:54 GMT
Last-Modified: Tue, 10 May 2022 06:30:23 GMT
Server: AmazonS3
x-amz-request-id: 92X701G0MVM1BBBH
ETag: "611dc8d47ddf716e1a5a28ef5e46f104"
Content-Type: text/plain
Accept-Ranges: bytes
Content-Length: 87028
x-amz-id-2: jPVviLv0vEo+yYdAGa0GqVIKzmA079B/0xq3jGVQlZtVNEgmKzyZcyB2izFJMHL3oIKb8M6R6gs=

GET
H/1.1 200
OK img0.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 112ms
112ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img0.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: debf337306f26a7e698ff4bda0a12bbd0488625a81811373a9282bc721a54fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:54 GMT
Last-Modified: Tue, 10 May 2022 06:30:10 GMT
Server: AmazonS3
x-amz-request-id: 92XAHKN9MWR4WFYP
ETag: "f26bf3fcaec1ce004cd6859d9eb757a3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1449
x-amz-id-2: q/03zvb8g5Jj59XWXWWFchHMxQ6gW0fGg9ykoDVc8qBB8jg+SwhHwirEOcJgSwmcxJDq0NWxYyI=

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
603 B 142ms
41ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.powershow.com&callback=_gfp_s_&client=ca-pub-0529305388270060

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=pub-0529305388270060&plah=www.powershow.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba46cf7b3a5af1dcda5d8011df744794b4b473a2e7012ac26ad2bc54bca59217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 82ms
20ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powershow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 55ms
18ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powershow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD45 41 KB
14 KB 1011ms
1011ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=368384325&adf=243876893&pi=t.ma~as.6859575253&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173307&bpp=3&bdt=1932&idt=235&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2403813146999&frm=20&pv=2&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CjWap3z9xB&p=https%3A//www.powershow.com&dtd=258

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5073d728a0ea932cbf828a5baffa653b3a296fb5438a822c7f3c3d9faa538b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13774
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:54 GMT
expires: Wed, 22 Feb 2023 20:52:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 76ms
58ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230216&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16e8a255cb129f072259f75404e28026ddec8ea224b9240c44e903d15e0aa903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11435
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2612 41 KB
14 KB 719ms
718ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=3005130858&adk=2328504725&adf=2566914574&pi=t.ma~as.3005130858&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173310&bpp=1&bdt=1935&idt=264&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=2403813146999&frm=20&pv=1&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zb5IRqf4tw&p=https%3A//www.powershow.com&dtd=266

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca447c406a9a0a2de864e4abe835a1a30c3b9a62dffc24769a5e48841afe6da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13792
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:54 GMT
expires: Wed, 22 Feb 2023 20:52:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF1F 53 KB
17 KB 445ms
445ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=588683012&adf=849813065&pi=t.ma~as.6859575253&w=730&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173310&bpp=1&bdt=1935&idt=272&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=2403813146999&frm=20&pv=1&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tBkAncFzbH&p=https%3A//www.powershow.com&dtd=274

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

333e739a3748b9c2174f5acde4f836f915d19f8939f761228c0d94c0f87e2b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17630
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:54 GMT
expires: Wed, 22 Feb 2023 20:52:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK img0.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 113ms
113ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img0.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: debf337306f26a7e698ff4bda0a12bbd0488625a81811373a9282bc721a54fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:54 GMT
Last-Modified: Tue, 10 May 2022 06:30:10 GMT
Server: AmazonS3
x-amz-request-id: 92X6S90YTZEYJMQA
ETag: "f26bf3fcaec1ce004cd6859d9eb757a3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1449
x-amz-id-2: Qqt2vxP5O4dgK0J589lzoaphS46KwqnKx+BICtsvk51V/Cwi/Q2yILUoO6g1Av6Lu1jel9X1RCo=

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C082 321 KB
62 KB 740ms
738ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&adk=1812271804&adf=3025194257&lmt=1677099173&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fwww.powershow.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173322&bpp=1&bdt=1947&idt=276&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C730x280&nras=1&correlator=2403813146999&frm=20&pv=1&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=290

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90b6855e9dea3b2c0445c2f2813388f0ae9528e8b52f6d6a2cbe15f638daebd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 63643
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:54 GMT
expires: Wed, 22 Feb 2023 20:52:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 20:52:53 GMT

GET
H/1.1 200
OK slide2.css Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 734 B
1 KB 108ms
108ms XHR
text/css 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide2.css?
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 24114e2447460c730b9b05e8f701451c6389e46a6359388700b4b1e35170ab1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:54 GMT
Last-Modified: Tue, 10 May 2022 06:30:28 GMT
Server: AmazonS3
x-amz-request-id: 92X063X6EDS5K5MN
ETag: "963262ce9b733759178bd9f6b02fcb8a"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 734
x-amz-id-2: 1V3foQEdNvP+TexHGSgT7hkeJG1IwapD/ObFbDH7FTtcd4XyfZfwM2PSrjMYXNsjcBlv/Pu0j9Q=

GET
H/1.1 200
OK slide2.js Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 2 KB
3 KB 104ms
104ms Script
application/x-javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide2.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b9efef8e374698f3cbc7eb1ed5ea36650261164020ad12cc8b33e52e63195671

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:54 GMT
Last-Modified: Tue, 10 May 2022 06:30:29 GMT
Server: AmazonS3
x-amz-request-id: 92XF3NR4RCJSY3Z5
ETag: "2b527d673aa6d82166ddb1d72b09d1e1"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 2221
x-amz-id-2: kefh7XLG33yTFrqRqxP6FIrvQtRM+yUD5sMnyQ0MNt6lejmXLeuYxceku/ILPabor55hGZLF3UU=

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5844 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:08:21 GMT
expires: Thu, 22 Feb 2024 20:08:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D60 783 B
1 KB 43ms
18ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3dc5e6da166a97c0f13dc9e0db8729865d793abf04afba7494d1cad3cf01788b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k-dftfuqM9S65A3S_4QGuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-k-dftfuqM9S65A3S_4QGuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:53 GMT
expires: Wed, 22 Feb 2023 20:52:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5844 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 13:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 13:19:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D60 0
0 42ms
41ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230216&jk=1510576959685131&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H/1.1 200
OK img0.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 107ms
106ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img0.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: debf337306f26a7e698ff4bda0a12bbd0488625a81811373a9282bc721a54fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:54 GMT
Last-Modified: Tue, 10 May 2022 06:30:10 GMT
Server: AmazonS3
x-amz-request-id: 92XEWHM21QXQD6GD
ETag: "f26bf3fcaec1ce004cd6859d9eb757a3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1449
x-amz-id-2: sJx8Q+vGfEdm64Hm1qqTT5AJQ4lXhzNz2gLfx9e90Opy9QHRclrU2d5RvsXHp7YoKEL7mIEy26U=

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5844 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xQQSoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK img0.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 113ms
112ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img0.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: debf337306f26a7e698ff4bda0a12bbd0488625a81811373a9282bc721a54fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:54 GMT
Last-Modified: Tue, 10 May 2022 06:30:10 GMT
Server: AmazonS3
x-amz-request-id: 92XEMAGZ1MQMTAV2
ETag: "f26bf3fcaec1ce004cd6859d9eb757a3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1449
x-amz-id-2: zz9HMUrvPXIeXamNCxRp8IztxSJZ31ajssYRdWepdz28pd7IsbGu8FU4EWuvwj4hqAPbLrORQ8Q=

GET
H/1.1 200
OK slide3.css Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 432 B
787 B 106ms
105ms XHR
text/css 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide3.css?
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 289e3571354c79791ca355139d8cd0f933363b557789d1b4c00b7651621d651c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:55 GMT
Last-Modified: Tue, 10 May 2022 06:30:29 GMT
Server: AmazonS3
x-amz-request-id: ZKP0EKRE54N4ZABV
ETag: "6f9159616934d4dd8b15a2578cdad76e"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 432
x-amz-id-2: XtmgkrZ+ZXezIfvcN7tzlAINZxzqS/mgdkvY/UA2g3YVHh0P4h0ThXr4AIyDk/cM7f7mRLh/QOc=

GET
H/1.1 200
OK slide3.js Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 2 KB
2 KB 132ms
132ms Script
application/x-javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide3.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8652f1cc804793b2e5f2fd63d2ca1dd0b0630e7e8fb0d3bae6763ae07051ddfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:55 GMT
Last-Modified: Tue, 10 May 2022 06:30:29 GMT
Server: AmazonS3
x-amz-request-id: ZKPFWZ8ZBC6D0SA3
ETag: "c98ec97efec60ebec804644baf7d84c3"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1675
x-amz-id-2: PVcuudRpZ7ZjpFaGlSns77uUWKnEvZ8gYKm0F9InRP7yT7xD5IDplRmCywEgyJz4VPPnSP9s9SI=

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EBA8 0
0 65ms
65ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIZprpYD2Y5KjKems7APLz6K4Baf42eVupYKcjuEQqJPMtt4JEAEglsu0DWCV-vCBjAegAYX32f4DyAEJqAMBqgTQAU_QKWTOl2LpFXQfKNx0tkndRxRT8-UoCKaNOYRtud57BWtP9jyOoYKtW0-2hysHQ1ZINo4vasz0Jri6C3-K7DBMzFResxr2Nlee0mzfvPAbJv12mabOOZD_6mijPegVugYlwX9qzTpoKDCx-f7wAUfcvRGESv7P2WnbOp3gZApeRRFrA1CdmQVTc8PR41NhSUOwsQem5yue4KGANSY7Gjb7Rw1Y4zbqHmCLLlhbiKycbkP26yS1BZqKhZCiPQapo70qg7EgAl4G964A9R04f4XABL7oi-CTBJIFBAgEGAGSBQQIBRgEoAYRgAegh60iqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3qkN0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMDUyOTMwNTM4ODI3MDA2MBgA&sigh=jz_F58Vzcr4&uach_m=[UACH]&cid=CAQSGwDUE5ymlodBp9F_Ijjjc8KIMtAKjiGq8cxtOBgB

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=588683012&adf=849813065&pi=t.ma~as.6859575253&w=730&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173310&bpp=1&bdt=1935&idt=272&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=2403813146999&frm=20&pv=1&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tBkAncFzbH&p=https%3A//www.powershow.com&dtd=274
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 20:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H2 200 bg Show response
revjet.lendingtree.com/ Frame EBA8 43 KB
18 KB 296ms
194ms Script
application/javascript 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/bg
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aed0359ed1a012a4116ca8720ff2d8c6d17737dde7ad813469ec5e407e49ba5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
content-type: application/javascript
p3p: CP="CAO PSA OUR"
cache-control: max-age=10800
x-amz-cf-id: Hv4KxV9u7uxVSqnBTCydhM3D5E87OTuYQgZDE7Y24eV90rnUYdJApA==
expires: Wed, 22 Feb 2023 23:52:54 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame EBA8 35 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=588683012&adf=849813065&pi=t.ma~as.6859575253&w=730&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173310&bpp=1&bdt=1935&idt=272&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=2403813146999&frm=20&pv=1&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tBkAncFzbH&p=https%3A//www.powershow.com&dtd=274

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fce698388d060e887036ad25cfbb24631fc8f7d2ac8c9b92b05a92e8276f1a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14029
x-xss-protection: 0
server: cafe
etag: 17648502459210553819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 23:24:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame EBA8 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:08:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame EBA8 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 21:01:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBA8 157 KB
48 KB 91ms
51ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame EBA8 22 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 20:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 20:57:50 GMT

GET
DATA 200
OK truncated
/ Frame EBA8 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a794b42e060e276153ff9eb331b8a59f09535a210ff699d8cce11f12ef7f37d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK img0.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 108ms
108ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img0.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: debf337306f26a7e698ff4bda0a12bbd0488625a81811373a9282bc721a54fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:55 GMT
Last-Modified: Tue, 10 May 2022 06:30:10 GMT
Server: AmazonS3
x-amz-request-id: ZKP6VXTA42HSCK87
ETag: "f26bf3fcaec1ce004cd6859d9eb757a3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1449
x-amz-id-2: VWd02wbvYU/Z/w9nuVXSU/4hsHNyUMIMLyPaz5w3JNeEskIRCKNTL8ZAEqwRWVbhrM/XNBUMh8E=

GET
H/1.1 200
OK img1.jpg
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 33 KB
34 KB 218ms
217ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img1.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a9b1950584ac1c7c40db5d31da63db3682604d3bf39cca3af7cb65d5e071bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:55 GMT
Last-Modified: Tue, 10 May 2022 06:30:24 GMT
Server: AmazonS3
x-amz-request-id: ZKP8V70HX2FHPJA5
ETag: "b6de8194096804c7264cad1d15ecc3b2"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 34072
x-amz-id-2: YlaoiVdZXZ3MBsGXQNujk4TYDnKwkIPv5uIf6JuycAwuW4Vz89lO8jaJOOKV5PwAKRzQwiKjptM=

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 20B7 0
0 71ms
70ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca9zupYD2Y47PJcOK7APs66ngD6f42eVupYKcjuEQqJPMtt4JEAEglsu0DWCV-vCBjAegAYX32f4DyAEJqAMBqgTLAU_QCoBrcRVcxiKc7oYfUc-_kqkwxcZZfh7hYo8wgq_0BOIHfIlTcTvYkTMu-Rttxrop-nZVFWVWpfHixLQhaeQxGtu-s58X3bD0IK-RpPgpkwNPO5DC-Rer5xUtp8euFgvCA_plObbVKLqsGyqB11MG1piFRCQytEkjtvWZStX4_UMdKo0NTm2DW0g2q7VVJ_2Ey0zwVaCz2jTxKhxGZPtV8XYHn1f0OhWZ7f-jZiMVTG_erCw_AmMRBl-jISjgOxHUMzAVn2p-zqdNwAS-6IvgkwSSBQQIBBgBkgUECAUYBKAGEYAHoIetIqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPGvCtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTA1MjkzMDUzODgyNzAwNjAYAA&sigh=av1NZBzF924&uach_m=[UACH]&cid=CAQSGwDUE5ym5YUgbW_T7H3o_QHybQvrW7IrFsMA3RgB

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=3005130858&adk=2328504725&adf=2566914574&pi=t.ma~as.3005130858&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173310&bpp=1&bdt=1935&idt=264&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=2403813146999&frm=20&pv=1&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zb5IRqf4tw&p=https%3A//www.powershow.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 20:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 bg Show response
revjet.lendingtree.com/ Frame 20B7 43 KB
18 KB 160ms
157ms Script
application/javascript 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/bg
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aed0359ed1a012a4116ca8720ff2d8c6d17737dde7ad813469ec5e407e49ba5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
content-type: application/javascript
p3p: CP="CAO PSA OUR"
cache-control: max-age=10800
x-amz-cf-id: NJ-qomFR_sDKXRp6JGvzQf8EX2H0OecbGWtFyJm2MPRF60qEvgajaA==
expires: Wed, 22 Feb 2023 23:52:54 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 20B7 35 KB
14 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=3005130858&adk=2328504725&adf=2566914574&pi=t.ma~as.3005130858&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173310&bpp=1&bdt=1935&idt=264&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=2403813146999&frm=20&pv=1&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zb5IRqf4tw&p=https%3A//www.powershow.com&dtd=266

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fce698388d060e887036ad25cfbb24631fc8f7d2ac8c9b92b05a92e8276f1a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14029
x-xss-protection: 0
server: cafe
etag: 17648502459210553819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 23:24:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 20B7 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:08:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 20B7 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 21:01:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20B7 157 KB
48 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame 20B7 22 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 20:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 20:57:50 GMT

GET
DATA 200
OK truncated
/ Frame 20B7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6afa23af851c2514918004c5b0a4d70a89fb5d79f23005f846190d3d91b890b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rectangle.js Show response
revjet.lendingtree.com/~cdn/JS/03/3.5.1/modules/ Frame EBA8 20 KB
8 KB 154ms
154ms Script
application/javascript 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 194f002ce71750d685c32fe75211cbbe22d3383e7bc3d0a323b76d278ab46b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Dec 2022 07:30:02 GMT
server: nginx
x-amz-cf-pop: VIE50-C2
etag: W/"638857fa-5088"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-id: gqlviOqm5f4UJie0WdYdewmYow5uhP16q6Yt38MVsE9KrO27vtqcgA==
expires: Wed, 22 Feb 2023 23:52:54 GMT

GET
H2 200 sync.html Show response
revjet.lendingtree.com/~cdn/JS/03/ Frame BAC4 2 KB
1 KB 122ms
121ms Document
text/html 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=10800
content-encoding: gzip
content-type: text/html
date: Wed, 22 Feb 2023 20:52:54 GMT
etag: W/"63e39ef4-744"
expires: Wed, 22 Feb 2023 23:52:54 GMT
last-modified: Wed, 08 Feb 2023 13:09:08 GMT
server: nginx
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-id: ZcCn3VR5zG7p40qxWHoQG84b3nnkptu7oNychg71lT9W_stOmiL2YQ==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
47ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230216&jk=1510576959685131&bg=!CAulC1_NAAZYlHKzeJQ7ADkAdvg8WudzVoUjE_gHC7NDFb1z0acCIGzFLKK4IOwdkz8O_E6KMhXN2szwr4VzXpSC7GjFMb9bk4kCAAAAY1IAAAADaAEHmQKc1_xKS7nNnBRfonM3Yzlu1yRSxU_johx3Zyf97gLmg5k0C_-HH8EAua0uwEZhf3BuXkQ3mjxT1TuLW-WhNmU4VEO-PvOo9vXixq2QvZdLak0S_QsFwwyCPUi1ARe5wD_pTeZna0YMD3GRXM6wxdeH1CH_bajbLDyx466P4X9E4LuOyAHEqp7B2n_D16_5FYHDuxirtBixurzKIaZ9vhqE1In3z3_QvbL8Vmv5wIbFZ7O2ZQCpovYPvXLCDaJ4APO_lJv7YDNaReT6algsc95S-E9Y-sL19HYTiKPDqG8UCNg6ZmUQGnL964HV_-Yzl6Zs5IZvkoZGyxGtg4nMafioyOzKKrHRKKyqM4kGpV4fBOeJeUarHRF3L4XHKijLzcBLUbGttdnp250W44wQbMD5GoPcbjNoHmSKd80ttrsdm2Ya_EA8p5AKyLauUZJ28F_mKR5k6AVM6b1qNhG3YgHs0bbFmmF4XtP2MnBIWeyHX6Byw1Q5BImHNhxeR4cYvGN3MoKrPr9-nGRJzQOIwhT_7xKcA09oVVlgHbYJq_OeK2NgU-kFRoTag4xE7fKEZ1mBclGUxSzQPlTkc1Ap9MguWlejuFB_UxvH4f0RV9UAILugsyD9ixQVrb9Wpyq0rlS4a-I0Bf9lB828OzT1KCBY3mRrKu8Jdlro1vh20R4j6B2PykVxjAysjxaRqPYFW0lV21lw7wxJfNmHVfHZZOFM4Q83M9gMtIiNNAswXqYvWVvRLzwA5ou9yKzWQxxlw8sdLRxhv9niNJtaTLrIpJKQO_pCYMNBZMDINgcyStSEoNOQ6c3Va2ggsLuZDFvkfghE-3ExBs4H7thNtTTXnNJQBFVYb_GZEOSsQKhy_756JiVo1nQ2DtMp7Ss92jI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 150 KB
51 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

135731099f1056a941b2c1fc5280f206c2a0fda7dc83af01f3653d05044e8094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52071
x-xss-protection: 0
server: cafe
etag: 18411510200523401576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H/1.1 200
OK img1.jpg
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 33 KB
34 KB 104ms
103ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img1.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a9b1950584ac1c7c40db5d31da63db3682604d3bf39cca3af7cb65d5e071bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:55 GMT
Last-Modified: Tue, 10 May 2022 06:30:24 GMT
Server: AmazonS3
x-amz-request-id: ZKPE47S89Y1JP2SQ
ETag: "b6de8194096804c7264cad1d15ecc3b2"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 34072
x-amz-id-2: aoGSSGjKA6YyjhTuqu22cLGoYgq+wSKiPVD6DLqFE3YHBwdo08PXCFGHto2shIq4dSTt8vl5abY=

GET
H/1.1 200
OK img0.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 107ms
107ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img0.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: debf337306f26a7e698ff4bda0a12bbd0488625a81811373a9282bc721a54fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:55 GMT
Last-Modified: Tue, 10 May 2022 06:30:10 GMT
Server: AmazonS3
x-amz-request-id: ZKP20XMH7AY8N00K
ETag: "f26bf3fcaec1ce004cd6859d9eb757a3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1449
x-amz-id-2: /7AKcOOm6QvJ9cpZXExa8QxkZXxteCW8xiURNkL2e5JhMPPTK/WzGpjZW7/kD+7GEAbOWIleGJw=

GET
H2 200 rectangle.js Show response
revjet.lendingtree.com/~cdn/JS/03/3.5.1/modules/ Frame 20B7 20 KB
8 KB 154ms
153ms Script
application/javascript 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 194f002ce71750d685c32fe75211cbbe22d3383e7bc3d0a323b76d278ab46b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Dec 2022 07:30:48 GMT
server: nginx
x-amz-cf-pop: VIE50-C2
etag: W/"63885828-5088"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-id: w_2jgvd-8fTKFb_zEGtRmGbR3KSPVHjvjPUzDJbO-83X8CB-cFXGEg==
expires: Wed, 22 Feb 2023 23:52:54 GMT

GET
H2 200 sync.html Show response
revjet.lendingtree.com/~cdn/JS/03/ Frame A97B 2 KB
1 KB 154ms
153ms Document
text/html 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=10800
content-encoding: gzip
content-type: text/html
date: Wed, 22 Feb 2023 20:52:54 GMT
etag: W/"63e39ef4-744"
expires: Wed, 22 Feb 2023 23:52:54 GMT
last-modified: Wed, 08 Feb 2023 13:09:08 GMT
server: nginx
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-id: Wlbdmor-JoJ0pjtJjuVwynbqCtzcJon5iHYL2radO8ZJuuzlbtpbzg==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront

GET
H2 200 tag046 Show response
revjet.lendingtree.com/ Frame EBA8 17 KB
5 KB 179ms
179ms Script
text/javascript 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/tag046?_plc_id=109148621&_key=35f&ct_url=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCcy9upYD2Y5KjKems7APLz6K4Baf42eVupYKcjuEQqJPMtt4JEAEglsu0DWCV-vCBjAegAYX32f4DyAEJqAMBqgTTAU_QKWTOl2LpFXQfKNx0tkndRxRT8-UoCKaNOYRtud57BWtP9jyOoYKtW0-2hysHQ1ZINo4vasz0Jri6C3-K7DBMzFResxr2Nlee0mzfvPAbJv12mabOOZD_6mijPegVugYlwX9qzTpoKDCx-f7wAUfcvRGESv7P2WnbOp3gZApeRRFrA1CdmQVTc8PR41NhSUOwsQem5yue4KGANSY7Gjb7Rw1Y4zbqHmCLbFp6GiVp1yYyUj8rs-skG5CBN4KgjaXfCx9RrMqC3YIYfs2ZGkHGAH3ABL7oi-CTBKAGEYAHoIetIqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbgMAdgTC9AVAfgWAYAXAQ%2526num%253D1%2526cid%253DCAQSGwDUE5ymlodBp9F_Ijjjc8KIMtAKjiGq8cxtOBgB%2526sig%253DAOD64_2YaoJg8Wr8r80pgUsfrA-H5IFatQ%2526client%253Dca-pub-0529305388270060%2526adurl%253D&LI=%7BLoan_Interest_Type%7D&gdn_ad_group_id=142740747326&cachebuster=608935670&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0529305388270060%26output%3Dhtml%26h%3D280%26slotname%3D6859575253%26adk%3D588683012%26adf%3D849813065%26pi%3Dt.ma~as.6859575253%26w%3D730%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1677099173%26rafmt%3D1%26format%3D730x280%26url%3Dhttps%253A%252F%252Fwww.powershow.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1677099173310%26bpp%3D1%26bdt%3D1935%26idt%3D272%26shv%3Dr20230216%26mjsv%3Dm202302130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D750x280%252C750x280%26correlator%3D2403813146999%26frm%3D20%26pv%3D1%26ga_vid%3D609918435.1677099173%26ga_sid%3D1677099174%26ga_hid%3D885698487%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D202%26ady%3D1499%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44777877%252C44759927%252C44759837%252C31071869%252C21065725%252C31071663%26oid%3D2%26pvsid%3D1510576959685131%26tmod%3D1636640297%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CleEbr%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DtBkAncFzbH%26p%3Dhttps%253A%2F%2Fwww.powershow.com%26dtd%3D274&_js_site_ref=https%3A%2F%2Fwww.powershow.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=1dadde2f75a5d6aeaa2_1677099174496&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=-120&_js_imp_offsety=-31&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.powershow.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1677099174499
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 767a79ccc4c9a477abd909881faa1b0545a894942cce37733ffd4eda677c4200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip51459
x-amz-cf-id: kWjao3hp331wGI-KWWoqPjdFg-jYomVt_bhA8LRejUPuzSgl6P11vw==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 21ms
20ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powershow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powershow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.powershow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/ Frame A54E 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:23:48 GMT
etag: 10353107486223812946
expires: Wed, 08 Mar 2023 20:23:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/ Frame B644 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:23:48 GMT
etag: 10353107486223812946
expires: Wed, 08 Mar 2023 20:23:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/ Frame 1ED2 10 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:23:48 GMT
etag: 10353107486223812946
expires: Wed, 08 Mar 2023 20:23:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/ Frame 316C 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powershow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:23:48 GMT
etag: 10353107486223812946
expires: Wed, 08 Mar 2023 20:23:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame A54E 4 KB
1 KB 55ms
24ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 19:10:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A54E 205 B
294 B 92ms
28ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:43:05 GMT
x-content-type-options: nosniff
age: 589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Feb 2024 20:43:05 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A54E 604 B
1 KB 90ms
27ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:44:04 GMT
x-content-type-options: nosniff
age: 530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Feb 2024 20:44:04 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/elements/html/ Frame A54E 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:34:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8251
x-xss-protection: 0
server: cafe
etag: 12882883664474914621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 21:34:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame B644 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 20:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 20:57:50 GMT

GET
H3 200 4175487587207076604
tpc.googlesyndication.com/simgad/ Frame B644 69 KB
69 KB 11ms
10ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4175487587207076604?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnUxrPy39uZGpSy48yOWTwa_wiWtw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442a4ababc8383188f8ccee1b16cda6368c98c03efdb4ca688fea9ca38dc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 00:18:52 GMT
x-content-type-options: nosniff
age: 506042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70661
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:13:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Feb 2024 00:18:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame B644 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:08:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame B644 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 21:01:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B644 157 KB
48 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame B644 33 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 22:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 22:22:04 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5029 167 KB
51 KB 353ms
173ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_aApQAJ_7YKexwCAAw50eadMbwyy4JsdN4nAQ&u=%7C4HDPcQf5GbJWVhAY4pR4cD4OIMazupH2KcTlhjQYjLg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHh-E1cp6hbAuV0zmZ7P8dIDBmQ4nR1aE_vTKN9lubsHPkYDiX91SHukUVHbe8vlVpXys183eahF1j3pUssTSv81ovYsrjpJ5alEQNOELg4YZfAu4onaaDB9jdn5NwhtZFcgechRUemGvCfd61txB-laLteon6UXgO_Dur_tmjV0JjJiQtVOuLqQRNMFFCCZByWsBwUJvAC3NtdSNQSViA7uEhV7Ykt2KIwLKvihVtMfM5QkjYGoFToHt8FPLwInmE5Q76MKmt1s3IvY0cRt1ZoA5LRHX0Z3IkqGgAujZ-aOpvvFJuVQY2B_vV9FEgdz7nH_agV2IRWY05-tnS9AJgYr2G-9YRiNsnG9j-STK04tWDRCcsOhm6xri0Fq-4_OwcC_GtVCydoooQw3Zs7feddMeFZMPGaFIJWO5PO8fDVMooklT1ZM6U7mcYvc0WLOtb9jluhwTSF67rHJIKgQKTUJpVvnAsrqFS35aT3gwh_NxoC_9gDlC0KzsOewiJSW2vvB0jlb23e7ztZP1KJATW4ajQtmZNoMcLNSzhJM_aZVHZn9g5pigLHFfwiDtBNrkvHA9HjWQSEFxg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVcw2pYD2Y7b_J4K47APR87CoA8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMDUyOTMwNTM4ODI3MDA2MMgBCakCxWIdQTnesT6oAwGqBL8BT9BI3Ku1VNfN6p4dt5PeUabcvPC1O-g7gkv03BbqKfkLsg92xi1DF30ydtRLR-JVv1C0uTOmzTmQQyn_7RNTcA1OymRhaJbsPRk_5PDD7A_vlvmctkCdWnOfeDY2H90eWj1ZMPpDarSoh-64WWdDnFmWwgUJA22CufHMECcyCHCwPNQKhTO-m0li8i1l10j5k2J7DxY_2W8w565Xy0islSMDz3vCPx9P2_9rNVN4OZGwtYnIiCm8i-awx1jYZbiABsGo56HD_sWwkgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BGmOmyG4xuDtPwkQVqv2muao7BQ%26client%3Dca-pub-0529305388270060%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d9bfded4990787af3cf4e5ff579e38bd45997569727d4e0ba75707c8c7f5dbd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=GEmACfyi0qLyH8urCbpPx4pfYf_dTGS9dTgwc5IPVizwH2gi5B1ihPBS12KRqySg2hzHeFOF17RZNWVqhFY-MmulngOAJWUNjT6Le9OwvbvQZN_5x2IV7llkHreuqEAUToL8KqhJ8GwfpnEluE8x9sLPTsGQThy8To95rrBYjCNfnNoFF9Gs2jRDJAIBqW5A0qMEpRkCoKAcDXj_6adjaB32NpAVZksUCU-C4guhf5xEiLQHbeivvnGHqN6W6Mp7HO3_bg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 137274434
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 1ED2 3 KB
1 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:08:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 1ED2 20 KB
8 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 21:01:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1ED2 157 KB
48 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 316C 0
0 63ms
63ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdV2upYD2Y7f_J4K47APR87CoA8me0rFchf6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMDUyOTMwNTM4ODI3MDA2MMgBCakCxWIdQTnesT6oAwGqBL4BT9AKTbkjf9Ef8HaoecKl9UAJl6DXtYwT4-uK32XizO_F8PYfhr5GNGcQV7IiyWps4oHu50AEBRmSKwB0jwgzWsbQ_LGR7u0ReO84mbgaQLi4jFezTI5gwbTxQUUXgxMcBYFr6g3uHteEB1SBohe5TsgbzRsVu6cygnIu0Z367rpubVXDDwTB2c9CBvSXNiMYrmPt37cKDki-C0oGWUexf6D6Egec5zYKiHIS5TFX4G8z4uDCXY6F8iX7VTD2H4AGwajnocP-xbCSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDUyOTMwNTM4ODI3MDA2MBgA&sigh=80v0YkcNaBo&uach_m=[UACH]&cid=CAQSGwDUE5ymrjn8Sm9tSriDIGYoVp9QhxtpJgw_ThgB

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 20:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 316C 0
0 60ms
18ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kJiKE8z6RO0HfJ2DYgICAAAAQ0jqaFwfodcQpYD2Y-NJUgakzgoDMZQAABIAAAoOQVFVQkJRWUJCUUVCQlE&wp=Y_aApQAJ_7cKexwCAAw50Xsgi5zLc7aYhN4wMw

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 205213
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9052 181 KB
53 KB 293ms
132ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_aApQAJ_7cKexwCAAw50Xsgi5zLc7aYhN4wMw&u=%7C4HDPcQf5GbLlB7sHzWqejys49u4xPA3a%2FUTPQDJA92g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4UCR1GnmPW4iJoLWqMqsNRmJaQW_AIJ-XPwtQXpW2-B437GTQQuR-cazoAyGAq5HD8HA6lXrJ8yenHIoojXaQfLgU6BMvtcQSs2xZQYQvj9WCDKmux94dPjJQZlLNRR84DIXzE8MdWsyC86hyQJEzdMsi0qDLpcqun0JmZ73wq5mcLHSSixWsHN15MC-aE5KmD6ep7MIDFCqKmYH8jg2QXkoeVWDikkW7QFGjbYpRL9IuSv0BudS51uN7wxoXa6iN2dOp7vhiNwbCXa2rjKepBMt7VhD9ZU5DK7hYvKu9HxHNwDqn5-fAkaRTrkAOTmblsanEYDSm8HLNzwHQGZZlXM9olemhRwZhTcBPXEMbsdX4kndd3thhgZdO5LhWuoQQWvfzBCK9On_1Wt2KHxLyw4YEl8bRTH_nQ_8uQnQ0nMjvgwj4MmB74nUvXFRf96RbbXCEYG8QmBTKFi8tW9QdxqtgyKLYzCGdHMbM5xXXj2dNAtrMH95ddlDEX2MaCC6ea4dHrotS9ooJMw-sSHLVlhvAhxZ_O3c2KT2c_1rUUKwZ16c7cxTtaF-493jbnVuJh4widPpIm3Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3FEipYD2Y7f_J4K47APR87CoA8me0rFchf6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMDUyOTMwNTM4ODI3MDA2MMgBCakCxWIdQTnesT6oAwGqBMEBT9AKTbkjf9Ef8HaoecKl9UAJl6DXtYwT4-uK32XizO_F8PYfhr5GNGcQV7IiyWps4oHu50AEBRmSKwB0jwgzWsbQ_LGR7u0ReO84mbgaQLi4jFezTI5gwbTxQUUXgxMcBYFr6g3uHteEB1SBohe5TsgbzRsVu6cygnIu0Z367rpubVXDDwTB2c9CBvSXNiMYrmPt37cKDkj8CWuU3sgtbB9mBqRM2pDygWYYUzt5-O2HKt1krzGb3j1-_7TloPDzPYAGwajnocP-xbCSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Xo8Fo-n0MFrmmjwxQqfUal3-QVg%26client%3Dca-pub-0529305388270060%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b7ad29f651d26dc639b406e76f692e79a647482e70a711a2df24cc8fe5b6664a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6YTu-fyi0qLyH8urHzrVcRQv0OxWIL4d4J7RNnSzBpWkND2LbizKG0OskaYwlXU4uwf_7vtBkOQ7H_ThrmK4NmUdatNwUFTmer8t-g8nNHrjJQChGwS7PVIjqjnlR079g5ymGYmuGwTwTNAqT7Xnc_N6iqzDTortqT3tqko8dCJ7RImX7ldrptZSdZxeuqSA4VxBgVxJUi9gZ3WOsivtSt0HeQfnowKjCmmj8mFipdRkFMtnNpXMXtyW60STu1jSxv_NaQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 113762066
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 316C 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:08:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 316C 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 21:01:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 316C 157 KB
48 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H/1.1 200
OK slide4.css Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 359 B
714 B 108ms
107ms XHR
text/css 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide4.css?
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7320f93bccff78e23fc818ddff917ed1923cc16fbd47d02c64bf845295639b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:55 GMT
Last-Modified: Tue, 10 May 2022 06:30:30 GMT
Server: AmazonS3
x-amz-request-id: ZKPBDV7AB3WMVQ1P
ETag: "3b15023a77fc809dee43b7a954183140"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 359
x-amz-id-2: kvL8Aj/juTj/5x8ay+BNnZX3aBmM4lgaExjqRKVxhHGWFrrrSixc0tn2TrN1qJpl1tXkcWMNuJU=

GET
H/1.1 200
OK slide4.js Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 106ms
105ms Script
application/x-javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide4.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 32e47626d1c555a8df7e1bb674fe936d47523ea6be51d7f57edd191ac80acdd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:55 GMT
Last-Modified: Tue, 10 May 2022 06:30:30 GMT
Server: AmazonS3
x-amz-request-id: ZKP6NZ930WBK0DF0
ETag: "454095661c2a61253c0cec28e346e5bd"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1207
x-amz-id-2: QzT4CWG6Ig6kuoEnLBolDkW+irJG4dbGh6Rhh964aUoSwHXuCSiBNZSyT5CBqE7fu+MQhAaoQWA=

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0508 0
0 69ms
67ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVybmpYD2Y5SQJdihYsyUk6gFp_jZ5W6lgpyO4RCok8y23gkQASCWy7QNYJX68IGMB6ABhffZ_gPIAQmoAwGqBMgBT9CJFU6a9IS35XFar7oYNTKLn33UWh3iGU_tKa6-90cGuvYcKUigOsTOWsJ2_q607AN1ApP6ko1OVhnpoC1Uj9xHj621yOzNMCTJAdRKZeIqjSknQNBBJxGxb2Dv_8NzvWIOnnSle5veWcHzW88pHa7m7VVpYL8IC5RmCNlY1Sl8qQnmWpX6KlDTQ4UjFtKmO5nPZ5qeLnKtsJgwceT27Ssb3CSTM8a65U4AOSjuMwRwoYUa06V3xZQOZCjv6pwCDHI4IZUT_EzABL7oi-CTBJIFBAgEGAGSBQQIBRgEoAYRgAegh60iqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_aIk0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMDUyOTMwNTM4ODI3MDA2MBgA&sigh=7Ww5ScqkUps&uach_m=[UACH]&cid=CAQSGwDUE5ymdFZxYxV21GpxRDhqkHgktuLScfaLkhgB

Requested by

Host: www.powershow.com
URL: https://www.powershow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=368384325&adf=243876893&pi=t.ma~as.6859575253&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173307&bpp=3&bdt=1932&idt=235&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2403813146999&frm=20&pv=2&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CjWap3z9xB&p=https%3A//www.powershow.com&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 20:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 bg Show response
revjet.lendingtree.com/ Frame 0508 43 KB
18 KB 195ms
192ms Script
application/javascript 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/bg
Requested by: Host: www.powershow.com
URL: https://www.powershow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aed0359ed1a012a4116ca8720ff2d8c6d17737dde7ad813469ec5e407e49ba5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
content-type: application/javascript
p3p: CP="CAO PSA OUR"
cache-control: max-age=10800
x-amz-cf-id: maBezI1ZF1l_1YOUt05_g1LLVNsHrgJlv0sxkI7akjuNX5bgte05LA==
expires: Wed, 22 Feb 2023 23:52:54 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 0508 35 KB
14 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=368384325&adf=243876893&pi=t.ma~as.6859575253&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173307&bpp=3&bdt=1932&idt=235&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2403813146999&frm=20&pv=2&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CjWap3z9xB&p=https%3A//www.powershow.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fce698388d060e887036ad25cfbb24631fc8f7d2ac8c9b92b05a92e8276f1a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14029
x-xss-protection: 0
server: cafe
etag: 17648502459210553819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 23:24:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 0508 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=368384325&adf=243876893&pi=t.ma~as.6859575253&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173307&bpp=3&bdt=1932&idt=235&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2403813146999&frm=20&pv=2&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CjWap3z9xB&p=https%3A//www.powershow.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:08:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 0508 20 KB
8 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=368384325&adf=243876893&pi=t.ma~as.6859575253&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173307&bpp=3&bdt=1932&idt=235&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2403813146999&frm=20&pv=2&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CjWap3z9xB&p=https%3A//www.powershow.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 21:01:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0508 157 KB
48 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=368384325&adf=243876893&pi=t.ma~as.6859575253&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173307&bpp=3&bdt=1932&idt=235&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2403813146999&frm=20&pv=2&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CjWap3z9xB&p=https%3A//www.powershow.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame 0508 22 KB
9 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0529305388270060&output=html&h=280&slotname=6859575253&adk=368384325&adf=243876893&pi=t.ma~as.6859575253&w=750&fwrn=4&fwrnh=100&lmt=1677099173&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.powershow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677099173307&bpp=3&bdt=1932&idt=235&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2403813146999&frm=20&pv=2&ga_vid=609918435.1677099173&ga_sid=1677099174&ga_hid=885698487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=192&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44777877%2C44759927%2C44759837%2C31071869%2C21065725%2C31071663&oid=2&pvsid=1510576959685131&tmod=1636640297&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CjWap3z9xB&p=https%3A//www.powershow.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 20:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 20:57:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C4D 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:11:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 64FA 8 KB
968 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 19:13:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 64FA 2 KB
765 B 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 21:01:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame 64FA 22 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 20:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 20:57:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 64FA 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 20:08:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 64FA 20 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 21:01:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64FA 157 KB
48 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 20:52:54 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 64FA 33 KB
14 KB 21ms
19ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 00:53:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 19:00:31 GMT

GET
H2 200 tag046 Show response
revjet.lendingtree.com/ Frame 20B7 17 KB
5 KB 162ms
160ms Script
text/javascript 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/tag046?_plc_id=109148621&_key=35f&ct_url=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCPjKrpYD2Y47PJcOK7APs66ngD6f42eVupYKcjuEQqJPMtt4JEAEglsu0DWCV-vCBjAegAYX32f4DyAEJqAMBqgTOAU_QCoBrcRVcxiKc7oYfUc-_kqkwxcZZfh7hYo8wgq_0BOIHfIlTcTvYkTMu-Rttxrop-nZVFWVWpfHixLQhaeQxGtu-s58X3bD0IK-RpPgpkwNPO5DC-Rer5xUtp8euFgvCA_plObbVKLqsGyqB11MG1piFRCQytEkjtvWZStX4_UMdKo0NTm2DW0g2q7VVJ_2Ey0zwVaCz2jTxKhxGZPtV8XYHnxX2G4cQGEbGopoO0tmvArI_IWmVD3G71KBOSr9Atxo5h-Gub8KJhaqZwAS-6IvgkwSgBhGAB6CHrSKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAG4DAHYEwvQFQH4FgGAFwE%2526num%253D1%2526cid%253DCAQSGwDUE5ym5YUgbW_T7H3o_QHybQvrW7IrFsMA3RgB%2526sig%253DAOD64_0KYd_8EixgnqkDIgZ0Bi0ihBQ26A%2526client%253Dca-pub-0529305388270060%2526adurl%253D&LI=%7BLoan_Interest_Type%7D&gdn_ad_group_id=142740747326&cachebuster=1383855759&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0529305388270060%26output%3Dhtml%26h%3D280%26slotname%3D3005130858%26adk%3D2328504725%26adf%3D2566914574%26pi%3Dt.ma~as.3005130858%26w%3D750%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1677099173%26rafmt%3D1%26format%3D750x280%26url%3Dhttps%253A%252F%252Fwww.powershow.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1677099173310%26bpp%3D1%26bdt%3D1935%26idt%3D264%26shv%3Dr20230216%26mjsv%3Dm202302130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D750x280%26correlator%3D2403813146999%26frm%3D20%26pv%3D1%26ga_vid%3D609918435.1677099173%26ga_sid%3D1677099174%26ga_hid%3D885698487%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D192%26ady%3D908%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44777877%252C44759927%252C44759837%252C31071869%252C21065725%252C31071663%26oid%3D2%26pvsid%3D1510576959685131%26tmod%3D1636640297%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DZb5IRqf4tw%26p%3Dhttps%253A%2F%2Fwww.powershow.com%26dtd%3D266&_js_site_ref=https%3A%2F%2Fwww.powershow.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=1dadde2f75a5d6aeaa2_1677099174496&_js_tag_freq=2&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=-110&_js_imp_offsety=-28&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.powershow.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1677099174727
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 14a6e54499f062dc9f7ea8443b4854739686c2a37e8dd45fc5765024c41ce550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip51459
x-amz-cf-id: OLShHUF4hdsai4LP2YjydrPGlSuv30QcU74MSsOucHq-uUN3ukf-_w==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 316C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf575e1e57f445ca19d3d6a09dd312b5d884ae64eaa16062e77ca768f2bb2f6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0508 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b6f9a5405a67491494ad2f3246686ca61d547d1e084b94f51d2e51475196ad7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK img2.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 753 KB
753 KB 125ms
124ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img2.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7ec9fc22ddb84c0181ceaef9eae3cf216dec35ae5137b03fca894e054458ebfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:55 GMT
Last-Modified: Tue, 10 May 2022 06:30:25 GMT
Server: AmazonS3
x-amz-request-id: ZKP4WKHERQ1KEGVJ
ETag: "c28cc08dc1c881a4ac3c03477657e3bf"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 771064
x-amz-id-2: iapp7G9lDGTADbs3dy+iqd4MaJcg1eSrZ8n/k573pz0MtilYszpepB+VmE7y8oxj4I0GHmh/fMo=

GET
H2 200 elements-2.9.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame B889 155 KB
47 KB 84ms
8ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: aeb715220f53a8eec05907640a9801a27014227fb76422799999d290628f47d3

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 06:10:30 GMT
server: ECS (frb/673A)
age: 54
etag: "6385a256-26a1f+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 47507
expires: Wed, 22 Feb 2023 21:02:54 GMT

GET
H2 200 999
pix.lendingtree.com/interaction/ Frame B889 43 B
326 B 121ms
40ms Image
image/gif 2600:9000:206f:4800:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/999?__ads=272a9f54ec374b4ccd4758db78a39a58&__adt=8756686886013708788&__ade=1&vid=5064324197088922362
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:54 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: 94ozIN928ZEhV98UN0_1Qlv6DR7TXnZXFkmEpgI1z5BGYGWpRjb2EQ==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C4D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
54ms

Document
text/html

2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:54 GMT
expires: Wed, 22 Feb 2023 20:52:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame AA1F 36 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 13:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 13:19:29 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 13C6 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:11:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rectangle.js Show response
revjet.lendingtree.com/~cdn/JS/03/3.5.1/modules/ Frame 0508 20 KB
8 KB 158ms
157ms Script
application/javascript 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 194f002ce71750d685c32fe75211cbbe22d3383e7bc3d0a323b76d278ab46b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Dec 2022 07:30:23 GMT
server: nginx
x-amz-cf-pop: VIE50-C2
etag: W/"6388580f-5088"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-id: r7bman7j7qxtDsD6WtwF9Lvxc2RkK6x2sXOr29p1sHTgHsyGTeMDVQ==
expires: Wed, 22 Feb 2023 23:52:55 GMT

GET
H2 200 sync.html Show response
revjet.lendingtree.com/~cdn/JS/03/ Frame CBFA 2 KB
1 KB 48ms
48ms Document
text/html 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=10800
content-encoding: gzip
content-type: text/html
date: Wed, 22 Feb 2023 20:52:54 GMT
etag: W/"63e39ef2-744"
expires: Wed, 22 Feb 2023 23:52:54 GMT
last-modified: Wed, 08 Feb 2023 13:09:06 GMT
server: nginx
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-id: zpA6wCcqsrx3llebqETBMswE8S1A5cxVazZgFn7lvODg-5s-eTjo2w==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9052 2 KB
1 KB 95ms
43ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_aApQAJ_7cKexwCAAw50Xsgi5zLc7aYhN4wMw&u=%7C4HDPcQf5GbLlB7sHzWqejys49u4xPA3a%2FUTPQDJA92g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4UCR1GnmPW4iJoLWqMqsNRmJaQW_AIJ-XPwtQXpW2-B437GTQQuR-cazoAyGAq5HD8HA6lXrJ8yenHIoojXaQfLgU6BMvtcQSs2xZQYQvj9WCDKmux94dPjJQZlLNRR84DIXzE8MdWsyC86hyQJEzdMsi0qDLpcqun0JmZ73wq5mcLHSSixWsHN15MC-aE5KmD6ep7MIDFCqKmYH8jg2QXkoeVWDikkW7QFGjbYpRL9IuSv0BudS51uN7wxoXa6iN2dOp7vhiNwbCXa2rjKepBMt7VhD9ZU5DK7hYvKu9HxHNwDqn5-fAkaRTrkAOTmblsanEYDSm8HLNzwHQGZZlXM9olemhRwZhTcBPXEMbsdX4kndd3thhgZdO5LhWuoQQWvfzBCK9On_1Wt2KHxLyw4YEl8bRTH_nQ_8uQnQ0nMjvgwj4MmB74nUvXFRf96RbbXCEYG8QmBTKFi8tW9QdxqtgyKLYzCGdHMbM5xXXj2dNAtrMH95ddlDEX2MaCC6ea4dHrotS9ooJMw-sSHLVlhvAhxZ_O3c2KT2c_1rUUKwZ16c7cxTtaF-493jbnVuJh4widPpIm3Dg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3FEipYD2Y7f_J4K47APR87CoA8me0rFchf6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMDUyOTMwNTM4ODI3MDA2MMgBCakCxWIdQTnesT6oAwGqBMEBT9AKTbkjf9Ef8HaoecKl9UAJl6DXtYwT4-uK32XizO_F8PYfhr5GNGcQV7IiyWps4oHu50AEBRmSKwB0jwgzWsbQ_LGR7u0ReO84mbgaQLi4jFezTI5gwbTxQUUXgxMcBYFr6g3uHteEB1SBohe5TsgbzRsVu6cygnIu0Z367rpubVXDDwTB2c9CBvSXNiMYrmPt37cKDkj8CWuU3sgtbB9mBqRM2pDygWYYUzt5-O2HKt1krzGb3j1-_7TloPDzPYAGwajnocP-xbCSAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Xo8Fo-n0MFrmmjwxQqfUal3-QVg%26client%3Dca-pub-0529305388270060%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9052 2 KB
1 KB 83ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9052 308 B
636 B 53ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9052 293 B
621 B 54ms
27ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 9052 43 B
348 B 67ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zxHnb71EWbXauEAt4MhJDGVhqp1EA--XM5Re3_GKS4nnHVZAQaiJjM-ks2lNVQjz_pcQlmCtlGxzOt2rXhTULX0cPcdnIUatp56XK_1OSGIIqe-s8vwDDMfYn-JLztUUYJna9P9R6ley-2WK3jHzv6BQsqb2wJ-Uj5BwTg8z2emBKDZrB8sOOEw_5NgFANlOsHhVzIOBLlDt4JEOF52NWED-fYjleiuZ0fT1AFkOABVTGp_MD958vqPY5YSOAgQZ52q8y2pOa-stdTeC0eoz78HebOW7NxfUSr8j1lQ5L4SwSu2HwYxGcFKi1oDzLRRDaIz6FeMRohBnrG1Z5oyUztkUnHzztwp9Ej1hog2lo54csU6o6IKRYwpCPUaXBdos_n1-oRt15sMIyag1LLvcpIP3EwL_1f6uDtYyoRkYvozvaRPb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1848135
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5029 2 KB
1 KB 63ms
27ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_aApQAJ_7YKexwCAAw50eadMbwyy4JsdN4nAQ&u=%7C4HDPcQf5GbJWVhAY4pR4cD4OIMazupH2KcTlhjQYjLg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHh-E1cp6hbAuV0zmZ7P8dIDBmQ4nR1aE_vTKN9lubsHPkYDiX91SHukUVHbe8vlVpXys183eahF1j3pUssTSv81ovYsrjpJ5alEQNOELg4YZfAu4onaaDB9jdn5NwhtZFcgechRUemGvCfd61txB-laLteon6UXgO_Dur_tmjV0JjJiQtVOuLqQRNMFFCCZByWsBwUJvAC3NtdSNQSViA7uEhV7Ykt2KIwLKvihVtMfM5QkjYGoFToHt8FPLwInmE5Q76MKmt1s3IvY0cRt1ZoA5LRHX0Z3IkqGgAujZ-aOpvvFJuVQY2B_vV9FEgdz7nH_agV2IRWY05-tnS9AJgYr2G-9YRiNsnG9j-STK04tWDRCcsOhm6xri0Fq-4_OwcC_GtVCydoooQw3Zs7feddMeFZMPGaFIJWO5PO8fDVMooklT1ZM6U7mcYvc0WLOtb9jluhwTSF67rHJIKgQKTUJpVvnAsrqFS35aT3gwh_NxoC_9gDlC0KzsOewiJSW2vvB0jlb23e7ztZP1KJATW4ajQtmZNoMcLNSzhJM_aZVHZn9g5pigLHFfwiDtBNrkvHA9HjWQSEFxg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVcw2pYD2Y7b_J4K47APR87CoA8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMDUyOTMwNTM4ODI3MDA2MMgBCakCxWIdQTnesT6oAwGqBL8BT9BI3Ku1VNfN6p4dt5PeUabcvPC1O-g7gkv03BbqKfkLsg92xi1DF30ydtRLR-JVv1C0uTOmzTmQQyn_7RNTcA1OymRhaJbsPRk_5PDD7A_vlvmctkCdWnOfeDY2H90eWj1ZMPpDarSoh-64WWdDnFmWwgUJA22CufHMECcyCHCwPNQKhTO-m0li8i1l10j5k2J7DxY_2W8w565Xy0islSMDz3vCPx9P2_9rNVN4OZGwtYnIiCm8i-awx1jYZbiABsGo56HD_sWwkgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BGmOmyG4xuDtPwkQVqv2muao7BQ%26client%3Dca-pub-0529305388270060%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5029 2 KB
1 KB 69ms
33ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5029 308 B
637 B 40ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5029 293 B
621 B 41ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 5029 43 B
347 B 56ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jDPtjTn_zSDBwI2sR2tBJpJt5ui6M-B6MeA1SUgiaG3onNTEmX6STVZ6G6hDm0Q5YJ3OzUQDQlh753teHHiGONlPohPOa3gHMBMWyqwVT2PFh7G29l-VrT-ipu7cQB-53eEnkppi9unNE83b07PhyFat0C1tejVa2VyJ1kEkldpugg9FTlVQLLH0ekVPAv3qu1aU1tY1hR9k0b5Wno1swTmuKbTDpCrvGFYY7I3tX6UnvdriWie0CfZhfrPpiquLwZpGWS6O45S09nHcXoUqfi-nHiV0scCHWt6skQsY0u3ypdkLrvZ-tOUuFKjhaGb1kMf_SK_mLJ10hPTU_X_BNd8pSN1pelnG4hMeyirb8sD8PilfBKJSRC8bjFHn3Z5IRZ4lOJ_dpski0uV_NlSB8WaMX_YVbVMByJa1oFLC_kwFd1cw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2664400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 13C6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

164ms
163ms

Document
text/html

2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:55 GMT
expires: Wed, 22 Feb 2023 20:52:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 20:52:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 elements-2.9.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 3EC8 155 KB
47 KB 8ms
7ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: aeb715220f53a8eec05907640a9801a27014227fb76422799999d290628f47d3

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 06:10:30 GMT
server: ECS (frb/673A)
age: 55
etag: "6385a256-26a1f+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 47507
expires: Wed, 22 Feb 2023 21:02:55 GMT

GET
H2 200 999
pix.lendingtree.com/interaction/ Frame 3EC8 43 B
324 B 163ms
162ms Image
image/gif 2600:9000:206f:4800:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/999?__ads=272a9f54ec374b4ccd4758db78a39a58&__adt=8756687348248885019&__ade=1&vid=5064324197088922362
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:55 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: Sq5QrQUuiDcNH7lzipPZdQeEaWRsnCp6Dj_3H0KWBcFPScgTrtme_w==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 index.html Show response
cdn.revjet.com/s3/csp/1672762103028/ Frame B889 2 KB
1 KB 8ms
7ms XHR
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1672762103028/index.html
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: 1bfc8216aeb3449c827b8d8e94066a7cca4d240b749a90478b5bd6a38fe03296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: b0J8jLvBPdrQ4qwWm_nlG.FqkO.sFukS
age: 2873
x-amz-request-id: HHGY8RAS16V2FPHV
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 867
x-amz-id-2: lciG67RxUN0zOw5z3JrMQ1kY9TrB60w/XLl935wQD4N3+I0R7CVEoSdIwTyIN6lOMaYdyv6SkUw=
last-modified: Tue, 03 Jan 2023 16:08:25 GMT
server: ECS (frb/6713)
etag: "d04c206a5810c248919bd1d3888a6032+gzip"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 tag046 Show response
revjet.lendingtree.com/ Frame 0508 17 KB
5 KB 147ms
146ms Script
text/javascript 2600:9000:211a:e400:a:83e6:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://revjet.lendingtree.com/tag046?_plc_id=109148621&_key=35f&ct_url=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCopjMpYD2Y5SQJdihYsyUk6gFp_jZ5W6lgpyO4RCok8y23gkQASCWy7QNYJX68IGMB6ABhffZ_gPIAQmoAwGqBMsBT9CJFU6a9IS35XFar7oYNTKLn33UWh3iGU_tKa6-90cGuvYcKUigOsTOWsJ2_q607AN1ApP6ko1OVhnpoC1Uj9xHj621yOzNMCTJAdRKZeIqjSknQNBBJxGxb2Dv_8NzvWIOnnSle5veWcHzW88pHa7m7VVpYL8IC5RmCNlY1Sl8qQnmWpX6KlDTQ4UjFtKmO5nPZ5qeLnKtsJgwceT27SsbniayoU9PXCvEgDNwhXXeP4U52SF-64z77IaeRAiGJl4gqkWymYhrO3rABL7oi-CTBKAGEYAHoIetIqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbgMAdgTC9AVAfgWAYAXAQ%2526num%253D1%2526cid%253DCAQSGwDUE5ymdFZxYxV21GpxRDhqkHgktuLScfaLkhgB%2526sig%253DAOD64_3rQpkHRzBFEHkGrrNqvqEmCW8SDQ%2526client%253Dca-pub-0529305388270060%2526adurl%253D&LI=%7BLoan_Interest_Type%7D&gdn_ad_group_id=142740747326&cachebuster=19790726&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0529305388270060%26output%3Dhtml%26h%3D280%26slotname%3D6859575253%26adk%3D368384325%26adf%3D243876893%26pi%3Dt.ma~as.6859575253%26w%3D750%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1677099173%26rafmt%3D1%26format%3D750x280%26url%3Dhttps%253A%252F%252Fwww.powershow.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1677099173307%26bpp%3D3%26bdt%3D1932%26idt%3D235%26shv%3Dr20230216%26mjsv%3Dm202302130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D2403813146999%26frm%3D20%26pv%3D2%26ga_vid%3D609918435.1677099173%26ga_sid%3D1677099174%26ga_hid%3D885698487%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D192%26ady%3D100%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44777877%252C44759927%252C44759837%252C31071869%252C21065725%252C31071663%26oid%3D2%26pvsid%3D1510576959685131%26tmod%3D1636640297%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DCjWap3z9xB%26p%3Dhttps%253A%2F%2Fwww.powershow.com%26dtd%3D258&_js_site_ref=https%3A%2F%2Fwww.powershow.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=1dadde2f75a5d6aeaa2_1677099174496&_js_tag_freq=3&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=-110&_js_imp_offsety=-28&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.powershow.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1677099175031
Requested by: Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e400:a:83e6:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e30fb9b62d720ca3505dd66e85aee733f18963c54fed77d39f4b85998faff08d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip51459
x-amz-cf-id: dBkOp5rBoIu_QOrQOerxhp6EvaIfrRzq6MG0k_onTH8gWbCsNDrypA==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 5029 2 KB
899 B 126ms
126ms Stylesheet
text/css 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5029 12 KB
6 KB 122ms
122ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5029 0
128 B 169ms
21ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=GEmACfyi0qLyH8urCbpPx4pfYf_dTGS9dTgwc5IPVizwH2gi5B1ihPBS12KRqySg2hzHeFOF17RZNWVqhFY-MmulngOAJWUNjT6Le9OwvbvQZN_5x2IV7llkHreuqEAUToL8KqhJ8GwfpnEluE8x9sLPTsGQThy8To95rrBYjCNfnNoFF9Gs2jRDJAIBqW5A0qMEpRkCoKAcDXj_6adjaB32NpAVZksUCU-C4guhf5xEiLQHbeivvnGHqN6W6Mp7HO3_bg&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 20:52:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5029 2 KB
1 KB 119ms
118ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5029 2 KB
1 KB 120ms
119ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 9052 2 KB
899 B 114ms
113ms Stylesheet
text/css 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9052 12 KB
6 KB 126ms
126ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9052 10 KB
10 KB 155ms
46ms Image
image/png 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=20389&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F20389%2F170807%2F876b816f67bc4c5fbf7b3f9ee51867f6_triumph.png&v=3&w=196&s=qdeOYT1zXDwQIzlP3Fp4DdZ6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

fc881f13aad05a2722621b482c74c9616f08e24d88649e11712e4d6393df88ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=27453565
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10206
expires: Sat, 06 Jan 2024 14:52:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9052 14 KB
14 KB 136ms
28ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F6bc0e74f-633f-4a0d-b5a6-0d7e8563d8f2%2F30_10210629_00FU_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=xqTDfWw3tYwmd9U17AvhmmoF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ca3c9aa86dcd8c70b92692124d982d6d516592687d2193b27fe46b8041bcdc4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14500
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9052 5 KB
6 KB 124ms
16ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2Ffe1f0054-e1c0-466b-a796-21da897706b6%2F30_10207952_7291_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=uD2PQ_g7wgF68lgKtTZqzasY&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d07f013da6e0dca0233422700e0c4bae4047e0f0ad6b9d5e4827020781dd5e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5408
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9052 12 KB
12 KB 154ms
46ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F4b5293f5-1008-4cf1-b227-acd27a43c130%2F30_10166306_7396_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=4CDyFLvHeNmz4t7bdCYA0yD8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dddec1e2ed2ac989b3fcd5e9b156dff7a5f849b980ab40df38e46db33a9d75e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12300
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9052 25 KB
25 KB 142ms
34ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F798a960f-03e5-42d1-9974-c9673b7d6407%2F30_10208015_7010_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=0GY-BcUlFKLIbB9vMWdi9tEO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f31cd2252d9a2674fa47fa5b3825f7719cf31ea35d372db7a45519b3e2e1e8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25316
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9052 17 KB
18 KB 150ms
42ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F85fafec4-8620-404e-93ec-0bf3ce39b389%2F30_10214069_M012_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=2_EBsC5K5I4UNZ9daaKW3XBG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

944301daf60d9a68271eb3327976eb27df87ecf84ab934ef3a8a178a69f39780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17694
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9052 10 KB
11 KB 33ms
33ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=20389&q=80&r=0&u=https%3A%2F%2Fcontentstore.triumph.com%2Ftransform%2F051e4e00-43a3-4a5d-8a5b-db728c451f11%2F30_10166830_7311_1.jpg%3Fio%3Dtransform%3Afill%2Cwidth%3A1364%2Cheight%3A1478%26format%3Djpg&v=3&w=800&s=YZrOEj8_AI-XVl1pChtQt-zO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0858667c7d10750daa25f7b57cfceed3c33eb1efd797427aa4af97f609f77e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10552
expires: Wed, 22 Feb 2023 20:52:55 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9052 0
127 B 131ms
21ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=6YTu-fyi0qLyH8urHzrVcRQv0OxWIL4d4J7RNnSzBpWkND2LbizKG0OskaYwlXU4uwf_7vtBkOQ7H_ThrmK4NmUdatNwUFTmer8t-g8nNHrjJQChGwS7PVIjqjnlR079g5ymGYmuGwTwTNAqT7Xnc_N6iqzDTortqT3tqko8dCJ7RImX7ldrptZSdZxeuqSA4VxBgVxJUi9gZ3WOsivtSt0HeQfnowKjCmmj8mFipdRkFMtnNpXMXtyW60STu1jSxv_NaQ&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 20:52:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9052 2 KB
1 KB 96ms
95ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9052 2 KB
1 KB 96ms
95ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 index.html Show response
cdn.revjet.com/s3/csp/1665783310556/ Frame 3EC8 2 KB
983 B 9ms
8ms XHR
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1665783310556/index.html
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A7) /
Resource Hash: 8e04cf1bfe80be56a64fe2cf452983c8e3e42edc751fb6e529c3534a9775cb0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: y3R5W_rfl2rDu5iBZhG1c8IskTNOlJYw
age: 1255
x-amz-request-id: XPYHWMWW285YSN6E
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 760
x-amz-id-2: B8u4VL+qQZcyqUaSyaSRxzBS4Hxod+0IwWtPK6QeNQDfb1/9YeEunZZIcfsUsRE/xg8Nuo2dH9M=
last-modified: Fri, 14 Oct 2022 21:35:13 GMT
server: ECS (frb/67A7)
etag: "04760f53bb9e6c8ae2910f577549c5b7+gzip"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 style.css
cdn.revjet.com/s3/csp/1672762103028/ Frame FCF8 3 KB
1 KB 35ms
7ms Stylesheet
text/css 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1672762103028/style.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: 7100827efb759fc7186f94cad7b8c38daccffef8508b0dc41b5197278080211c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: JgApEdyZunUDTnBxnom9AsYBCxSoo3tU
age: 2853
x-amz-request-id: X49K506B8FZWFN09
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1016
x-amz-id-2: CPVdVRM9TjKeq8yfw1Gy/QUr9VEL95dstln1DVn/wieDkC+HjovCpVIRZEAJwd31N7gPBVCXwRk=
last-modified: Tue, 03 Jan 2023 16:08:25 GMT
server: ECS (frb/67D5)
etag: "7088a4b61f10a0830e1a10a7cee78777+gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FCF8 2 KB
425 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 19:06:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FCF8 113 KB
38 KB 86ms
15ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 code.js Show response
cdn.revjet.com/s3/csp/1672762103028/ Frame FCF8 6 KB
2 KB 35ms
8ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1672762103028/code.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 85259e59108df9ec5884e407e62be15a1bfd488647d65886d402b94e09c24322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: jUaqHky6PLJFB.NYyFxZ0dlw9ETfOelG
age: 2852
x-amz-request-id: X49QF3CTH1FC9MMV
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1560
x-amz-id-2: TQ9SAa43o+BfoP+LJEtqsI2RQhqCYnAwQbGsFsDvHF0v/RQkWdDUUXuZh2WvS9KIMQn7utUTxdQ=
last-modified: Tue, 03 Jan 2023 16:08:25 GMT
server: ECS (frb/6795)
etag: "5f7dda41884d6edee43cd71042171450+gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 9052 16 KB
17 KB 101ms
50ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Feb 2024 20:52:55 GMT

GET
H2 200 style.css
cdn.revjet.com/s3/csp/1665783310556/ Frame DFFF 2 KB
921 B 19ms
18ms Stylesheet
text/css 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1665783310556/style.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: 4aff862dfdc8de4b47f2ad5c11f2bf12dfda785352962a68c0bf1a00f305af0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: Ug7CIDt78R3_m0xB6lrdbLQpf82xUzWg
age: 1253
x-amz-request-id: SB001361JK7YGN2J
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 712
x-amz-id-2: taULd3+jgdRyi+pKPX62pTxoUS8akX1YlnXvrSBbMpXbAhITIKzFhkysQDzlLm9nbE+96Vlj3Os=
last-modified: Fri, 14 Oct 2022 21:35:13 GMT
server: ECS (frb/67D5)
etag: "48826b677604883fdb04a0eeefe92852+gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DFFF 2 KB
425 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 19:06:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DFFF 113 KB
38 KB 68ms
31ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 code.js Show response
cdn.revjet.com/s3/csp/1665783310556/ Frame DFFF 4 KB
1 KB 19ms
18ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1665783310556/code.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 36a4f506b815b88234d9018f61d3c434f9da14d9d915212a5913652fd6b93f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: wD8Re.c_V6o5rWVM1Hsx5CVuI92blKrG
age: 1253
x-amz-request-id: SB04FPM0S7W2CDHV
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1078
x-amz-id-2: BsHzVYySrMRuH//BBxmW+pzlm2uJptQsRpA6syj3ocZzFM6FvepxQwBgr1Asob7odRRLguf4rqc=
last-modified: Fri, 14 Oct 2022 21:35:13 GMT
server: ECS (frb/67C0)
etag: "da7c7537e8fbe716d921eca345cb477d+gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 shine.png
cdn.revjet.com/s3/csp/1672762103028/ Frame FCF8 1 KB
1 KB 13ms
7ms Image
image/png 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1672762103028/shine.png
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1672762103028/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 3442ea704af026f68a75abf7aced41c1f782736789bc5ac2f0c86a8a422b9d46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.revjet.com/s3/csp/1672762103028/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
x-amz-version-id: MY9vhxvwoxTlyEFvNg2XPgy4x_pa4PeJ
age: 2851
x-amz-request-id: HMFBF6JH9NMDTVVC
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1127
x-amz-id-2: 0z+uz4/NZE7sTXxxACWcMHQvugh7aOw02tFQi4MZ1zjBqB+a5A9/pLGHj+FlHWVIW+mO9Yx2GNk=
last-modified: Tue, 03 Jan 2023 16:08:25 GMT
server: ECS (frb/668C)
etag: "0d595d65dcbf04768416a23c3dd4d0c5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 logo_black.svg
cdn.revjet.com/s3/csp/1672762103028/ Frame FCF8 5 KB
2 KB 14ms
8ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1672762103028/logo_black.svg
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1672762103028/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 6a0ef8e3c15e120cfff7ae0a828954789b81c8df91b81dbfe11e6384ccac77d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.revjet.com/s3/csp/1672762103028/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: Ot2TgWjstjr8QpyEpaXRZ4sBvX9ccK4F
age: 2851
x-amz-request-id: HMF100SN2SN2KZ0S
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1881
x-amz-id-2: OuI2dqL1Eon9jqddLw2XODPNr2KbZwylNeTkjaoVjmzz+bzsvemt3H275AiZnt9H4fynLNt3JTI=
last-modified: Tue, 03 Jan 2023 16:08:25 GMT
server: ECS (frb/67BA)
etag: "56655938d8998f5b87b0190af4c0aebd+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame FCF8 23 KB
23 KB 36ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:49:32 GMT
x-content-type-options: nosniff
age: 468203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 10:49:32 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame FCF8 23 KB
23 KB 51ms
23ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 22:41:28 GMT
x-content-type-options: nosniff
age: 511887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 22:41:28 GMT

GET
H2 200 elements-2.9.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 991A 155 KB
46 KB 8ms
7ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: aeb715220f53a8eec05907640a9801a27014227fb76422799999d290628f47d3

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 06:10:30 GMT
server: ECS (frb/673A)
age: 55
etag: "6385a256-26a1f+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 47507
expires: Wed, 22 Feb 2023 21:02:55 GMT

GET
H2 200 999
pix.lendingtree.com/interaction/ Frame 991A 43 B
324 B 93ms
92ms Image
image/gif 2600:9000:206f:4800:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/999?__ads=272a9f54ec374b4ccd4758db78a39a58&__adt=8756687025739729707&__ade=1&vid=5064324197088922362
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:55 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: FMCilcgsvb-1gP5F_vZmnuA_wrZgzhVqrBLprknekRhec-LY8JcXQA==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 logo.gif
cdn.revjet.com/s3/csp/1665783310556/ Frame DFFF 96 KB
96 KB 8ms
7ms Image
image/gif 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1665783310556/logo.gif
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1665783310556/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: ed54faa52d71caeb6b1e54fe52d8025a791bf859b969b963df274b848b25e944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.revjet.com/s3/csp/1665783310556/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
x-amz-version-id: i9Z63PlK815dsEjXFK5l2JrQrDRWxr83
age: 1253
x-amz-request-id: SB0FT0W9SVDVS5JB
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 97945
x-amz-id-2: nL0yKtrNh17vL+qtwu5RaSC0MG6SjsE5W5zzfX35hEHLyI8u9aPg80dXKJzHxt8nerMxawCMNGw=
last-modified: Fri, 14 Oct 2022 21:35:13 GMT
server: ECS (frb/668C)
etag: "24933cf8333ef709c63db5e6049cfea1"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame DFFF 23 KB
23 KB 30ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:49:32 GMT
x-content-type-options: nosniff
age: 468203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 10:49:32 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame DFFF 23 KB
23 KB 36ms
29ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 22:41:28 GMT
x-content-type-options: nosniff
age: 511887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 22:41:28 GMT

GET
H/1.1 200
OK img2.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 753 KB
753 KB 194ms
194ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img2.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7ec9fc22ddb84c0181ceaef9eae3cf216dec35ae5137b03fca894e054458ebfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:56 GMT
Last-Modified: Tue, 10 May 2022 06:30:25 GMT
Server: AmazonS3
x-amz-request-id: 137PWK3RG026J039
ETag: "c28cc08dc1c881a4ac3c03477657e3bf"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 771064
x-amz-id-2: LnsTRzY44r1MVnGX18x4jUMvatojA29rrYz0o39dJgBggN80n7dKdZ4Nq8caQuKg8Fa+Nnt4mTc=

GET
H2 200 index.html Show response
cdn.revjet.com/s3/csp/1672762103028/ Frame 991A 2 KB
946 B 8ms
8ms XHR
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1672762103028/index.html
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.9.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: 1bfc8216aeb3449c827b8d8e94066a7cca4d240b749a90478b5bd6a38fe03296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: b0J8jLvBPdrQ4qwWm_nlG.FqkO.sFukS
age: 2873
x-amz-request-id: HHGY8RAS16V2FPHV
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 867
x-amz-id-2: lciG67RxUN0zOw5z3JrMQ1kY9TrB60w/XLl935wQD4N3+I0R7CVEoSdIwTyIN6lOMaYdyv6SkUw=
last-modified: Tue, 03 Jan 2023 16:08:25 GMT
server: ECS (frb/6713)
etag: "d04c206a5810c248919bd1d3888a6032+gzip"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 style.css
cdn.revjet.com/s3/csp/1672762103028/ Frame 24BA 3 KB
1 KB 10ms
8ms Stylesheet
text/css 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1672762103028/style.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: 7100827efb759fc7186f94cad7b8c38daccffef8508b0dc41b5197278080211c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: JgApEdyZunUDTnBxnom9AsYBCxSoo3tU
age: 2853
x-amz-request-id: X49K506B8FZWFN09
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1016
x-amz-id-2: CPVdVRM9TjKeq8yfw1Gy/QUr9VEL95dstln1DVn/wieDkC+HjovCpVIRZEAJwd31N7gPBVCXwRk=
last-modified: Tue, 03 Jan 2023 16:08:25 GMT
server: ECS (frb/67D5)
etag: "7088a4b61f10a0830e1a10a7cee78777+gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 24BA 2 KB
425 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 19:12:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 24BA 113 KB
38 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 20:52:55 GMT

GET
H2 200 code.js Show response
cdn.revjet.com/s3/csp/1672762103028/ Frame 24BA 6 KB
2 KB 10ms
9ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/csp/1672762103028/code.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 85259e59108df9ec5884e407e62be15a1bfd488647d65886d402b94e09c24322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: jUaqHky6PLJFB.NYyFxZ0dlw9ETfOelG
age: 2852
x-amz-request-id: X49QF3CTH1FC9MMV
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1560
x-amz-id-2: TQ9SAa43o+BfoP+LJEtqsI2RQhqCYnAwQbGsFsDvHF0v/RQkWdDUUXuZh2WvS9KIMQn7utUTxdQ=
last-modified: Tue, 03 Jan 2023 16:08:25 GMT
server: ECS (frb/6795)
etag: "5f7dda41884d6edee43cd71042171450+gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 shine.png
cdn.revjet.com/s3/csp/1672762103028/ Frame 24BA 1 KB
1 KB 11ms
9ms Image
image/png 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1672762103028/shine.png
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1672762103028/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 3442ea704af026f68a75abf7aced41c1f782736789bc5ac2f0c86a8a422b9d46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.revjet.com/s3/csp/1672762103028/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
x-amz-version-id: MY9vhxvwoxTlyEFvNg2XPgy4x_pa4PeJ
age: 2851
x-amz-request-id: HMFBF6JH9NMDTVVC
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1127
x-amz-id-2: 0z+uz4/NZE7sTXxxACWcMHQvugh7aOw02tFQi4MZ1zjBqB+a5A9/pLGHj+FlHWVIW+mO9Yx2GNk=
last-modified: Tue, 03 Jan 2023 16:08:25 GMT
server: ECS (frb/668C)
etag: "0d595d65dcbf04768416a23c3dd4d0c5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 logo_black.svg
cdn.revjet.com/s3/csp/1672762103028/ Frame 24BA 5 KB
2 KB 9ms
8ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1672762103028/logo_black.svg
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1672762103028/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 6a0ef8e3c15e120cfff7ae0a828954789b81c8df91b81dbfe11e6384ccac77d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.revjet.com/s3/csp/1672762103028/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:52:55 GMT
content-encoding: gzip
x-amz-version-id: Ot2TgWjstjr8QpyEpaXRZ4sBvX9ccK4F
age: 2851
x-amz-request-id: HMF100SN2SN2KZ0S
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1881
x-amz-id-2: OuI2dqL1Eon9jqddLw2XODPNr2KbZwylNeTkjaoVjmzz+bzsvemt3H275AiZnt9H4fynLNt3JTI=
last-modified: Tue, 03 Jan 2023 16:08:25 GMT
server: ECS (frb/67BA)
etag: "56655938d8998f5b87b0190af4c0aebd+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 22 Feb 2023 21:52:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 24BA 23 KB
23 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:49:32 GMT
x-content-type-options: nosniff
age: 468203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 10:49:32 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 24BA 23 KB
23 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 22:41:28 GMT
x-content-type-options: nosniff
age: 511887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 22:41:28 GMT

GET
H/1.1 200
OK slide5.css Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 359 B
714 B 108ms
107ms XHR
text/css 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide5.css?
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0ff29a68e077e8c1d097cbd97eb275209a3386c38fe8b952f8c0678ba52680e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:56 GMT
Last-Modified: Tue, 10 May 2022 06:30:30 GMT
Server: AmazonS3
x-amz-request-id: 137JQ2B32SN5XPVY
ETag: "b1db0e333d6d2d9656d8eba9c1f122f4"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 359
x-amz-id-2: 7jZyipvxCmUGW22c3ISQdfr9NL1SekFHk4kpJkyDxu+vQVLPln4vgOt86bSa1rHdCSOZh8gAoqY=

GET
H/1.1 200
OK slide5.js Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 164ms
163ms Script
application/x-javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide5.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d31e77ba1dee021c734d0d22c96b646d0c9f0ee3341aa354d141ac4aea528c7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:56 GMT
Last-Modified: Tue, 10 May 2022 06:30:31 GMT
Server: AmazonS3
x-amz-request-id: 137YDAKY6X1KA3SD
ETag: "8d0807b47aa9f11f25ec83fd09ce924c"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1212
x-amz-id-2: icDJ9rasgFv6ueFkN1rwTEtQss+2a/DM/D2HvWYqn0yXDUHLfEtEwiIBw5UEVRrnWTtFVPZNJg4=

GET
H/1.1 200
OK img2.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 753 KB
753 KB 107ms
107ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img2.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7ec9fc22ddb84c0181ceaef9eae3cf216dec35ae5137b03fca894e054458ebfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:56 GMT
Last-Modified: Tue, 10 May 2022 06:30:25 GMT
Server: AmazonS3
x-amz-request-id: 137YFME30WJG21MS
ETag: "c28cc08dc1c881a4ac3c03477657e3bf"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 771064
x-amz-id-2: +sVYCsExJQSgHmAmpjEaSDrqaWATLsNZucSZoo7xf8C1KhBwOsvxGAaU+TNdSRazV14XGFCH+WA=

GET
H2 200 1004
pix.lendingtree.com/interaction/ Frame B889 43 B
323 B 93ms
93ms Image
image/gif 2600:9000:206f:4800:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/1004?__ads=272a9f54ec374b4ccd4758db78a39a58&__adt=8756686886013708788&__ade=1&vid=5064324197088922362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:55 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: QVhPi6ob5ogOFTqLOAYCp-n35MQrUGoQts0o2VSazZDXR8c3iLt4oA==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H/1.1 200
OK img2.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 753 KB
753 KB 117ms
117ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img2.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7ec9fc22ddb84c0181ceaef9eae3cf216dec35ae5137b03fca894e054458ebfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:56 GMT
Last-Modified: Tue, 10 May 2022 06:30:25 GMT
Server: AmazonS3
x-amz-request-id: 137JQHX5DRW9XBG1
ETag: "c28cc08dc1c881a4ac3c03477657e3bf"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 771064
x-amz-id-2: kCxqGg9o+NrjUY958z5xPp2Xo/6z+nAXuZlasx7p7GcElkdQtzocPJUwe0WUh8uZyVo2I6vxn4g=

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 316C 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6jlrLb_40TYtGm_5hRLoIIaZ36XMasbSPmkf1ofkP7_Z5wAwUyh_KmsZrPACyRxJSQY3WVn6RECoKFwQSDxYvGD4&sig=Cg0ArKJSzHlkU_xD28TbEAE&id=lidar2&mcvt=1029&p=0,0,124,1005&mtos=151,799,1029,1143,1175&tos=151,648,230,114,32&v=20230221&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677099174530&rpt=258&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1004
pix.lendingtree.com/interaction/ Frame 3EC8 43 B
324 B 123ms
123ms Image
image/gif 2600:9000:206f:4800:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/1004?__ads=272a9f54ec374b4ccd4758db78a39a58&__adt=8756687348248885019&__ade=1&vid=5064324197088922362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:56 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: avCsoBsDUuxq-dpGqfWJxvWcdhoHHynrAR7YvXmwTYzYHcz2zE0zsQ==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H/1.1 200
OK slide6.css Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 604 B
959 B 119ms
118ms XHR
text/css 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide6.css?
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 676d885ad1c7e8512356df45550cf6158f81388b97d67b941c4dfba41a59d8fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:31 GMT
Server: AmazonS3
x-amz-request-id: 6GPCBJTJKB72NAVF
ETag: "112468311a4979e39241c4f07f2d5e45"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 604
x-amz-id-2: 3930XTC1KEUIGKYgshDR9BbPpkcPVOQceJMJlH42iPYHeWSEs1WaKSzEOKZXZze6bMbYElNEOgQ=

GET
H/1.1 200
OK slide6.js Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 2 KB
3 KB 106ms
106ms Script
application/x-javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide6.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f37117f03e1cddd2d6f1de1a733b30557e228d155cadfe7feabe40f13454d3a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:31 GMT
Server: AmazonS3
x-amz-request-id: 6GP36PJRTSR6ME7R
ETag: "b4e83c4bf2421112278b87570a70f40c"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 2342
x-amz-id-2: x+vXviZ4hkbJGIcGAGS2OYmTtLW46mDL5TJWT2DG54xQj6LIjqgou+LX1ca1I1orVNjgSUGqGjo=

POST
H2 200 all
csm.eu.criteo.net/ Frame 9052 0
127 B 22ms
20ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 20:52:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H/1.1 200
OK fnt7.woff
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 65 KB
65 KB 134ms
134ms Font
application/octet-stream 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/fnt7.woff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0af43e3114e192ebd2ce6163aaa6d0fc61aab746e7ac897f7d01c2c084842b64

Request headers

Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
Origin: https://s3.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:23 GMT
Server: AmazonS3
x-amz-request-id: 6GP1QTM60VRS8Z9Y
ETag: "34a7aaf52dd9ed3de0a22faf2af6d93a"
Content-Type: text/plain
Accept-Ranges: bytes
Content-Length: 66440
x-amz-id-2: H8NUWbsPh8l7D7c0F3VbYg+5wAwH2bXqNImRSc7piq1rj+gfLqaFQrlmTSQd+8iT/rW8v846iBs=

GET
H/1.1 200
OK img3.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 19 KB
20 KB 107ms
107ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img3.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00817dc1d1b0a7550277b8c0ab7ca832a270d642b009cca647ce5f23eadf2560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:26 GMT
Server: AmazonS3
x-amz-request-id: 6GP85VT5EFZVV05G
ETag: "88b9332fa9ef1b3c4afc22edf6934864"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19740
x-amz-id-2: oxo/tkNkNIQrv8OhuZn8ZQnQ1pZmTW70vDF2S2rxvUihQlghQ0qfadqqy3xVqRMhtiuxv7Rqxzs=

GET
H2 200 1004
pix.lendingtree.com/interaction/ Frame 991A 43 B
324 B 124ms
122ms Image
image/gif 2600:9000:206f:4800:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/1004?__ads=272a9f54ec374b4ccd4758db78a39a58&__adt=8756687025739729707&__ade=1&vid=5064324197088922362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:56 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: k4t3R6QFYMXNXVOJcIjo3qhR-cLUXtdtcwtWsRfjtUY4WvwMN5axtQ==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20B7 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4CoJH0wbpSly5rzPpB8fiXRm-lnmsDy6bOBgoBjA_nMZ7tIBMFw2WHc4MuXJFUye_Hc4pxxvw8u26bYdb0cY3aUR06jDd8NLw24QBbjDHESgTe70fYUykipeRjgwIi7Ny8_MLng&sai=AMfl-YQ71Hek4g81pv_iUC3x35LK2cZCqagd8aau1FylN0R9oRr32FL-kVl9-72Brbbt-JIYykFzkj-yRwXo&sig=Cg0ArKJSzP1cGorGoPCFEAE&cid=CAQSGwDUE5ym5YUgbW_T7H3o_QHybQvrW7IrFsMA3RgB&id=lidar2&mcvt=1025&p=1,0,197.40625,750&mtos=0,1025,1025,1025,1025&tos=0,1025,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2328504725&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677099174309&rpt=1041&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.lendingtree.com/interaction/ Frame 3EC8 43 B
325 B 94ms
93ms Image
image/gif 2600:9000:206f:4800:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/900?__ads=272a9f54ec374b4ccd4758db78a39a58&vid=5064324197088922362&__adt=8756687348248885019&__ade=1&latent=0&vis_type=8&__stamp=1677099176386
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:56 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: vynZ67f54w4mVABBcVfsKyCX4IqHQrHPQxbFgqNmLa-PIwTINtS4-g==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0508 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS8qPeYf3EJmYbaKmabjI-TkkXuvgxkVdhj2aSM_xK4zXzbyDjQrm7GtTW5TyMw87FAhHlKxufiU4vEegGCAm1P4CVtGrIZAdZBH94TifNIObxMojbN9L07T9ckrVxpAtIMC2NMA&sai=AMfl-YT-e06tRd4Byf5o646BwkL4g6lbBSHrCc7DYTpe4MeiqlPukkc5ubYY7fvmGQDMz6SyI3w0njMdezqa&sig=Cg0ArKJSzMhh-d2P1kDDEAE&cid=CAQSGwDUE5ymdFZxYxV21GpxRDhqkHgktuLScfaLkhgB&id=lidar2&mcvt=1017&p=1,0,197.40625,750&mtos=0,1017,1017,1017,1017&tos=0,1017,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=368384325&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677099174629&rpt=771&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.lendingtree.com/interaction/ Frame 991A 43 B
324 B 121ms
121ms Image
image/gif 2600:9000:206f:4800:0:a73e:a3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.lendingtree.com/interaction/900?__ads=272a9f54ec374b4ccd4758db78a39a58&vid=5064324197088922362&__adt=8756687025739729707&__ade=1&latent=0&vis_type=8&__stamp=1677099176436
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:0:a73e:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:52:56 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: yp7hkYbLJaESWz0L7itMqXJRV6FE-56AB2UPJh2e0w_UfD2I5I8WIA==
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H/1.1 200
OK img3.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 19 KB
20 KB 105ms
105ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img3.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00817dc1d1b0a7550277b8c0ab7ca832a270d642b009cca647ce5f23eadf2560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:26 GMT
Server: AmazonS3
x-amz-request-id: 6GP1XYM3PE9852C1
ETag: "88b9332fa9ef1b3c4afc22edf6934864"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19740
x-amz-id-2: rizIVb15kgCPsZ0k84nh24Lig5NFSPRJXdtfrNo9F5QV+A41YIsfv8vIIeFfCHjpT4JaTG/kQDg=

GET
H/1.1 200
OK slide7.css Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 492 B
847 B 176ms
175ms XHR
text/css 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide7.css?
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b3ceaf9452c3c550b320c42a2496a53ffae112ac881aeeb72b42d10365658dac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:32 GMT
Server: AmazonS3
x-amz-request-id: 6GP81C8949MZB0KR
ETag: "67d46e9641659af3db9f1305f3c57a16"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 492
x-amz-id-2: llQGJcKYUIkWzvjbT92Z159g0cEBpk3GOJNgWPEHuvBeaoSQ6EzdW+1D5r3j6kAjc2CXmtY+Ptk=

GET
H/1.1 200
OK slide7.js Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 2 KB
3 KB 110ms
109ms Script
application/x-javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide7.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 75aed6220a5e369f7e78759de0826184908ecd933542623f1745baf1d27992c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:32 GMT
Server: AmazonS3
x-amz-request-id: 6GP32C3RPKJ8CZM6
ETag: "37f463e3fe0fb408f8129f8a4444e13f"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 2363
x-amz-id-2: gXMO+Auz2Gbz2kX7cwpYLgBzqvsg26fJzlv0e2I7v1zhMVf84bMxy35EKY16NjmfIbIX9XMtjV0=

GET
H/1.1 200
OK img0.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 123ms
123ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img0.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: debf337306f26a7e698ff4bda0a12bbd0488625a81811373a9282bc721a54fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:10 GMT
Server: AmazonS3
x-amz-request-id: 6GPAY3M3X9ZACSBW
ETag: "f26bf3fcaec1ce004cd6859d9eb757a3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1449
x-amz-id-2: oN2oJwiSJmQ4MnJacAYldRLIhzzZnSE3Qf194a+YNn7l6RfSmp7Z9wwqMC26a3FEhdPpItNdtqM=

GET
H/1.1 200
OK img4.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 27 KB
27 KB 110ms
109ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img4.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c0b924ed9d964648add98e6dfc2ac84a63b030fb1fc77f9aca2203a6be97ff67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:26 GMT
Server: AmazonS3
x-amz-request-id: 6GP5BSX86MJZ8GKK
ETag: "5da69467c49aa876f6298010195b4787"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 27523
x-amz-id-2: lAUBPGt2WKuYtvhzCJSw8pc0k7wDGIjXjIKpSTPR0Wi99LBH2ocdsmD1/p/GBPU35goLik4EnTA=

GET
H/1.1 200
OK img5.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 25 KB
25 KB 119ms
118ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img5.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b852fee42582ded0b04f3e70b21af64389d4c7c6bb6f7eec68d7a9094ac1446b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:26 GMT
Server: AmazonS3
x-amz-request-id: 6GPFSCVMNRN63QEQ
ETag: "05ca9c6a3a6c5e87203a2ac0dde339d0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 25198
x-amz-id-2: qUN1aof6VGAUxUjJl2L71Phe4F0XNZz7AQL1mgcDxXjY41ctaWpb8EKLEWZH7qHFveJQsMVYpYQ=

GET
H/1.1 200
OK img6.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 21 KB
21 KB 111ms
110ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img6.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 08ab54caf2db0ede1a207ce23b1727a203c53c64e2af8d045f29d8430ab5e916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:27 GMT
Server: AmazonS3
x-amz-request-id: 6GP8V6C7SW67RHZH
ETag: "bfecf43321728f16a3269769d7bd9427"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 21013
x-amz-id-2: Aam5v+2wQLVZ7MZUb8XxAVTCQNgnhae8g8r3LavF8AMtJVy474N1q1dHoEdCyH58WYX0nqipyCQ=

GET
H/1.1 200
OK img7.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 27 KB
28 KB 113ms
112ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img7.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 939126eab7df98901364b085854c2900413eac1c6565d1a934a9a52ed9c461ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:27 GMT
Server: AmazonS3
x-amz-request-id: 6GPD6H7V63ZEVF7E
ETag: "3ce61a17f505a11d1b84a0ac87ed01cb"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 28115
x-amz-id-2: s/vaC46KundxCG5rSe1+usz6P98dTKvqgmG4SUCd/NoJYDxt+nQVRrJKpNd+z3grQlwIHxQH8z8=

GET
H/1.1 200
OK img8.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 27 KB
27 KB 108ms
108ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img8.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8e2213f5afa37e19dacda0d7dc20c79aa168eb53b1c736b86d3ab6c290c0452c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:57 GMT
Last-Modified: Tue, 10 May 2022 06:30:27 GMT
Server: AmazonS3
x-amz-request-id: 6GPA06VJGG11PXC8
ETag: "494b8c91eb7253e88fa4f40fa02caaf5"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 27727
x-amz-id-2: n0LHpUHdAl0EJc+sCgbdhNj2Pkq1/Zq2B3ARPB/hEBZOp8i925aSDfhKAWbAhvCLGOAB1iUjCkU=

GET
H/1.1 200
OK img4.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 27 KB
27 KB 441ms
440ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img4.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c0b924ed9d964648add98e6dfc2ac84a63b030fb1fc77f9aca2203a6be97ff67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:26 GMT
Server: AmazonS3
x-amz-request-id: 9VQ3MRQFHJ7MH3FR
ETag: "5da69467c49aa876f6298010195b4787"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 27523
x-amz-id-2: MTZZkBa1bnHDTl5zCkpa6adqOWDcBmTC3rgfrOltPJ3SCUMh/7ssJPwo3x/o848MgF0+lPq+TOY=

GET
H/1.1 200
OK img5.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 25 KB
25 KB 112ms
110ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img5.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b852fee42582ded0b04f3e70b21af64389d4c7c6bb6f7eec68d7a9094ac1446b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:26 GMT
Server: AmazonS3
x-amz-request-id: 9VQ3P9BESFAH5TP3
ETag: "05ca9c6a3a6c5e87203a2ac0dde339d0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 25198
x-amz-id-2: vNJnuixe90CcIGoy4UTyz3g3+Xm0FGAfOwIe60nOFoRnjANx5UPWd91fT6m6TNWRi4N0O7UIjwM=

GET
H/1.1 200
OK img6.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 21 KB
21 KB 106ms
105ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img6.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 08ab54caf2db0ede1a207ce23b1727a203c53c64e2af8d045f29d8430ab5e916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:27 GMT
Server: AmazonS3
x-amz-request-id: 9VQFR6NP2GXHB4R9
ETag: "bfecf43321728f16a3269769d7bd9427"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 21013
x-amz-id-2: AgKbODcZpq7VzMISjz31cGIOoZH6myAihfL/Xc1kfrtFOoLiny+sLmY1ItA2GWUMuiTgl2iFJ3E=

GET
H/1.1 200
OK img7.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 27 KB
28 KB 108ms
107ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img7.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 939126eab7df98901364b085854c2900413eac1c6565d1a934a9a52ed9c461ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:27 GMT
Server: AmazonS3
x-amz-request-id: 9VQF5WYBFY09PAZX
ETag: "3ce61a17f505a11d1b84a0ac87ed01cb"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 28115
x-amz-id-2: BiTXfA0ADFstvHr+bWFIT2jCOMV2Ea/8GoAJxnXU92cIGB633pyWJqWO4pHggcYtAHRNehHrzno=

GET
H/1.1 200
OK img8.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 27 KB
27 KB 113ms
112ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img8.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8e2213f5afa37e19dacda0d7dc20c79aa168eb53b1c736b86d3ab6c290c0452c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:27 GMT
Server: AmazonS3
x-amz-request-id: 9VQ4KS3JB1QD4ZZR
ETag: "494b8c91eb7253e88fa4f40fa02caaf5"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 27727
x-amz-id-2: hWHZIOx5XcQD78GaL4L5yKRY7BynY5ZlWvvALAJOmR908ioYIxWMVd/GoE7Oy8ZRBtAYjp+gD2k=

GET
H/1.1 200
OK img0.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 108ms
108ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img0.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: debf337306f26a7e698ff4bda0a12bbd0488625a81811373a9282bc721a54fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:10 GMT
Server: AmazonS3
x-amz-request-id: 9VQ2W1GCWE5J0EDM
ETag: "f26bf3fcaec1ce004cd6859d9eb757a3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1449
x-amz-id-2: DNKsKzUV0qpqzvW4IpftGMtyIT+kb6yDVhXteZWJh0jxbTvmU5gvmHoAwLoZHY88Pgd/fiw9I9Y=

GET
H/1.1 200
OK slide8.css Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 49 B
403 B 103ms
103ms XHR
text/css 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide8.css?
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c347eaad12530f6a0606c735b35949a2646a6d6ac307c602eaf3453e029f8e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:32 GMT
Server: AmazonS3
x-amz-request-id: 9VQCARA10GXDGG5Y
ETag: "fe04295f06fe50c2174bcccb362060dd"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 49
x-amz-id-2: ES6MM2x0DO278dTcCbKkeREpLP3+9vCC9/YQ9T5cVhl1usLvO1Vc09bjXSv7TvDfC6eQ3J4Z3Ug=

GET
H/1.1 200
OK slide8.js Show response
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 104ms
103ms Script
application/x-javascript 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/slide8.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 68ee842ac6078c49ccc30a8b61a6fcd5a8a894aba936b6790b18352fe012d462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:32 GMT
Server: AmazonS3
x-amz-request-id: 9VQ49G2SZ64VY0QA
ETag: "bf21fb1a638f06d53ebf61bfa4e2b4c3"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1526
x-amz-id-2: paXi83xhKBw2vhVDwppWvejAe5oS7cWZktB3zyO4tCEoQyyhI4pFiEVFZSPuphTF18PayS9MFlc=

GET
H/1.1 200
OK img12.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 107ms
107ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img12.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1843d479e9383bfb13a958de0950a0c9d4af94022ae97a77dbd7100cef298d3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:25 GMT
Server: AmazonS3
x-amz-request-id: 9VQEE1A6AFP4WCXE
ETag: "64ff70e9ec5ce8964b13ec919cbbf04f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1449
x-amz-id-2: xO+9CrcV/nn1CStmXjiMFs1W2Vbu0tqufDA97HdR8kIj9n6255Hry6Utu6S2Toa7yolFOAtZ1JI=

GET
H/1.1 200
OK img9.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 18 KB
19 KB 112ms
110ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img9.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70810b94b3e499e6dbb196b24e8a493230c4a5c7b14a2eb2a43cbe448007b988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:27 GMT
Server: AmazonS3
x-amz-request-id: 9VQ117528WHEV0R0
ETag: "37edbd230587e06755c5254bd0551592"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 18701
x-amz-id-2: OkfYw1vrKAhmiWBM92135Pjm4/Cafy2tXfbvWbwymNsH1gYMwiEpDyvoAwEIQ2C13WtuCPal+Bk=

GET
H/1.1 200
OK img10.jpg
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 20 KB
21 KB 105ms
104ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img10.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 44f7556ee151c7c6c13e4b6ca312a706896eae2cbc911870c912ffc7820f9ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:24 GMT
Server: AmazonS3
x-amz-request-id: 9VQDK2EXKP1J3SJH
ETag: "18a4927f40f05146007f4239c9ddb953"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 20876
x-amz-id-2: 8GkDTUgPYJ1zj0Pz2CLtOVUpc6hNWXOR6b0P9T41vUWrAWLHrZ7lwsf0XLEcyeV9XlkqX/2TmLU=

GET
H/1.1 200
OK img11.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 85 KB
85 KB 140ms
139ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img11.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe69cd6ba3e6367812052f62be246e8ebe38fc075dfb820c8cf22212751af1a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:25 GMT
Server: AmazonS3
x-amz-request-id: 9VQ2ZSCQBN5HZ0R9
ETag: "d505f65f103c85ef64d7c3b4f3ca84e3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 86638
x-amz-id-2: vX1FTFztL0G9dilEqCNKj9VrX1ucDAKcc3Uu+E074hCo6+FItXoKSSVdo0sIyz7x7GcXpY15/90=

GET
H/1.1 200
OK img9.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 18 KB
19 KB 189ms
188ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img9.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70810b94b3e499e6dbb196b24e8a493230c4a5c7b14a2eb2a43cbe448007b988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:27 GMT
Server: AmazonS3
x-amz-request-id: 9VQ43KTPZVMNZ0Z6
ETag: "37edbd230587e06755c5254bd0551592"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 18701
x-amz-id-2: V/u4wlPxXpIIsKPsSt7kipqNoGSl+Ce8q735A+x5kB5STFX891A4PL9VouyqDbiwQ3ngXezviXM=

GET
H/1.1 200
OK img10.jpg
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 20 KB
21 KB 108ms
107ms Image
image/jpeg 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img10.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 44f7556ee151c7c6c13e4b6ca312a706896eae2cbc911870c912ffc7820f9ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:24 GMT
Server: AmazonS3
x-amz-request-id: 9VQFJKHJTQXKX1RZ
ETag: "18a4927f40f05146007f4239c9ddb953"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 20876
x-amz-id-2: UN3GwbgAE/GMMfNP9y5R9u+zf3nzRkjCV10fou0s6D1Mp73dps6tB15/grsSVDUUxkTIoq2mMeM=

GET
H/1.1 200
OK img11.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 85 KB
85 KB 152ms
151ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img11.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe69cd6ba3e6367812052f62be246e8ebe38fc075dfb820c8cf22212751af1a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:25 GMT
Server: AmazonS3
x-amz-request-id: 9VQ2SCQRY9FDMV1T
ETag: "d505f65f103c85ef64d7c3b4f3ca84e3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 86638
x-amz-id-2: T1eZcI3X6B3RThzJ0gwPBvD984nc7ED/WGLCZFXIedArFw7FYke2DCfatFhkbtJwMtWZyYvNze0=

GET
H/1.1 200
OK img12.png
s3.amazonaws.com/html5.powershow.com/9756233/data/ Frame A08E 1 KB
2 KB 130ms
130ms Image
image/png 52.217.89.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/img12.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/html5.powershow.com/9756233/data/player.js?160F4986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1843d479e9383bfb13a958de0950a0c9d4af94022ae97a77dbd7100cef298d3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/html5.powershow.com/9756233/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 20:52:58 GMT
Last-Modified: Tue, 10 May 2022 06:30:25 GMT
Server: AmazonS3
x-amz-request-id: 9VQ0YFS272B9D04C
ETag: "64ff70e9ec5ce8964b13ec919cbbf04f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1449
x-amz-id-2: kJkdXYRECYmUDmbT6z4GC+w0QCZ2Ppova8YMQK4gXCTNCFVp4FRMT7BP5NtZy1zPIP2ryXidWwo=

POST
H2 200 all
csm.eu.criteo.net/ Frame 9052 0
127 B 29ms
28ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 20:53:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.powershow.com/	1969-12-31 23:59:59	Name: PSSID Value: 9laq0dmim4mjfpi63b7kpm10n5
www.powershow.com/	1970-01-20 09:53:05	Name: LAST_URL Value: %2F
www.powershow.com/	1969-12-31 23:59:59	Name: VARNISH Value: :::REFERER:::::SS_USER_TYPE:::::REQ_URL::/themes/default/images/ps_header_ad.png
.powershow.com/	1970-01-20 19:27:39	Name: _ga Value: GA1.2.609918435.1677099173
.powershow.com/	1970-01-20 09:53:05	Name: _gid Value: GA1.2.1261990799.1677099173
.powershow.com/	1970-01-20 09:51:39	Name: _gat Value: 1
.powershow.com/	1970-01-20 19:13:15	Name: __gads Value: ID=4b32ebcb1c123c53-22d9f1c2f3dc00a1:T=1677099173:RT=1677099173:S=ALNI_MaCS4H7ZKZOyRDiz2YU52SOlpy8pA
.powershow.com/	1970-01-20 19:13:15	Name: __gpi Value: UID=00000bbaef2e16ea:T=1677099173:RT=1677099173:S=ALNI_MbJW_MG3ZwheOW-jCo9mHL6_jb95Q
.doubleclick.net/	1970-01-20 19:13:15	Name: IDE Value: AHWqTUnnO1HK7cTmUxHcx_h2VvNPXXz3HX1TI19a7ypCIhZxZDQbTWGNf-0DU3ys3Bc
.doubleclick.net/	1970-01-20 09:51:40	Name: test_cookie Value: CheckForPermission
.lendingtree.com/	1970-01-20 19:27:39	Name: trx Value: 5064324197088922362
.lendingtree.com/	1970-01-20 09:53:05	Name: ads Value: 272a9f54ec374b4ccd4758db78a39a58
.doubleclick.net/	1970-01-20 09:51:42	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline' https:; img-src 'self' 'unsafe-inline' data: http: https:; script-src-elem 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; connect-src https: http:; frame-src 'self' https:; object-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; report-uri /csp-violation-report-endpoint/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cat.fr.eu.criteo.com
cdn.revjet.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pix.lendingtree.com
revjet.lendingtree.com
rtb.fr.eu.criteo.com
s0.2mdn.net
s3.amazonaws.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.powershow.com
178.250.0.160
192.229.233.6
2600:9000:206f:4800:0:a73e:a3c0:93a1
2600:9000:211a:e400:a:83e6:9c80:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2004
2a00:1450:400d:804::200a
2a00:1450:400d:806::2002
2a00:1450:400d:806::200e
2a00:1450:400d:80a::2003
2a00:1450:400d:80e::2002
2a00:1450:4025:402::9d
2a02:2638:3::f
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:2638::b
52.217.89.158
64.251.10.90
00817dc1d1b0a7550277b8c0ab7ca832a270d642b009cca647ce5f23eadf2560
044931dbcd875995e1ccebe1bcdfc829df69cf6c13108ffeb87efd848c476b94
0858667c7d10750daa25f7b57cfceed3c33eb1efd797427aa4af97f609f77e17
08ab54caf2db0ede1a207ce23b1727a203c53c64e2af8d045f29d8430ab5e916
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af43e3114e192ebd2ce6163aaa6d0fc61aab746e7ac897f7d01c2c084842b64
0c37a091722b8a0adc25f3b897115743a6b4af2689d9ed96de04fa720ea28db8
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0ff29a68e077e8c1d097cbd97eb275209a3386c38fe8b952f8c0678ba52680e7
1022a89178d394bb0675fdd5509512db7a4b2c11acc4343c435f9d0e53600372
135731099f1056a941b2c1fc5280f206c2a0fda7dc83af01f3653d05044e8094
1433e6e22a225bacb8efed049c7cf4ee5ae31dfb320b8c37dca690fc2ebf9903
14a6e54499f062dc9f7ea8443b4854739686c2a37e8dd45fc5765024c41ce550
16e8a255cb129f072259f75404e28026ddec8ea224b9240c44e903d15e0aa903
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1843d479e9383bfb13a958de0950a0c9d4af94022ae97a77dbd7100cef298d3a
194f002ce71750d685c32fe75211cbbe22d3383e7bc3d0a323b76d278ab46b98
1a794b42e060e276153ff9eb331b8a59f09535a210ff699d8cce11f12ef7f37d
1bc71371bbde0615d2b3476ccdd6796428a222f9e3bd4b7e120ede894ed94c9b
1bfc8216aeb3449c827b8d8e94066a7cca4d240b749a90478b5bd6a38fe03296
1d71ad4d7d240bb7931338a28bcd50177029759d7cb81ca867c21e296818314a
1e5073d728a0ea932cbf828a5baffa653b3a296fb5438a822c7f3c3d9faa538b
24114e2447460c730b9b05e8f701451c6389e46a6359388700b4b1e35170ab1e
27ed1d8e2de14c8cef6c4d1b85587b812447529c00ca469bc59016b49e22b1ea
281d6fa15a0fd49f21872dc72e78c62f3059f67979a348408a473573a5c09821
289e3571354c79791ca355139d8cd0f933363b557789d1b4c00b7651621d651c
2e8974989ebd36d57aaeb68d12d16fd6da2055702b897db8582e300b5a881e7a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32e47626d1c555a8df7e1bb674fe936d47523ea6be51d7f57edd191ac80acdd2
333e739a3748b9c2174f5acde4f836f915d19f8939f761228c0d94c0f87e2b41
3442ea704af026f68a75abf7aced41c1f782736789bc5ac2f0c86a8a422b9d46
36a4f506b815b88234d9018f61d3c434f9da14d9d915212a5913652fd6b93f84
3dc5e6da166a97c0f13dc9e0db8729865d793abf04afba7494d1cad3cf01788b
3edf1cbc24d7398145e847d41480fcd2e2a6a173e8eca87f0017b1ea9044eb21
403673992e02a1adeb721266339c490efe71f81b03354a19e8b71b9a815e81ff
44f7556ee151c7c6c13e4b6ca312a706896eae2cbc911870c912ffc7820f9ab3
44fdd51296bc3a6d6d79b152aa66e57036d48e86e203689703f85ed239494401
4793ec8941849e37910a7c064ab83c35c103bae3ce8158688f2f9489fb1e6465
4aff862dfdc8de4b47f2ad5c11f2bf12dfda785352962a68c0bf1a00f305af0b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d93649fd78547738513bf871d8b225b69e3dc400b44c9728f161c540e0ef51c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e689184c283d3a147490721c28cf0cb73d3215ef46d479d958c0667f6551b33
52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565f9be2dfca7b5fe2ea6220fffda132a61fc2512e9eb47f0b4e05223836dbc9
576c5e7a7d6ed7b766160ac5fa4fbce22e2993d0f098c2747460227ed43473ec
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59c88ea0438111afc8677753ae9ce6eebad62366ec88cde50254fa9ca4dcdc07
5a099b60229cc40e7ad52de6cbeb389f0d78ecddbfb32fa001140a3750eb237d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
5f5df39abfd45b373b92f69c158c3e8bbd84b21db16ba3bd1dcf9261f8132c6a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622488f31b655814339d16d99ccc6431de342ed127bfd7ef630d962a9a8b4aa7
62388c1dc18724697f0d2157ad52287d5825554f96ee172002321f6ebd5955fd
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
676d885ad1c7e8512356df45550cf6158f81388b97d67b941c4dfba41a59d8fb
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
68ee842ac6078c49ccc30a8b61a6fcd5a8a894aba936b6790b18352fe012d462
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
6a0ef8e3c15e120cfff7ae0a828954789b81c8df91b81dbfe11e6384ccac77d3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70810b94b3e499e6dbb196b24e8a493230c4a5c7b14a2eb2a43cbe448007b988
7100827efb759fc7186f94cad7b8c38daccffef8508b0dc41b5197278080211c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7320f93bccff78e23fc818ddff917ed1923cc16fbd47d02c64bf845295639b93
75aed6220a5e369f7e78759de0826184908ecd933542623f1745baf1d27992c8
767a79ccc4c9a477abd909881faa1b0545a894942cce37733ffd4eda677c4200
797a126a37cce11496fc3a6c9c7e83afa4591a5688da36211bbdb40495887672
7ad9ceb3d74deffe2a278b7ab3a40ba3d272717a2dbc2675eb4de87231e36029
7b6ff64247294d1bc08c4d2a2c878ab753c15addb772f18b11edbb2ffe61ea34
7ec9fc22ddb84c0181ceaef9eae3cf216dec35ae5137b03fca894e054458ebfe
804cd2edee75cd44b5910874217407b0f6a46b3934b284816c7765558a2961f7
85259e59108df9ec5884e407e62be15a1bfd488647d65886d402b94e09c24322
85d4e365cfb0a4e315975eb037c97c315bdbd78e2960bcc1d6851a3fc30541e5
8652f1cc804793b2e5f2fd63d2ca1dd0b0630e7e8fb0d3bae6763ae07051ddfe
8a9b1950584ac1c7c40db5d31da63db3682604d3bf39cca3af7cb65d5e071bf7
8b6f9a5405a67491494ad2f3246686ca61d547d1e084b94f51d2e51475196ad7
8cacc4bcf65398d5c3f88cbb3045bebf1e152c1950aa6d801cd4984175c2a1c7
8e04cf1bfe80be56a64fe2cf452983c8e3e42edc751fb6e529c3534a9775cb0d
8e2213f5afa37e19dacda0d7dc20c79aa168eb53b1c736b86d3ab6c290c0452c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90b6855e9dea3b2c0445c2f2813388f0ae9528e8b52f6d6a2cbe15f638daebd1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
939126eab7df98901364b085854c2900413eac1c6565d1a934a9a52ed9c461ae
93ac90369f23f050a2e19e17ba352c5a3735d9fb555a4b45712c4b196c5a84b3
944301daf60d9a68271eb3327976eb27df87ecf84ab934ef3a8a178a69f39780
94442a4ababc8383188f8ccee1b16cda6368c98c03efdb4ca688fea9ca38dc3e
95d340135cafc29d7c7b7c6036c855d8d26145bc1bf0e2be69bdf1a7a17bd538
974bfd78b0bd10e9b3931b2021d4024480c403e8933ac04bf9bbd730aa5737c2
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aeb715220f53a8eec05907640a9801a27014227fb76422799999d290628f47d3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed0359ed1a012a4116ca8720ff2d8c6d17737dde7ad813469ec5e407e49ba5b
b3ceaf9452c3c550b320c42a2496a53ffae112ac881aeeb72b42d10365658dac
b7ad29f651d26dc639b406e76f692e79a647482e70a711a2df24cc8fe5b6664a
b852fee42582ded0b04f3e70b21af64389d4c7c6bb6f7eec68d7a9094ac1446b
b9efef8e374698f3cbc7eb1ed5ea36650261164020ad12cc8b33e52e63195671
ba46cf7b3a5af1dcda5d8011df744794b4b473a2e7012ac26ad2bc54bca59217
beb348572bb3f63557dd9d79fcba9f9e398ce6cb4bfb1790450891fb63b57487
c0b924ed9d964648add98e6dfc2ac84a63b030fb1fc77f9aca2203a6be97ff67
c2067494c2e4020bae938b3ed900cfff7c5f53a5ac53210e727a6e75e060465f
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c347eaad12530f6a0606c735b35949a2646a6d6ac307c602eaf3453e029f8e30
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5f1872a2759bf66c0bcc249291d3c9bbe57c54dd3191b226df0a23fd5168f64
ca3c9aa86dcd8c70b92692124d982d6d516592687d2193b27fe46b8041bcdc4f
ca447c406a9a0a2de864e4abe835a1a30c3b9a62dffc24769a5e48841afe6da6
caa7504c1b525e6e9a33620671ef3f56e2847aa0c838a5f6867f10dc226ce315
cc5fbc11576ed0d67a7ffbc4f1dda25bbaf97b6b7cc14dbc66445d43fac68e0d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf575e1e57f445ca19d3d6a09dd312b5d884ae64eaa16062e77ca768f2bb2f6f
d07f013da6e0dca0233422700e0c4bae4047e0f0ad6b9d5e4827020781dd5e13
d31e77ba1dee021c734d0d22c96b646d0c9f0ee3341aa354d141ac4aea528c7f
d528dad212c082170958772339c591eeea66aa9266efd2217d878d53ff7d01ef
d738fe8eea839a2b1a2ea229de259f24e5071d7638d6d1a3c37d1f7730bc5cbb
d761d4bf8029219d06546f80a75d0b56feb3454c0d89fd35fc89ef524c6ed63d
d919480b6a087d69981501970bde2405230f5c3ec1beb5d5e37ba878b59d6502
d9bfded4990787af3cf4e5ff579e38bd45997569727d4e0ba75707c8c7f5dbd0
dddec1e2ed2ac989b3fcd5e9b156dff7a5f849b980ab40df38e46db33a9d75e6
debf337306f26a7e698ff4bda0a12bbd0488625a81811373a9282bc721a54fbd
df92f3c45850a67cee93edafc465ea688e9730c6e755c54fb0c2d850912e605b
e07942cd290c68aa71ec0eec535a372fd37a87a34d745c40e30958bdbe97611a
e147dbd8198212a381b532e5c8dec6aa756843b5b56f61d7788b47f9e38c4386
e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35
e30fb9b62d720ca3505dd66e85aee733f18963c54fed77d39f4b85998faff08d
e3387197bcdf9654da28c3ec58f88676447c5fee5fc2978d52c19c2db1189baf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
ed54faa52d71caeb6b1e54fe52d8025a791bf859b969b963df274b848b25e944
ee9e2f6f9b5c99b328ca6e05c627c9b513679b5b6383ac1a18b4c6385da5f6d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31cd2252d9a2674fa47fa5b3825f7719cf31ea35d372db7a45519b3e2e1e8d3
f37117f03e1cddd2d6f1de1a733b30557e228d155cadfe7feabe40f13454d3a5
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6afa23af851c2514918004c5b0a4d70a89fb5d79f23005f846190d3d91b890b
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fa86f05478db870d2f391e48483de84eeb0858cf8c40d2e21e04ec7150ff237e
fc881f13aad05a2722621b482c74c9616f08e24d88649e11712e4d6393df88ea
fce698388d060e887036ad25cfbb24631fc8f7d2ac8c9b92b05a92e8276f1a03
fe69cd6ba3e6367812052f62be246e8ebe38fc075dfb820c8cf22212751af1a9
ffd9f1490ba6679eb88cbb0979a21b0513b801e93b156a2dfd8231ce6964eefc

www.powershow.com Open in urlscan Pro 64.251.10.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

254 Requests

100 %HTTPS

85 %IPv6

16 Domains

26 Subdomains

27 IPs

5 Countries

6958 kBTransfer

10119 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.powershow.com Open in urlscan Pro
64.251.10.90 Public Scan

Screenshot
Live screenshot

Full Image

254
Requests

100 %
HTTPS

85 %
IPv6

16
Domains

26
Subdomains

27
IPs

5
Countries

6958 kB
Transfer

10119 kB
Size

13
Cookies

254 HTTP transactions
6 data transactions