urlscan.io logo urlscan.io
SecurityTrails logo

techbullion.com Open in urlscan Pro
162.159.135.42  Public Scan

Go To Rescan Add Verdict Report
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Submission: On September 29 via manual from FR — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 14 countries across 95 domains to perform 577 HTTP transactions. The main IP is 162.159.135.42, located in and belongs to CLOUDFLARENET, US. The main domain is techbullion.com.
TLS certificate: Issued by GTS CA 1P5 on August 17th 2023. Valid for: 3 months.
This is the only time techbullion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
48 162.159.135.42 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 199.232.196.134 54113 (FASTLY)
2 151.101.1.44 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.139.128.10 20446 (STACKPATH...)
4 2a03:2880:f08... 32934 (FACEBOOK)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 11 34.160.152.31 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
3 18.239.69.131 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
3 151.101.0.134 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.30 16509 (AMAZON-02)
5 2600:9000:205... 16509 (AMAZON-02)
1 23.215.22.18 16625 (AKAMAI-AS)
1 65.9.66.104 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 108.128.58.115 16509 (AMAZON-02)
8 52.28.173.128 16509 (AMAZON-02)
1 3 193.232.148.143 48061 (UMA-TECH-AS)
1 64.227.38.224 14061 (DIGITALOC...)
1 3 51.89.9.251 16276 (OVH)
1 34.120.63.153 396982 (GOOGLE-CL...)
5 2602:803:c003... 26667 (RUBICONPR...)
6 185.86.138.121 201081 (SMARTADSE...)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 185.255.84.151 200271 (IGUANE-)
4 7 185.89.210.46 29990 (ASN-APPNEX)
1 52.222.253.136 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 63.35.30.113 16509 (AMAZON-02)
2 12 52.95.115.196 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
1 1 35.214.251.203 15169 (GOOGLE)
2 2 23.212.88.20 16625 (AKAMAI-AS)
3 3 34.253.165.174 16509 (AMAZON-02)
1 4 52.46.130.91 16509 (AMAZON-02)
5 5 50.31.142.223 23352 (SERVERCEN...)
4 23.35.229.251 16625 (AKAMAI-AS)
4 9 185.86.139.102 201081 (SMARTADSE...)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 185.255.84.153 200271 (IGUANE-)
2 143.204.215.101 16509 (AMAZON-02)
1 199.232.192.134 54113 (FASTLY)
6 7 69.173.144.165 26667 (RUBICONPR...)
6 9 69.173.144.139 26667 (RUBICONPR...)
1 4 2620:116:800d... 16509 (AMAZON-02)
4 2.18.160.23 16625 (AKAMAI-AS)
1 3 13.32.99.21 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
11 2a02:2638:d::4 44788 (ASN-CRITE...)
36 2a00:1450:400... 15169 (GOOGLE)
10 52.19.213.154 16509 (AMAZON-02)
2 15.197.193.217 16509 (AMAZON-02)
9 76 142.250.186.66 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2600:9000:236... 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
2 2 3.71.149.231 16509 (AMAZON-02)
1 23.48.23.21 20940 (AKAMAI-ASN1)
4 199.232.196.64 54113 (FASTLY)
79 2a02:2638:3::3 44788 (ASN-CRITE...)
11 178.250.7.9 44788 (ASN-CRITE...)
7 162.19.138.116 16276 (OVH)
1 2600:9000:223... 16509 (AMAZON-02)
1 2 2001:678:cb4:... 56396 (AMOBEE)
4 4 198.47.127.19 62713 (AS-PUBMATIC)
3 3 46.228.174.117 56396 (AMOBEE)
3 3 151.101.130.49 54113 (FASTLY)
2 2 35.186.193.173 15169 (GOOGLE)
3 3 35.190.0.66 15169 (GOOGLE)
3 3 2600:9000:211... 16509 (AMAZON-02)
1 1 52.210.221.60 16509 (AMAZON-02)
7 7 13.248.245.213 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
6 6 3.127.180.33 16509 (AMAZON-02)
2 2 69.166.1.66 27630 (AS-XFERNET)
15 2a02:2638:3::1a 44788 (ASN-CRITE...)
4 4 3.126.78.53 16509 (AMAZON-02)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
2 2 52.45.175.185 14618 (AMAZON-AES)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
2 2 216.52.2.39 32475 (SINGLEHOP...)
2 18.194.71.125 16509 (AMAZON-02)
2 192.0.77.40 2635 (AUTOMATTIC)
2 2 54.229.130.135 16509 (AMAZON-02)
7 2a02:2638:d::c 44788 (ASN-CRITE...)
3 2a02:2638:3::9 44788 (ASN-CRITE...)
1 4 2a03:2880:f17... 32934 (FACEBOOK)
1 178.250.1.11 44788 (ASN-CRITE...)
2 2 104.18.26.193 13335 (CLOUDFLAR...)
1 1 172.105.213.147 63949 (AKAMAI-LI...)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 4 23.35.237.56 16625 (AKAMAI-AS)
3 3 188.42.105.236 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 154.59.122.79 174 (COGENT-174)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 1 124.146.215.44 2514 (INFOSPHER...)
1 1 184.73.203.57 14618 (AMAZON-AES)
2 2 213.155.156.185 1299 (TWELVE99 ...)
2 2 178.250.7.11 44788 (ASN-CRITE...)
1 1 52.71.211.164 14618 (AMAZON-AES)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 1 82.145.213.8 39832 (NO-OPERA)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
1 151.101.129.108 54113 (FASTLY)
1 95.101.148.20 16625 (AKAMAI-AS)
1 1 45.137.176.88 60350 (VP)
577 88
48    162.159.135.42 (None, )

ASN13335 (CLOUDFLARENET, US)
techbullion.com
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
16    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
techbullion.disqus.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
2    2606:4700::6812:14ce (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn4.buysellads.net
4    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
11    34.160.152.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.152.160.34.bc.googleusercontent.com
c.pub.network
d.pub.network
12    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
16    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net
c.amazon-adsystem.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    151.101.0.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
partner.googleadservices.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
1    99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
5    2600:9000:2057:7200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
2    2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
8    108.128.58.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-58-115.eu-west-1.compute.amazonaws.com
g2.gumgum.com
8    52.28.173.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-173-128.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    193.232.148.143 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp4.sender.ltmse.com
px.adhigh.net
1    64.227.38.224 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-17.buysellads.com
srv.buysellads.com
3    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
5    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
7    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    63.35.30.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
12    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
12    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
1    35.214.251.203 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 203.251.214.35.bc.googleusercontent.com
csync.loopme.me
2    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
cs.media.net
3    34.253.165.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-165-174.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    50.31.142.223 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
2    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    143.204.215.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-101.fra53.r.cloudfront.net
cdn.viglink.com
1    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
referrer.disqus.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
9    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
4    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
cms.quantserve.com
pixel.quantserve.com
4    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
c21lg-d.media.net
3    13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
11    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
36    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    52.19.213.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
protected-by.clarium.io
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
76    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    2a05:d018:d29:3601:bf41:b326:fa86:2937 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2600:9000:236e:e00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.48.23.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-21.deploy.static.akamaitechnologies.com
hb.yahoo.net
4    199.232.196.64 (United States)

ASN54113 (FASTLY, US)
links.services.disqus.com
79    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
11    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
7    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
1    2600:9000:223c:f400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    2600:9000:211e:da00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    52.210.221.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-221-60.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
7    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    3.127.180.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-180-33.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
15    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    3.126.78.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-78-53.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2600:1f18:612b:4200:7e1a:af:3ec:b85a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
google.partners.tremorhub.com
2    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    18.194.71.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-71-125.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
www.tumblr.com
2    54.229.130.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-130-135.eu-west-1.compute.amazonaws.com
match.360yield.com
7    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
3    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    172.105.213.147 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1867-147.members.linode.com
a.c.appier.net
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
4    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
3    188.42.105.236 (Luxembourg)

ASN7979 (SERVERS-COM, US)
sync.gonet-ads.com
1    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    124.146.215.44 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    184.73.203.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-203-57.compute-1.amazonaws.com
fksnk.com
2    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    52.71.211.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-211-164.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
Apex Domain
Subdomains		 Transfer
97 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
255 KB
94 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
csm.eu.criteo.net — Cisco Umbrella Rank: 7577
997 KB
70 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
479 KB
48 techbullion.com
techbullion.com
455 KB
39 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
bidder.criteo.com — Cisco Umbrella Rank: 949
ads.eu.criteo.com — Cisco Umbrella Rank: 7499
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 8966
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 14897
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13805
mug.criteo.com — Cisco Umbrella Rank: 1822
dis.criteo.com — Cisco Umbrella Rank: 910
235 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3048
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
36 KB
21 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 404
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945
aax.amazon-adsystem.com — Cisco Umbrella Rank: 541
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
82 KB
18 google.com
www.google.com — Cisco Umbrella Rank: 11
region1.analytics.google.com — Cisco Umbrella Rank: 2225
50 KB
15 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2163
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011
14 KB
13 pub.network
a.pub.network — Cisco Umbrella Rank: 6732
c.pub.network — Cisco Umbrella Rank: 6750
d.pub.network — Cisco Umbrella Rank: 6903
ssp.pub.network Failed
175 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
656 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
620 KB
10 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 2211
2 KB
10 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1680
match.sharethrough.com — Cisco Umbrella Rank: 876
974 B
9 disqus.com
techbullion.disqus.com
disqus.com — Cisco Umbrella Rank: 1706
referrer.disqus.com — Cisco Umbrella Rank: 6945
links.services.disqus.com — Cisco Umbrella Rank: 12180
54 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
secure.adnxs.com — Cisco Umbrella Rank: 806
acdn.adnxs.com — Cisco Umbrella Rank: 960
22 KB
8 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
cs.media.net — Cisco Umbrella Rank: 2422
hbx.media.net — Cisco Umbrella Rank: 1959
c21lg-d.media.net — Cisco Umbrella Rank: 3883
contextual.media.net — Cisco Umbrella Rank: 1062
31 KB
8 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2247
9 KB
8 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1223
id5-sync.com — Cisco Umbrella Rank: 687
37 KB
7 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 713
3 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
3 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 906
3 KB
5 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 4952
282 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2022
975 B
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1562
3 KB
4 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 1171
2 KB
4 quantserve.com
qcx.quantserve.com Failed
secure.quantserve.com — Cisco Umbrella Rank: 1803
cms.quantserve.com — Cisco Umbrella Rank: 1260
pixel.quantserve.com — Cisco Umbrella Rank: 1594
10 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
174 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 4716
955 B
3 gonet-ads.com
sync.gonet-ads.com — Cisco Umbrella Rank: 17906
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
2 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1092
1 KB
3 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11243
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
980 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 239
3 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
1 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2364
a.ad.gt — Cisco Umbrella Rank: 2797
4 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
1 KB
3 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 14693
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
233 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
4 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
651 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3472
812 B
2 tumblr.com
www.tumblr.com — Cisco Umbrella Rank: 9143
2 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012
1 KB
2 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 16820
1 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1592
1 KB
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 51511
1009 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
r.turn.com — Cisco Umbrella Rank: 6191
869 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 802
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
297 B
2 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 9583
778 B
2 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 9796
658 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
visitor.omnitagjs.com — Cisco Umbrella Rank: 1162
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2059
111 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1393
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398
13 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
2 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1262
215 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 7675
84 KB
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2756
712 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
674 B
1 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 4633
1 KB
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 8734
614 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10895
290 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2199
684 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
584 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
490 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2496
709 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241 Failed
1 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
715 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 27714
630 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359
549 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1089
596 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1516 Failed
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
574 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 10594 Failed
600 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
1 KB
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 2263
480 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2560
499 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
649 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1313
275 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1499
234 B
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 32097
722 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2416
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1662
17 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
466 B
1 google.ch
www.google.ch — Cisco Umbrella Rank: 18208
408 B
1 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 31603
134 KB
0 lunamedia.live Failed
sync.lunamedia.live Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 districtm.io Failed
dmx.districtm.io Failed
cdn.districtm.io Failed
577 95
Domain Requested by
79 static.criteo.net ads.eu.criteo.com
cdn4.buysellads.net
static.criteo.net
76 cm.g.doubleclick.net 9 redirects techbullion.com
aax-eu.amazon-adsystem.com
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
48 techbullion.com techbullion.com
36 tpc.googlesyndication.com a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
techbullion.com
a.pub.network
22 pagead2.googlesyndication.com techbullion.com
pagead2.googlesyndication.com
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
16 securepubads.g.doubleclick.net cdn4.buysellads.net
www.googletagservices.com
securepubads.g.doubleclick.net
techbullion.com
16 www.google.com techbullion.com
www.gstatic.com
www.google.com
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
a.pub.network
15 csm.eu.criteo.net ads.eu.criteo.com
12 a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com securepubads.g.doubleclick.net
a.pub.network
12 aax-eu.amazon-adsystem.com 2 redirects a.pub.network
aax-eu.amazon-adsystem.com
12 www.googletagservices.com a.pub.network
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
techbullion.com
11 cat.fr3.eu.criteo.com ads.eu.criteo.com
11 ads.eu.criteo.com a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
techbullion.com
10 protected-by.clarium.io a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
8 pixel.rubiconproject.com 5 redirects techbullion.com
aax-eu.amazon-adsystem.com
8 btlr.sharethrough.com a.pub.network
8 g2.gumgum.com a.pub.network
8 fonts.gstatic.com fonts.googleapis.com
www.google.com
7 rtb.fr3.eu.criteo.com techbullion.com
7 eb2.3lift.com 7 redirects
7 id5-sync.com cdn.id5-sync.com
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
7 token.rubiconproject.com 6 redirects eus.rubiconproject.com
6 x.bidswitch.net 6 redirects
6 rtb-csync.smartadserver.com 1 redirects a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
6 prg.smartadserver.com cdn4.buysellads.net
6 c.pub.network 2 redirects a.pub.network
5 b1sync.zemanta.com 5 redirects
5 ib.adnxs.com 2 redirects cdn4.buysellads.net
acdn.adnxs.com
5 fastlane.rubiconproject.com cdn4.buysellads.net
5 c.disquscdn.com disqus.com
c.disquscdn.com
a.pub.network
5 d.pub.network techbullion.com
a.pub.network
4 sync.teads.tv 2 redirects a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
4 www.facebook.com 1 redirects techbullion.com
connect.facebook.net
4 pm.w55c.net 4 redirects
4 image6.pubmatic.com 4 redirects
4 links.services.disqus.com c.disquscdn.com
techbullion.com
4 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
cdn4.buysellads.net
4 s.amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 connect.facebook.net techbullion.com
connect.facebook.net
a.pub.network
3 an.yandex.ru 2 redirects
3 sync.gonet-ads.com 3 redirects
3 rtb.nl3.eu.criteo.com techbullion.com
3 s.ad.smaato.net 3 redirects
3 ads.travelaudience.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 sb.scorecardresearch.com 1 redirects a.pub.network
techbullion.com
3 ssbsync.smartadserver.com 3 redirects
3 match.prod.bidr.io 3 redirects
3 onetag-sys.com 1 redirects cdn4.buysellads.net
3 px.adhigh.net 1 redirects techbullion.com
3 gum.criteo.com 1 redirects cdn.taboola.com
a.pub.network
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 disqus.com techbullion.disqus.com
c.disquscdn.com
3 c.amazon-adsystem.com cdn4.buysellads.net
c.amazon-adsystem.com
3 www.googletagmanager.com techbullion.com
www.googletagmanager.com
3 fonts.googleapis.com techbullion.com
client
2 dis.criteo.com 2 redirects
2 d5p.de17a.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 c21lg-d.media.net hbx.media.net
contextual.media.net
2 match.360yield.com 2 redirects
2 www.tumblr.com a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
2 match.sharethrough.com a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
2 ap.lijit.com 2 redirects
2 im.bluevoox.com 2 redirects a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
2 secure.adnxs.com 2 redirects
2 sync.go.sonobi.com 2 redirects
2 a.tribalfusion.com 1 redirects a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
2 gcm.ctnsnet.com 2 redirects
2 cms.quantserve.com 1 redirects a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
2 sync.1rx.io 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pixel.tapad.com 1 redirects techbullion.com
2 match.adsrvr.org aax-eu.amazon-adsystem.com
2 hbx.media.net a.pub.network
hbx.media.net
2 cdn.viglink.com techbullion.com
2 amazon-tam-match.dotomi.com 2 redirects
2 cs.media.net 2 redirects
2 id.hadron.ad.gt cdn.hadronid.net
2 cdn.confiant-integrations.net techbullion.com
cdn.confiant-integrations.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 a.pub.network techbullion.com
a.pub.network
2 cdn.taboola.com techbullion.com
cdn.taboola.com
2 netdna.bootstrapcdn.com techbullion.com
netdna.bootstrapcdn.com
1 sync.adotmob.com 1 redirects
1 contextual.media.net cdn4.buysellads.net
1 acdn.adnxs.com cdn4.buysellads.net
1 t.adx.opera.com 1 redirects
1 a.rfihub.com 1 redirects
1 fksnk.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 ums.acuityplatform.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 s0.2mdn.net
1 sync.inmobi.com 1 redirects
1 mug.criteo.com
1 pixel.quantserve.com techbullion.com
1 sync.srv.stackadapt.com a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 s.tribalfusion.com a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
1 ads.yieldmo.com 1 redirects
1 tg.socdm.com a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 a.c.appier.net a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
1 r.turn.com techbullion.com
1 ad.turn.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 hb.yahoo.net techbullion.com
1 live.primis.tech aax-eu.amazon-adsystem.com
1 px.ads.linkedin.com aax-eu.amazon-adsystem.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 secure.quantserve.com a.pub.network
1 pixel-eu.rubiconproject.com 1 redirects
1 referrer.disqus.com techbullion.com
1 visitor.omnitagjs.com 1 redirects
1 csync.loopme.me 1 redirects
1 a.ad.gt a.pub.network
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 bidder.criteo.com cdn4.buysellads.net
1 prebid.media.net cdn4.buysellads.net
1 srv.buysellads.com cdn4.buysellads.net
1 cdn.id5-sync.com techbullion.com
1 cdn.hadronid.net techbullion.com
1 tags.crwdcntrl.net techbullion.com
1 secure.cdn.fastclick.net techbullion.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.google.ch techbullion.com
1 cdn4.buysellads.net techbullion.com
1 techbullion.disqus.com techbullion.com
0 cdn.districtm.io Failed a.pub.network
0 sync.lunamedia.live Failed techbullion.com
0 cs.chocolateplatform.com Failed a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
0 ssp.pub.network Failed a.pub.network
0 qcx.quantserve.com Failed a.pub.network
0 dmx.districtm.io Failed a.pub.network
577 144
Subject Issuer Validity Valid
techbullion.com
GTS CA 1P5		 2023-08-17 -
2023-11-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
cdn4.buysellads.net
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-08 -
2023-10-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
a.disquscdn.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-27		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-09-20 -
2023-12-19		 3 months crt.sh
hadronid.net
GTS CA 1P5		 2023-08-07 -
2023-11-05		 3 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
d.pub.network
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-25 -
2024-06-24		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
viglink.com
Amazon RSA 2048 M02		 2023-09-13 -
2024-10-11		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M02		 2022-12-16 -
2024-01-14		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-08 -
2024-09-08		 a year crt.sh
c.pub.network
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
*.adhigh.net
GlobalSign RSA OV SSL CA 2018		 2023-06-05 -
2024-07-06		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh

This page contains 58 frames:

Primary Page: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Frame ID: 043A5EDE3A75D6E6D0CA7E6DE454C265
Requests: 193 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
Frame ID: BF1F086E2C615D0C9A199DD9586F37D2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: 9C89C55E61FAD6D96E4E9021ABF58663
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&co=aHR0cHM6Ly90ZWNoYnVsbGlvbi5jb206NDQz&hl=de-CH&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=ku7ljq964tm7
Frame ID: 38F5EF625EBDFD3E94E25BD5CB21F9E3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4909624562623679&output=html&adk=1812271804&adf=3025194257&lmt=1695874768&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695986089288&bpp=10&bdt=501&idt=291&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8080749305913&frm=20&pv=2&ga_vid=910471404.1695986089&ga_sid=1695986090&ga_hid=884511560&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31077327%2C31078201%2C31078320&oid=2&pvsid=2227620224526580&tmod=2100242589&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
Frame ID: 7F1E978885AABAC2242FA52447008D6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4909624562623679&output=html&h=510&slotname=5710385232&adk=2822807138&adf=2845327126&pi=t.ma~as.5710385232&w=1021&cr_col=4&cr_row=2&fwrn=2&lmt=1695874768&rafmt=9&format=1021x510&url=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&host=ca-host-pub-2644536267352236&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695986089299&bpp=1&bdt=512&idt=340&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8080749305913&frm=20&pv=1&ga_vid=910471404.1695986089&ga_sid=1695986090&ga_hid=884511560&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=132&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31077327%2C31078201%2C31078320&oid=2&pvsid=2227620224526580&tmod=2100242589&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TBzol3A3Sy&p=https%3A//techbullion.com&dtd=345
Frame ID: FDF0FDA95B180D439B02E2679CEA6882
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&dcc=t
Frame ID: D336596974207788F924A1602573F039
Requests: 1 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BB356537F80A6E580F145F0145A25872
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 3A4B283E14164447BF227FD2202A959D
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: A3ED7A93491ADF28576C9EAD75BDD2E4
Requests: 16 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2174209610784440979&gdpr=0&gdpr_consent=
Frame ID: 76D6A409FB379833F6B820814830BA43
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAIBBK6CK1E6ANbVQvwAAAAAAA&expiration=1696072490&is_secure=true
Frame ID: E09F3AF8C334EFECF6C66810DBFD07CC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=4170372529826451915&ex=appnexus.com
Frame ID: 34D816D68615C07EBB9AFB0F07F3782C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=7f614d4002799a3e49fca79589f1ea18
Frame ID: 8FE3B3306440EDEAE18FAF62D8A9A9BF
Requests: 1 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C2E9995FBD1C0CFD59F78B504D77636B
Requests: 11 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6B958BDAC1A584F44378B2E9222BE6AB
Requests: 1 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AFEC2418A1D164B54A5F6625C16BFC0E
Requests: 11 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C80FDC0D9290661606194F6F8500F4F0
Requests: 11 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A2E869A7C8FD9F027AFBEC0DC91A231D
Requests: 11 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3156BBE7678D4C786706944DFB047B78
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: 78B3F946076B5190D6ACDA8C77B78663
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C1E0596AD4C18B7EF8E888D0465E95B2
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: D989CD762CABB2B019CF65A2BEC687DE
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Frame ID: BABEF42D6E819D7FA46BB2AE2D1C03AF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84A8B4130DFC4C7C089EE3AF85496A0A
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: 2B0C18507CFB3480C72A1F0DEAA4E19F
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8A7FC7A23CDCDB782C65C4CBB3FE2944
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: 1402134D6A384F50FC480170EC035EDF
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 85E47CBF360C2D86790487E2B51D25A7
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: 9FAFD5E16B66A9F33ED0BC461DDD8390
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E29EC55E12968F05B9B0F95E47ACA243
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: EC7D20442B25353C200E4F64022E75CB
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 50DCFD1B1CDE33A350D48367E23EFC3D
Requests: 9 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=17&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C59%2C70%2C77%2C80%2C82%2C97%2C99%2C108%2C109%2C111%2C112%2C113%2C117%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C203%2C214%2C222%2C226%2C229%2C246%2C251%2C294%2C337%2C339%2C359%2C2025%2C2026%2C2027%2C2028%2C2030%2C2031%2C2033%2C2034%2C2043%2C3007%2C3010%2C3012%2C3014%2C3016%2C3017%2C3018%2C10000&usp_status=0&usp_consent=1&gdpr=1&gdprconsent=0&https=1
Frame ID: C033C234D0A30A789FE8AF093BC9EFB5
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df19315a88b5a2f4%2526domain%253Dtechbullion.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftechbullion.com%25252Ff38c7c1c29e36f8%2526relation%253Dparent.parent%26container_width%3D270%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Ftechbullion%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
Frame ID: 86006E42A81674BD41379BA58EB8E91D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CAD39AA8B55CFCF698E34A69FDE36796
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC399D7676B2DF4CF8370B1B59109BB8
Requests: 2 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3B2C9C62475A4E567A7CEACBC93922D3
Requests: 11 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B4A04E62E5FD4B185058B408AFEA569
Requests: 11 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B4A666C47E16637A930EA82FC6C9CF24
Requests: 10 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E82CA7019049C5A12FA17525F36B4890
Requests: 11 HTTP requests in this frame

Frame: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B412FF551E4440E3E9E32D3F69BA703
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=techbullion.com
Frame ID: 5D64F31BF275C4488EC70C614220CB9C
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: 8632CBCBC7A4ED59E4C5668C9FEC928D
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 17C9BBCF190733830EEA59DF8D268E93
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: 90127F968F5512F382E5842BF9D123FB
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 13EC9C3D07A188ED1DEE9FD4FE774A53
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: 194C3E1EBF7FAC148650197A9924F2A7
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75FD11E4C3E1120D2DF7A5AC8710F882
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: 782F778D69A2DD4DCE6515B7FA358501
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 385535215791DE5F2B2E025BCD5281B1
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Frame ID: 83F74596BEF0CCA35DFAEF14A18E9115
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB3EEDEEFC0FC263C0D161F80ACFCB5E
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A19A7FB37F7C78B71F163BDE2106E674
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1695986089920
Frame ID: 0ABBD99FD2D9B0C8E6C539CB04DD8D86
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FAFC9353F04CCD5859199761FB4408E3
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1F4F1CCBD5CBB24ABE0F0AAB787D0F9B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 15CDFCED5F131BB15CB461DA7491BBBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nick Oberheiden Sheds Light on What to Do After Receiving a Cybercrime Subpoena? - TechBullion

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

577
Requests

80 %
HTTPS

35 %
IPv6

95
Domains

144
Subdomains

88
IPs

14
Countries

5521 kB
Transfer

14933 kB
Size

123
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://c.pub.network/cookie HTTP 302
  • https://d.pub.network/cookie
Request Chain 69
  • https://c.pub.network/location HTTP 302
  • https://d.pub.network/location
Request Chain 130
  • https://px.adhigh.net/p/cm/freestar?fsuid=c6eea4ab-168c-484e-858c-c0abf10812b9 HTTP 302
  • https://px.adhigh.net/p/cm/freestar?fsuid=c6eea4ab-168c-484e-858c-c0abf10812b9&bounced=1
Request Chain 159
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&dcc=t
Request Chain 170
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=042eff3b-ce98-4c93-bf03-c8866ecaa6c4
Request Chain 171
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3389876908454630000V10
Request Chain 172
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AABeK07KLWMAABk4xJ4LMA&ex=beeswax.com
Request Chain 173
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Request Chain 175
  • https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2174209610784440979&gdpr=0&gdpr_consent=
Request Chain 176
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4425881647291587&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAIBBK6CK1E6ANbVQvwAAAAAAA&expiration=1696072490&is_secure=true
Request Chain 177
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=4170372529826451915&ex=appnexus.com
Request Chain 178
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D HTTP 307
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=7f614d4002799a3e49fca79589f1ea18
Request Chain 192
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LN4IBU7G-1O-5579 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LN4IBU7G-1O-5579&ex=d-rubiconproject.com&status=ok
Request Chain 241
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RkLnxZ5aRtKkVZZbek2FGQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RkLnxZ5aRtKkVZZbek2FGQ
Request Chain 242
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NsrQQ6FgTJS05moZxKjP2A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NsrQQ6FgTJS05moZxKjP2A
Request Chain 243
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE40SUJVN0ctMU8tNTU3OQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOd_s5TRC70u5H7U98D65Yg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE40SUJVN0ctMU8tNTU3OQ==&google_push=
Request Chain 244
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/boAKqKMMsV-bOpGQ4xEAAcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JfLV0JBE2oKWXwDJ0UMfpa4tMWpd4aiBdR0gyA--~A
Request Chain 245
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ0ZTgwYTA1NGY0YzZkNjEzMGMyZDIyNDRiNWIxZWY3ODA3NTcyZA
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHFLEz8Zj4_iCOEE-B7JhpU&google_cver=1
Request Chain 247
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN4IBU7G-1O-5579
Request Chain 248
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABeK07KLWMAABk4xJ4LMA&expires=30
Request Chain 249
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN4IBU7G-1O-5579
Request Chain 250
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LN4IBU7G-1O-5579 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN4IBU7G-1O-5579
Request Chain 251
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LN4IBU7G-1O-5579&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LN4IBU7G-1O-5579&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1XcWZFQ190RTJ1RWhHLnlqMkNCNmtaZlNLS0k5eWwzTH5B&ovsid=LN4IBU7G-1O-5579&dpid=58160
Request Chain 301
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKupKJEH7GH6eqvxndQNl50&google_cver=1&google_push=AXcoOmSZiMOHlFD6z8E_PqWFkZpSBXdWe2QSgc8KVaPfIPvn-cGnj8CQGdRT01Hvj4tvLLZER84gFojc-jLY7m5ntyFUVznbE_Bz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk1MzE5ODkwNTkzNDg3MDQzNg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKupKJEH7GH6eqvxndQNl50&google_cver=1
Request Chain 303
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEeBaLFHQE3C7bwbuWUrPUU&google_cver=1&google_push=AXcoOmRbHBLXHw-YJGKthFcoavfeqNIGZnViiepIPCc3cLOoe4IHAVZu83_IDw-6z1rtIQQVFhCmCYni6hjm6RvXsmoA81qBZiHQ9Q HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEeBaLFHQE3C7bwbuWUrPUU&google_cver=1&google_push=AXcoOmRbHBLXHw-YJGKthFcoavfeqNIGZnViiepIPCc3cLOoe4IHAVZu83_IDw-6z1rtIQQVFhCmCYni6hjm6RvXsmoA81qBZiHQ9Q&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7uPldrInTGWNaETL-ajDrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRbHBLXHw-YJGKthFcoavfeqNIGZnViiepIPCc3cLOoe4IHAVZu83_IDw-6z1rtIQQVFhCmCYni6hjm6RvXsmoA81qBZiHQ9Q
Request Chain 304
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOd_s5TRC70u5H7U98D65Yg&google_cver=1&google_push=AXcoOmQLgQviixE3Aa53lsmFJ-xMtpNzskbaxFwzngj3IQvkhtRXtvTCFL7xTwlRXkF5OYYv0QzU4QTLW4_4n-LKcS0uSVSKP74MQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE40SUJVN0ctMU8tNTU3OQ==&google_push=AXcoOmQLgQviixE3Aa53lsmFJ-xMtpNzskbaxFwzngj3IQvkhtRXtvTCFL7xTwlRXkF5OYYv0QzU4QTLW4_4n-LKcS0uSVSKP74MQw
Request Chain 305
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJphu9i-LhZPygaC8w2anjM&google_cver=1&google_push=AXcoOmR3d_ZbPnNGEown1MLfNryvv-cEPTUZ43ROWtMtGdqHHeColvAM9j4PSu5gdB0AQCpXiyQjWyvhbeNPgTK2QWvQZ_91ArCF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR3d_ZbPnNGEown1MLfNryvv-cEPTUZ43ROWtMtGdqHHeColvAM9j4PSu5gdB0AQCpXiyQjWyvhbeNPgTK2QWvQZ_91ArCF
Request Chain 306
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEAzmB9lw1xJe0CbQpp-93aw&google_cver=1&google_push=AXcoOmRaTXSZzJ8B599YMtvAcXqUHJ_EmAVTbxgDXYL6v8j4SOEMErF7T0GjZEKTJOWG90ePbjxunL-uvkDIw56RnDDWYzDHUSKo HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRaTXSZzJ8B599YMtvAcXqUHJ_EmAVTbxgDXYL6v8j4SOEMErF7T0GjZEKTJOWG90ePbjxunL-uvkDIw56RnDDWYzDHUSKo&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1695986091681 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a299bed7-7db2-44e3-a185-cc097c5ceec1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRaTXSZzJ8B599YMtvAcXqUHJ_EmAVTbxgDXYL6v8j4SOEMErF7T0GjZEKTJOWG90ePbjxunL-uvkDIw56RnDDWYzDHUSKo%26google_hm%3DA6KZvtd9skTjoYXMCXxc7sE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRaTXSZzJ8B599YMtvAcXqUHJ_EmAVTbxgDXYL6v8j4SOEMErF7T0GjZEKTJOWG90ePbjxunL-uvkDIw56RnDDWYzDHUSKo&google_hm=A6KZvtd9skTjoYXMCXxc7sE
Request Chain 310
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOd6rldHWNiftU5LrbZOV_0&google_cver=1&google_push=AXcoOmTDE3O45pW3KniGjppnnCiqcxPKFxJGta-XHPSxJxEHkY3tIjcTwgyW_QFrnhpvmztJD8SF4Jam_Q0wCyUfKqj_l0Ajr_X7tQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOd6rldHWNiftU5LrbZOV_0&google_push=AXcoOmTDE3O45pW3KniGjppnnCiqcxPKFxJGta-XHPSxJxEHkY3tIjcTwgyW_QFrnhpvmztJD8SF4Jam_Q0wCyUfKqj_l0Ajr_X7tQ
Request Chain 311
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED7-Al_pJ1v54Hlep0Y2XRI&google_cver=1&google_push=AXcoOmQvpjT-1ndVcAXpiLp0NJqfnMVp_3vq1EbFK5hdVEzQfpddnlh-2kQ4yciWM2lu9IjG6GC1SmL-wlGd_INN_i5c_gLVyD9jsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQvpjT-1ndVcAXpiLp0NJqfnMVp_3vq1EbFK5hdVEzQfpddnlh-2kQ4yciWM2lu9IjG6GC1SmL-wlGd_INN_i5c_gLVyD9jsQ&google_hm=7ggHE4SOTZyHEcAIe3f2LoI
Request Chain 312
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHxWEHIpuPtTKlIdEtgEMBo&google_cver=1&google_push=AXcoOmSEBtB9ZP4BIrlwdMO7zXdEDzLpupgBmSdwb8KCkxSlDVFRU-GpPvpT06KOSHbvZtpcLtFIWkqdF1rCTi1_EJu59A_TnUZXIg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zfH4raHVSJ8me9DJzrovfg&google_push=AXcoOmSEBtB9ZP4BIrlwdMO7zXdEDzLpupgBmSdwb8KCkxSlDVFRU-GpPvpT06KOSHbvZtpcLtFIWkqdF1rCTi1_EJu59A_TnUZXIg
Request Chain 313
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJdXO9D4Q9Ar_dhFV-bODlM&google_cver=1&google_push=AXcoOmS0-TIGpnOMYEbsQSK0PtB3cZq9rp7B3gytue9kR-_OMZ7XO199cCc17Z64x0tD61DWSOjP2cbYR_05i011s_vXhy37VcdRxg HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=19ef7b318a&gdpr=0&gdpr_consent=
Request Chain 314
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEIaqNarYeFtIGMtuZZnBZN0&google_cver=1&google_push=AXcoOmRN6UC0AmN8uGgP_keSlu5cqAONn11AgPnNXkuSJGLkPtRI4aDvh5RQGSypqET60C4y1n7KC36izqna9-nsxcpXsSxtEhJcEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRN6UC0AmN8uGgP_keSlu5cqAONn11AgPnNXkuSJGLkPtRI4aDvh5RQGSypqET60C4y1n7KC36izqna9-nsxcpXsSxtEhJcEA&google_hm=M1JVdzJBQTk5c0FhTlRsaU52dXY=
Request Chain 315
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo&google_cver=1&google_push=AXcoOmQUVLibqzkjAP3Zt82ODYvz77e9EB3at7LS58Wqq8X_htWLw7EOqHfSa6r8A6e1KBo7irEZKIf8vUaf5mieMxKA1KogZSC7 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQUVLibqzkjAP3Zt82ODYvz77e9EB3at7LS58Wqq8X_htWLw7EOqHfSa6r8A6e1KBo7irEZKIf8vUaf5mieMxKA1KogZSC7&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmQUVLibqzkjAP3Zt82ODYvz77e9EB3at7LS58Wqq8X_htWLw7EOqHfSa6r8A6e1KBo7irEZKIf8vUaf5mieMxKA1KogZSC7
Request Chain 318
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJ_Uyy2lIKu1xPFrQ7OjOu4&google_cver=1&google_push=AXcoOmQh2Mcw1nez8eP6qP6eEdabmLtFr7qcLLNq2W5tMycZgO237oWZs0euCmTLG_d19LOS15A03_neRnq6x_XmdsivZFM4ZR9DfA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh2Mcw1nez8eP6qP6eEdabmLtFr7qcLLNq2W5tMycZgO237oWZs0euCmTLG_d19LOS15A03_neRnq6x_XmdsivZFM4ZR9DfA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ_Uyy2lIKu1xPFrQ7OjOu4&google_cver=1&google_push=AXcoOmQh2Mcw1nez8eP6qP6eEdabmLtFr7qcLLNq2W5tMycZgO237oWZs0euCmTLG_d19LOS15A03_neRnq6x_XmdsivZFM4ZR9DfA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh2Mcw1nez8eP6qP6eEdabmLtFr7qcLLNq2W5tMycZgO237oWZs0euCmTLG_d19LOS15A03_neRnq6x_XmdsivZFM4ZR9DfA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 319
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHxWEHIpuPtTKlIdEtgEMBo&google_cver=1&google_push=AXcoOmS8caTlyHUNQGROFnuR3fDR1q8lkyK3PhfGwXpKIh-cSgbj0_dnioBJnOjKwpvUPPQ4VIAdqm8tGRg3Sidp75OtXxtXAssyww HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vSzjjUd-RAUP22DrLamDWg&google_push=AXcoOmS8caTlyHUNQGROFnuR3fDR1q8lkyK3PhfGwXpKIh-cSgbj0_dnioBJnOjKwpvUPPQ4VIAdqm8tGRg3Sidp75OtXxtXAssyww
Request Chain 320
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL9kwMfOXim-O_hsk7Vi19M&google_cver=1&google_push=AXcoOmQ2f-2zibJY68xfDzJh57gGJ8wjDzwcYwECZBMc7mk-YvoTU6V9QflGwjeyMWTtlhSUkUZHCP272z9p_K4jApamtFmmY3abHw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEL9kwMfOXim-O_hsk7Vi19M&google_cver=1&google_push=AXcoOmQ2f-2zibJY68xfDzJh57gGJ8wjDzwcYwECZBMc7mk-YvoTU6V9QflGwjeyMWTtlhSUkUZHCP272z9p_K4jApamtFmmY3abHw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ2f-2zibJY68xfDzJh57gGJ8wjDzwcYwECZBMc7mk-YvoTU6V9QflGwjeyMWTtlhSUkUZHCP272z9p_K4jApamtFmmY3abHw&google_hm=0h3KtT_PQ_uicTqHnC4Sng==
Request Chain 321
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTAVUyE3ByPQ-W6sPzq8TQ10KqEN3csZGHTs_bR5yqDbyb3SZEOV54-ixOSGazTHVZW94IEe1IBYq5dwlrn_2p7LhhbknXj%26google_hm%3D%5BUID%5D&google_gid=CAESEA7vKZk9w3uegGR_vyey1Dk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTAVUyE3ByPQ-W6sPzq8TQ10KqEN3csZGHTs_bR5yqDbyb3SZEOV54-ixOSGazTHVZW94IEe1IBYq5dwlrn_2p7LhhbknXj&google_hm=eead468c-f96a-4fd1-8bc5-e3d78d798a1a
Request Chain 322
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo&google_cver=1&google_push=AXcoOmTZKE3okDY5nfG7KDpLChv7VCmDlfDZn_g139VeFBLxvkOMqU-kDp_6x2ZARnh3-sgV7CNJ3qfVahCuX2nUFrMiNoPAw9t5Hg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTZKE3okDY5nfG7KDpLChv7VCmDlfDZn_g139VeFBLxvkOMqU-kDp_6x2ZARnh3-sgV7CNJ3qfVahCuX2nUFrMiNoPAw9t5Hg&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmTZKE3okDY5nfG7KDpLChv7VCmDlfDZn_g139VeFBLxvkOMqU-kDp_6x2ZARnh3-sgV7CNJ3qfVahCuX2nUFrMiNoPAw9t5Hg
Request Chain 323
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmSC1dYKJ-FKegzyldT2KpavPd7ThXQGIqGLhZ_bEoarZwYoxuSf0U_EdO2gngkr9NpbnYARH5PYFImrhtdp-QXB1NaOmrF11g4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE3MDM3MjUyOTgyNjQ1MTkxNQ%3D%3D&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmSC1dYKJ-FKegzyldT2KpavPd7ThXQGIqGLhZ_bEoarZwYoxuSf0U_EdO2gngkr9NpbnYARH5PYFImrhtdp-QXB1NaOmrF11g4
Request Chain 324
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED_s85JaPw3qePCsuPEqFxc&google_cver=1&google_push=AXcoOmRrgxILjx4rEb0ofXPFl08AwwJorWyClZ3knCdARvJF87Cwq3fhp-McgeyVJ4RjBaR84WzsfloyPGSX-UDkWJ2Xu9aLCZqCkg HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED_s85JaPw3qePCsuPEqFxc&google_cver=1&google_push=AXcoOmRrgxILjx4rEb0ofXPFl08AwwJorWyClZ3knCdARvJF87Cwq3fhp-McgeyVJ4RjBaR84WzsfloyPGSX-UDkWJ2Xu9aLCZqCkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
Request Chain 329
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmR_VYaytZEGS4PhNteXqd8vDVDGl-ytO2cG19KB_tBQq9WoDcXsLnFwuHvG3IrtaiFp2SU4ZssCLyJS3Sl8Nb9thmSSyMo HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmR_VYaytZEGS4PhNteXqd8vDVDGl-ytO2cG19KB_tBQq9WoDcXsLnFwuHvG3IrtaiFp2SU4ZssCLyJS3Sl8Nb9thmSSyMo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmR_VYaytZEGS4PhNteXqd8vDVDGl-ytO2cG19KB_tBQq9WoDcXsLnFwuHvG3IrtaiFp2SU4ZssCLyJS3Sl8Nb9thmSSyMo
Request Chain 330
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPFjPrpjWx3xMaYZaPuJbSQ&google_cver=1&google_push=AXcoOmQgwNZ4osomC1GmJISo54DfP_N-HvOfX2LKoNM0CxeWTlEVQvU93RSVP0h6HuFcmAwQbol5boxVzYJn_n0_XOXkdlL9k9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQgwNZ4osomC1GmJISo54DfP_N-HvOfX2LKoNM0CxeWTlEVQvU93RSVP0h6HuFcmAwQbol5boxVzYJn_n0_XOXkdlL9k9g
Request Chain 331
  • https://google.partners.tremorhub.com/sync?UIDF=CAESELlZigjFnqhnR1NqyUuDI1U&google_cver=1&google_push=AXcoOmSEKxqxJ-mKDknZk0zmqWvi2vOFToZ2nVu6lUbPCmbBAHgGsrscMe7SC5z2_A31yw5BvpPiQ7oREgITiTe-By6KaEg1r3c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NTZkZDI5YjI2ZGUyNGFlMThjYThlMTQ2YjExNWJmN2M%3D&UIDF=CAESELlZigjFnqhnR1NqyUuDI1U&google_cver=1&google_push=AXcoOmSEKxqxJ-mKDknZk0zmqWvi2vOFToZ2nVu6lUbPCmbBAHgGsrscMe7SC5z2_A31yw5BvpPiQ7oREgITiTe-By6KaEg1r3c
Request Chain 333
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENWtczFu33u-ELkAwd54TQ8&google_cver=1&google_push=AXcoOmRcTJgdYwUwhLw-pzWef_w6hIbYPkvr6bGRx7RDg1QumLLLnwVBL848RbmBmjx-Ww_KgF-PwGvCyQfLp7k4O8kvLep3j20 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRcTJgdYwUwhLw-pzWef_w6hIbYPkvr6bGRx7RDg1QumLLLnwVBL848RbmBmjx-Ww_KgF-PwGvCyQfLp7k4O8kvLep3j20&google_hm=MjE3NDIwOTYxMDc4NDQ0MDk3OQ%3D%3D
Request Chain 334
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEBJVUvGHDxnZVt94d-uJWw0&google_cver=1&google_push=AXcoOmRXDU1Bkm_G0dhOzSDJuGnLYmor34f91L2s8CzCWblMc4vBIeosxFvU4O8YPbgbM2jPqhsTy1aU1oiN8VF5lBf5RBrRoSA6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRXDU1Bkm_G0dhOzSDJuGnLYmor34f91L2s8CzCWblMc4vBIeosxFvU4O8YPbgbM2jPqhsTy1aU1oiN8VF5lBf5RBrRoSA6&google_hm=QlMuYTYzNS0xNmE3LTQxYzctYTlkOQ==
Request Chain 335
  • https://sync.inmobi.com/gob?google_gid=CAESEI1VMYloraih76B-J_Zzlwc&google_cver=1&google_push=AXcoOmSKSQKzmuqcnPOhUPhpE92-rCY_yRbddlYobRJ-VBxV0MVTj12qFbpibyXF8lV37qAT34aehVxWFqDzKWEEbj4pZnUBkJnX HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSKSQKzmuqcnPOhUPhpE92-rCY_yRbddlYobRJ-VBxV0MVTj12qFbpibyXF8lV37qAT34aehVxWFqDzKWEEbj4pZnUBkJnX
Request Chain 346
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE76CehBzERmaRjxSL-dbD4&google_cver=1&google_push=AXcoOmQtbXCbseXmVXnP_iowPF19VB-cxMUjIdDNKNRV41De1iubEX0EyGUo_UiTbMOYpcJhfc7mBngO0SbAJ06sDdcwec3Ucu0_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQtbXCbseXmVXnP_iowPF19VB-cxMUjIdDNKNRV41De1iubEX0EyGUo_UiTbMOYpcJhfc7mBngO0SbAJ06sDdcwec3Ucu0_&google_hm=rCNJvVND0-xYnWsBrzE5aQ
Request Chain 347
  • https://um.simpli.fi/gp_match?google_gid=CAESEJO2hbF956afrHrUy-0IHgw&google_cver=1&google_push=AXcoOmSakMUzrjzAgIKJ2C-Ez-nd0FLaLKDScxnPQRG09S2vQQBUaxQgEP2FYnmCkgE4jfU3lY3UtbHeBKCbaxxGThWBNl3Vjfzi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BEDC81BD7B4A42B9B8ECC33405451AC0&google_push=AXcoOmSakMUzrjzAgIKJ2C-Ez-nd0FLaLKDScxnPQRG09S2vQQBUaxQgEP2FYnmCkgE4jfU3lY3UtbHeBKCbaxxGThWBNl3Vjfzi
Request Chain 348
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE8i3wZ3rESgvABMZF0RKnQ&google_cver=1&google_push=AXcoOmS9jEllcYS8JA8FXY1T9I3WhGnXmotZpXcySnAyfIcnWUCiYelBYpRfkVLHuzB-U-ooWIZ2mtVNiTLCFp6qa2tVLhwkRyZm HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE8i3wZ3rESgvABMZF0RKnQ&google_cver=1&google_push=AXcoOmS9jEllcYS8JA8FXY1T9I3WhGnXmotZpXcySnAyfIcnWUCiYelBYpRfkVLHuzB-U-ooWIZ2mtVNiTLCFp6qa2tVLhwkRyZm&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS9jEllcYS8JA8FXY1T9I3WhGnXmotZpXcySnAyfIcnWUCiYelBYpRfkVLHuzB-U-ooWIZ2mtVNiTLCFp6qa2tVLhwkRyZm&google_hm=HZuCvGZHGjRJSJDfQNiW9F2V
Request Chain 349
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJdXO9D4Q9Ar_dhFV-bODlM&google_cver=1&google_push=AXcoOmRsPFm23RqGmsWQLaIVzcbpYwdrNK6hwRpYutqxs9PQARlgtAWHe8pVpftJm1diaSAbiy09Xp50iXXPPw9BcNMmOPmjtV66 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=b77a19f02a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=,&google_hm=19ef7b318a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D, HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=,&gdpr=0&gdpr_consent=, HTTP 302
  • https://sync.lunamedia.live/psync?t=s&e=255&cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001875%26dspCookie%3D%25USER_ID%25%26gdpr%3D0%26gdpr_consent%3D,,,
Request Chain 350
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo&google_cver=1&google_push=AXcoOmTS_X_puQoEnFDCOXXkaHDLGU_gl5czgvfdBj19jaflR-t1xIJ_KO-dYJ5WRzJ4V5CaFWYmTcvqDEtyBhb9u2XRVhMsYvXP HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTS_X_puQoEnFDCOXXkaHDLGU_gl5czgvfdBj19jaflR-t1xIJ_KO-dYJ5WRzJ4V5CaFWYmTcvqDEtyBhb9u2XRVhMsYvXP&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmTS_X_puQoEnFDCOXXkaHDLGU_gl5czgvfdBj19jaflR-t1xIJ_KO-dYJ5WRzJ4V5CaFWYmTcvqDEtyBhb9u2XRVhMsYvXP
Request Chain 351
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENWtczFu33u-ELkAwd54TQ8&google_cver=1&google_push=AXcoOmTf7PzINscZARjJzqooxlpcVg41dGKSEmv2wLKfmqz_PO0ia34zb3WZfMn8bXNkg0HZtrPoPiWaKJ16X0peAhsljlTHzLE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTf7PzINscZARjJzqooxlpcVg41dGKSEmv2wLKfmqz_PO0ia34zb3WZfMn8bXNkg0HZtrPoPiWaKJ16X0peAhsljlTHzLE&google_hm=MjE3NDIwOTYxMDc4NDQ0MDk3OQ%3D%3D
Request Chain 357
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1695986091656&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&c8=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%20-%20TechBullion&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1695986091656&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&c8=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%20-%20TechBullion&c9=
Request Chain 358
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED7-Al_pJ1v54Hlep0Y2XRI&google_cver=1&google_push=AXcoOmTKse-4czFpvOP6FiqjW1-ZA_I9DOy4gPbeOJ62hFLrz80bsFkLiDlGx0bhDNaaI3g49lY4dqOmj8rXEMRJcxCv_bm-GypM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTKse-4czFpvOP6FiqjW1-ZA_I9DOy4gPbeOJ62hFLrz80bsFkLiDlGx0bhDNaaI3g49lY4dqOmj8rXEMRJcxCv_bm-GypM&google_hm=7X3QYAv7RmiyA_r8CCyWToI
Request Chain 360
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJdXO9D4Q9Ar_dhFV-bODlM&google_cver=1&google_push=AXcoOmQmKkRMIXBUQta0uB9BcL9zavV4i0cBCLu1wK2RtZTjpv5aQW6t_Cc7gPxjJPIOoU4s5XIjY44OX6n3-CB1zfCr7Wa_UFQ HTTP 302
  • https://www.tumblr.com/ads-user-sync?partner=smaato&uid=f5057d1f2a&gdpr=0&gdpr_consent=
Request Chain 361
  • https://match.360yield.com/match/ebda?google_gid=CAESEF6LIN484Ce_h645RbMK65I&google_cver=1&google_push=AXcoOmQsKCsPBkomjZbKdYYEQXQ5L4jkvThwwICLZUH8iIZIBBpdrjieF1jeIPrtBSMrKmpXfeBHSBiv9ODkfPznmbbwoVAoqxhp HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEF6LIN484Ce_h645RbMK65I&google_cver=1&google_push=AXcoOmQsKCsPBkomjZbKdYYEQXQ5L4jkvThwwICLZUH8iIZIBBpdrjieF1jeIPrtBSMrKmpXfeBHSBiv9ODkfPznmbbwoVAoqxhp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=xSOl7uiDTW-MKYfNrMB_3w&google_push=AXcoOmQsKCsPBkomjZbKdYYEQXQ5L4jkvThwwICLZUH8iIZIBBpdrjieF1jeIPrtBSMrKmpXfeBHSBiv9ODkfPznmbbwoVAoqxhp
Request Chain 364
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGWhat9QX4sBRWU8k4uycfM&google_cver=1&google_push=AXcoOmSbDWRcIRDQRIOKprriRsa_pg-2b9Btu0igQ3qdg0Iwap60RXCSUDmVBS-YJZ5sUEV2U7aGc81nM0eO5MEaFgFvTQQOiNlN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzI1Y2E0NTgtYTZkOS00OWFmLThiN2QtMjA2MmFlZDE0NDMy&google_push=AXcoOmSbDWRcIRDQRIOKprriRsa_pg-2b9Btu0igQ3qdg0Iwap60RXCSUDmVBS-YJZ5sUEV2U7aGc81nM0eO5MEaFgFvTQQOiNlN
Request Chain 394
  • https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19315a88b5a2f4%26domain%3Dtechbullion.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftechbullion.com%252Ff38c7c1c29e36f8%26relation%3Dparent.parent&container_width=270&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2Ftechbullion&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df19315a88b5a2f4%2526domain%253Dtechbullion.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftechbullion.com%25252Ff38c7c1c29e36f8%2526relation%253Dparent.parent%26container_width%3D270%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Ftechbullion%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
Request Chain 480
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=techbullion.com&sn=ChromeSyncframe&so=0&topUrl=techbullion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=IrUxHHxDcC92L3luNU93b3AwOTdjUTFWWEpqVnJmc1FieFlaK0xuVGRPelBReUdRZkFwWUxTWEI1OW53UnlxVFNZa0x5eXZFVHZXL1orU2ZDQzBpSmJpQ3Mrc09FKzVlbEl0MERUTTAxenhpRFdiWFVlbytlVmVodDN3amc1UXRwUFdxcnE5dm1FZi83VDNUTmRhNFlUdmNvS0ZReWhnbmh3bmttR2d6UHdzaHNFT2lEMVFtMnpqSkkvTGJhd2U0ZkxXdEppNHhQK3VtV2ZDdU1FYURmaytJelBwK0tCYjNwSjVJdFZxM3dmb2xxSEF0VU5qTHhCejV2VGZRWlRnQmRDTXJIL2I2SmNack8wUWE1QUpTWUlpUzVORURjQlpqMWxSWUtyTEdqY0pmUU9NOD18&cppv=2
Request Chain 488
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHxWEHIpuPtTKlIdEtgEMBo&google_cver=1&google_push=AXcoOmRUTIN179DFp3swcF8QXuU3aLKkuz4tikAzoQMVwgSSdMQAwzSgVcNEgc9CXbK0GPg329k9G-YWKBrvQKsmtoyhcHo7c7-C HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zfH4raHVSJ8me9DJzrovfg&google_push=AXcoOmRUTIN179DFp3swcF8QXuU3aLKkuz4tikAzoQMVwgSSdMQAwzSgVcNEgc9CXbK0GPg329k9G-YWKBrvQKsmtoyhcHo7c7-C
Request Chain 489
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEeBaLFHQE3C7bwbuWUrPUU&google_cver=1&google_push=AXcoOmQAJmon1slDYX27wpw7ZKXHA3uHluMl22i_RLnKqSHEZFSoFsSrsfpNaR_UMgzcKV6xA4kaGugtQXoyL_Rv1ePPa48OyDQz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7uPldrInTGWNaETL-ajDrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQAJmon1slDYX27wpw7ZKXHA3uHluMl22i_RLnKqSHEZFSoFsSrsfpNaR_UMgzcKV6xA4kaGugtQXoyL_Rv1ePPa48OyDQz
Request Chain 490
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF_NYE8LqUUKprlMaVf4Yco&google_cver=1&google_push=AXcoOmRQIP4rPvjcdyVdwaGv0xQN-IQ9M6qfjqs1R78PUD-dROO0sa9wSgzTodYLZrsD2TU81NEhzTzlkXOWjr5U-NmJGtxJ494_ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEF_NYE8LqUUKprlMaVf4Yco&google_push=AXcoOmRQIP4rPvjcdyVdwaGv0xQN-IQ9M6qfjqs1R78PUD-dROO0sa9wSgzTodYLZrsD2TU81NEhzTzlkXOWjr5U-NmJGtxJ494_&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEF_NYE8LqUUKprlMaVf4Yco&google_hm=ZRaxrWMr-2kMIn5w9Z6S6AAADToAAAAB&google_nid=index&google_push=AXcoOmRQIP4rPvjcdyVdwaGv0xQN-IQ9M6qfjqs1R78PUD-dROO0sa9wSgzTodYLZrsD2TU81NEhzTzlkXOWjr5U-NmJGtxJ494_
Request Chain 491
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJdXO9D4Q9Ar_dhFV-bODlM&google_cver=1&google_push=AXcoOmSd5S-HzsuMItbZ2mWyE2ipTzdK_wxSu-_EkwH_hP6HD8SIFowCxM-3smFdf_P8Sxffa6qOAAJy5-si7ct9bFs_fZwoyFl9 HTTP 302
  • https://www.tumblr.com/ads-user-sync?partner=smaato&uid=19ef7b318a&gdpr=0&gdpr_consent=
Request Chain 492
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEGUj8tl40eLu5FGTjP_Po6k&google_cver=1&google_push=AXcoOmT4Sf0WHiGVuZJGB_ydkPBkTRsKXv_839pddNVNDxjHhbsxOomPj5dAdu9Wm-6afhnEJ_pLgrGdLMnnPHpJ5G6HI-SMRX9nvg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEGUj8tl40eLu5FGTjP_Po6k&google_push=AXcoOmT4Sf0WHiGVuZJGB_ydkPBkTRsKXv_839pddNVNDxjHhbsxOomPj5dAdu9Wm-6afhnEJ_pLgrGdLMnnPHpJ5G6HI-SMRX9nvg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT4Sf0WHiGVuZJGB_ydkPBkTRsKXv_839pddNVNDxjHhbsxOomPj5dAdu9Wm-6afhnEJ_pLgrGdLMnnPHpJ5G6HI-SMRX9nvg&google_hm=cHZGQlVDblFUOWRpNEJ0WGpOc2Y=
Request Chain 493
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED_s85JaPw3qePCsuPEqFxc&google_cver=1&google_push=AXcoOmS-GtdiCZ8pRDcyeFTxMtZQ8wtB1VT2AupcEKW2kRC0C04ryXXhYHefbp778NHE9lD7gr_XiGX3SCSLMwVrbxf31rmOO9HItA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
Request Chain 498
  • https://a.c.appier.net/gcm?google_gid=CAESEIFm5QwNT5LZJ1qfS_c9bgA&google_cver=1&google_push=AXcoOmSEnxvTGS5dEAZ6ZoGxKheu1fC9VaoEjkJ8J88jzyGVgpE1Ukky-L6zqI6SsWKAZJw7CIXKiOIOM3tuIpyCbHKp6dQz324y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WmVJeHl2NUpDZkNOSjZjRXJiRVdaUQ%3D%3D&google_push=AXcoOmSEnxvTGS5dEAZ6ZoGxKheu1fC9VaoEjkJ8J88jzyGVgpE1Ukky-L6zqI6SsWKAZJw7CIXKiOIOM3tuIpyCbHKp6dQz324y
Request Chain 499
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRUOmFjnNzPFNbV79UkxW5VvDJPiltC5UZwIPdWk5rRyRhBtF6ofz2SHP5FrGAtN1y4Nu4KH0DnC6vW6KMGaInIWWJ44wE%26google_hm%3D%5BUID%5D&google_gid=CAESEA7vKZk9w3uegGR_vyey1Dk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRUOmFjnNzPFNbV79UkxW5VvDJPiltC5UZwIPdWk5rRyRhBtF6ofz2SHP5FrGAtN1y4Nu4KH0DnC6vW6KMGaInIWWJ44wE&google_hm=eead468c-f96a-4fd1-8bc5-e3d78d798a1a
Request Chain 500
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo&google_cver=1&google_push=AXcoOmQF1VkNzFfPUHb-yxhtQqy8c3wCtbcVEgpCGgA98bpAcLu6_y8HwepESsR58rUJ_IiATds5LFmwM2P_hyiDWCL93Qdht95p HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmQF1VkNzFfPUHb-yxhtQqy8c3wCtbcVEgpCGgA98bpAcLu6_y8HwepESsR58rUJ_IiATds5LFmwM2P_hyiDWCL93Qdht95p
Request Chain 501
  • https://sync.inmobi.com/gob?google_gid=CAESEI1VMYloraih76B-J_Zzlwc&google_cver=1&google_push=AXcoOmStlCSKK9lgvbH_dR2yZqXv8Sj-wLgx5oTZ8haWlnKeq_jh8qgEbaUWK5VacR61MVjTN0iM0mf7FHhzpUvB4Z8KUfPl2-Qoyg HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmStlCSKK9lgvbH_dR2yZqXv8Sj-wLgx5oTZ8haWlnKeq_jh8qgEbaUWK5VacR61MVjTN0iM0mf7FHhzpUvB4Z8KUfPl2-Qoyg
Request Chain 502
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGWhat9QX4sBRWU8k4uycfM&google_cver=1&google_push=AXcoOmQ3tlYVFYGSYc0ttMh7myc0vwymLY5s8cofVT5XNIXu--AEffKsXJN2jJcEtcS2BFrcrtTtRi0Xh4WB_5Q_cdrOZKuG4x8n0A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzI1Y2E0NTgtYTZkOS00OWFmLThiN2QtMjA2MmFlZDE0NDMy&google_push=AXcoOmQ3tlYVFYGSYc0ttMh7myc0vwymLY5s8cofVT5XNIXu--AEffKsXJN2jJcEtcS2BFrcrtTtRi0Xh4WB_5Q_cdrOZKuG4x8n0A HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 503
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEHzjvEnTjtKP9GJ4xHSHW0E&google_cver=1&google_push=AXcoOmR80EBBEf9MuNjCTKJ0aJbKPP0YQVUH4CaogiyUMTgV15LRQoGCicVUNp_wUVeoV0TrLq6Fz2AAEl6Ao-T-XBRnm81W7kyoRA HTTP 302
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEHzjvEnTjtKP9GJ4xHSHW0E&google_cver=1&google_push=AXcoOmR80EBBEf9MuNjCTKJ0aJbKPP0YQVUH4CaogiyUMTgV15LRQoGCicVUNp_wUVeoV0TrLq6Fz2AAEl6Ao-T-XBRnm81W7kyoRA&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=N2FjNWU0NDc0YzA1OTJiZA&google_push=AXcoOmR80EBBEf9MuNjCTKJ0aJbKPP0YQVUH4CaogiyUMTgV15LRQoGCicVUNp_wUVeoV0TrLq6Fz2AAEl6Ao-T-XBRnm81W7kyoRA HTTP 302
  • https://sync.gonet-ads.com/match/google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=N2FjNWU0NDc0YzA1OTJiZA&google_push= HTTP 302
  • https://s0.2mdn.net/dot.gif?google_error=5
Request Chain 504
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmTEag7zcUlvknWiqPunsytJxzasIbonrsp_BgJ1_XXuFHv54Erg16tV-pUIKWl7xQvf9LOHECHcnbMqVxKGnUGAmUWqgfS-Zw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE3MDM3MjUyOTgyNjQ1MTkxNQ%3D%3D&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmTEag7zcUlvknWiqPunsytJxzasIbonrsp_BgJ1_XXuFHv54Erg16tV-pUIKWl7xQvf9LOHECHcnbMqVxKGnUGAmUWqgfS-Zw
Request Chain 509
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOd6rldHWNiftU5LrbZOV_0&google_cver=1&google_push=AXcoOmRSpkrqyq9yKDt2di-P7BOXa6KfMn3Chcl-LgNCtL02EhwzfnbLQBCMYWSMcNdG7yuFyL66jrRY4QQpRoXtKu7yySQXv4GS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlJheHF3QVQ3MlQ3NHdBTg==&google_gid=CAESEOd6rldHWNiftU5LrbZOV_0&google_cver=1&google_push=AXcoOmRSpkrqyq9yKDt2di-P7BOXa6KfMn3Chcl-LgNCtL02EhwzfnbLQBCMYWSMcNdG7yuFyL66jrRY4QQpRoXtKu7yySQXv4GS
Request Chain 510
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDGgFuFgRVhPJANumbvagB0&google_cver=1&google_push=AXcoOmRC6HHCldhjIoLyL6HBPQ23dSZATKQhcAuOcuzHEZzpDyi0f8la_slaE024dgucH_di9Oe1SlppizrZY4HIkmdforaWkFyF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NDIwNDgwMzkwOTQ4MjY1MA%3D%3D&google_push=AXcoOmRC6HHCldhjIoLyL6HBPQ23dSZATKQhcAuOcuzHEZzpDyi0f8la_slaE024dgucH_di9Oe1SlppizrZY4HIkmdforaWkFyF
Request Chain 511
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEAhMpj8yce3sHYwDnbTcETQ&google_cver=1&google_push=AXcoOmSOy5ImsSEMxNel51kjMEJ7s98U8oZCYlOvvjOlx_mJCVG7Oz0f9y_aiBUnF-h6L9j645a1-eBXQvy9o5dxF_-rrmeVC_W7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=833851377664&us_privacy=1---
Request Chain 512
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJ3EQV4Re5FR4KW-GJQIrcU&c_param1=AXcoOmSqIeYDJjlJXF4LaaLtcIxSon9yo8-d4uvhdEc1DHW8llWTuco5U4kxP3y6wMXkwQLOvCSIP12JFZLkhZWKU7ls29y19wbH&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSqIeYDJjlJXF4LaaLtcIxSon9yo8-d4uvhdEc1DHW8llWTuco5U4kxP3y6wMXkwQLOvCSIP12JFZLkhZWKU7ls29y19wbH
Request Chain 513
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELZyexuVpUPLVlbG-zPvuhw&google_cver=1&google_push=AXcoOmTzknu9eYBxsyYa5PIqofpQzTpKY5z2v9Bnaob9DMqWo3oFn4rVfu-RG7aBbSEeVrh4LY9hOvfPifBmrINe3TnyzjCFQKGt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTzknu9eYBxsyYa5PIqofpQzTpKY5z2v9Bnaob9DMqWo3oFn4rVfu-RG7aBbSEeVrh4LY9hOvfPifBmrINe3TnyzjCFQKGt&google_hm=WlJheHJjQ284WG9BQU9yS1hWOEFBQUFB
Request Chain 514
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEBJVUvGHDxnZVt94d-uJWw0&google_cver=1&google_push=AXcoOmQ8m6R-f0MptvB7wUWZ6NVvN94a2Pqtx_yLFJqRWBPwsWx2akql42iFDn1j5YGofktcj47YzeMHbSKgWqv7KRXUH7euVrOk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ8m6R-f0MptvB7wUWZ6NVvN94a2Pqtx_yLFJqRWBPwsWx2akql42iFDn1j5YGofktcj47YzeMHbSKgWqv7KRXUH7euVrOk&google_hm=QlMuYmRkOC1jMmEwLTQ2ODctOWE2Yw==
Request Chain 515
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGWhat9QX4sBRWU8k4uycfM&google_cver=1&google_push=AXcoOmS-xhLjb0xVlYUcG_HxuvQnPaJgQJTZ9Zf58byQ-8sP53wf54Qkg9SgpdkZDcDKgpVrKzB3JXzEApqQWqofmjzGvxJk-VBx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzI1Y2E0NTgtYTZkOS00OWFmLThiN2QtMjA2MmFlZDE0NDMy&google_push=AXcoOmS-xhLjb0xVlYUcG_HxuvQnPaJgQJTZ9Zf58byQ-8sP53wf54Qkg9SgpdkZDcDKgpVrKzB3JXzEApqQWqofmjzGvxJk-VBx HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 521
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmTUv0shj6lB4Owsf8MnhTahnDIg3j7pX8FgM6Qm1cym0wAE31W1oaToQU6QZ4Xa6UZneMbMrtGt_QU0tHs_zt3xyo25fl5H HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmTUv0shj6lB4Owsf8MnhTahnDIg3j7pX8FgM6Qm1cym0wAE31W1oaToQU6QZ4Xa6UZneMbMrtGt_QU0tHs_zt3xyo25fl5H
Request Chain 522
  • https://fksnk.com/cs/google?google_gid=CAESEE1H9Lv8tmnYoJC-5EZSuYg&google_cver=1&google_push=AXcoOmSESMIb7yDLS17hIj8o9JIwoaji5aTKCjjr1D7MmN38IbazMevJJ0r7pYuejA2gVkH8S_VGMzknJkCCNk2crf_lTrF4s_gGZA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Nzk2OEJBMjIyNERFODUwQg==
Request Chain 523
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBsjq4ywKph3I9SyGQrqMXU&google_cver=1&google_push=AXcoOmSksEzDf39OIfVLUsZg344QoafKDi32RvmxRhgAXRaZmNhIXs92dgCn5b_kqj5yqt3YU_aJqjtqySJD4BJQ69l0TMIR-qRxpA HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBsjq4ywKph3I9SyGQrqMXU&google_cver=1&google_push=AXcoOmSksEzDf39OIfVLUsZg344QoafKDi32RvmxRhgAXRaZmNhIXs92dgCn5b_kqj5yqt3YU_aJqjtqySJD4BJQ69l0TMIR-qRxpA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSksEzDf39OIfVLUsZg344QoafKDi32RvmxRhgAXRaZmNhIXs92dgCn5b_kqj5yqt3YU_aJqjtqySJD4BJQ69l0TMIR-qRxpA
Request Chain 524
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmScdTDYVnBWOWkBDc81dBwOoHQ_sALsOAbyMEQpW8LZ4a0PrHlbv19q9D6Nla5U7Fd3-5e1L7lpmQcttlZSqrd6Rr4RcvhFuw&google_gid=CAESEGJwZ0ZnZqE-eSfMG2_ciYs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xzo0UZqCj0lgdHdCYHYfQcm8SDw-A_esuzO5fA&google_push=AXcoOmScdTDYVnBWOWkBDc81dBwOoHQ_sALsOAbyMEQpW8LZ4a0PrHlbv19q9D6Nla5U7Fd3-5e1L7lpmQcttlZSqrd6Rr4RcvhFuw
Request Chain 525
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB27STdVRjUib1ys0i4rec4&google_cver=1&google_push=AXcoOmTYDYXkOigvximSUS3v06UY1O-znk3aCDgFfSp4jL7fqZjhWn0NK9uRmL_uTTYTQ9BHCfd-Dy2k-YUlZnr3uO_lpUIHwzvi3g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=knAKLyoyX0tzy3brmzysSMPOaYI&google_push=AXcoOmTYDYXkOigvximSUS3v06UY1O-znk3aCDgFfSp4jL7fqZjhWn0NK9uRmL_uTTYTQ9BHCfd-Dy2k-YUlZnr3uO_lpUIHwzvi3g
Request Chain 526
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDUA6UT0CID6wTZkGktkMyg&google_cver=1&google_push=AXcoOmTY1G49Fj652b8-TwrwhqujJtsipATKF6KSTu7vEZE1PIR_JrU1140jxL2w_tWcsNWGYuVstwmGMUkT1II4HduLf00G2zvHtw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM4OTg3NjkzODQ1NDYzOTAwMFYxMA%3d%3d&mn_hm=MzM4OTg3NjkzODQ1NDYzOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTY1G49Fj652b8-TwrwhqujJtsipATKF6KSTu7vEZE1PIR_JrU1140jxL2w_tWcsNWGYuVstwmGMUkT1II4HduLf00G2zvHtw&gdpr=&gdpr_consent=
Request Chain 532
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmRcRGmn-JZuCndVmrl1zbQHiwWULGOu4EIAQCYz7jErjxu8Bp_C_BYKin-qoDu58EfCMEbRDcpqNVEyWUloxwimGeg8kJJs7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmRcRGmn-JZuCndVmrl1zbQHiwWULGOu4EIAQCYz7jErjxu8Bp_C_BYKin-qoDu58EfCMEbRDcpqNVEyWUloxwimGeg8kJJs7A
Request Chain 533
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR_Q7KKKitX07X1YKXjLQ12f8T7Y195fJm5laQhttimwojbnu1Lqtp6M3m2X9-AGXZ7uAyj1bNDXITrHqfTum4x9rM8DZ3Erg&google_gid=CAESEGJwZ0ZnZqE-eSfMG2_ciYs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xzo0UZqCj0lgdHdCYHYfQcm8SDw-A_esuzO5fA&google_push=AXcoOmR_Q7KKKitX07X1YKXjLQ12f8T7Y195fJm5laQhttimwojbnu1Lqtp6M3m2X9-AGXZ7uAyj1bNDXITrHqfTum4x9rM8DZ3Erg
Request Chain 534
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEKgRDwUPfaASfvKHYo5_BsY&google_cver=1&google_push=AXcoOmQjgObyKFaEfOk41VjFc2-WGI85Ojw3vSnU5_wl05988_pbvwOiUjkF3arYoeGms0gqe0LA7G-nXf_9X7lryVcs8AkVaImSpOo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQjgObyKFaEfOk41VjFc2-WGI85Ojw3vSnU5_wl05988_pbvwOiUjkF3arYoeGms0gqe0LA7G-nXf_9X7lryVcs8AkVaImSpOo&google_hm=OTEzMTU4MjAyNzY5NzAxMzU0MA==
Request Chain 535
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQceG1F5S8pv2RCwMdHZbQqSJxKGKWoPED_KFnOBQ87Yn_g_96qq5l7X0XUI3zDZEwVcnZrvAsPmtnggvj1fm1RJO5OoYugDQ&google_gid=CAESEAPqRW2vUX7z8lxiSwDfeVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAPqRW2vUX7z8lxiSwDfeVg&google_hm=T1BVZWJjODgxYjk3ZDQwNGYxZmJkYTM2NDg2NjZlOGUyMjA&google_nid=opera_norway_as&google_push=AXcoOmQceG1F5S8pv2RCwMdHZbQqSJxKGKWoPED_KFnOBQ87Yn_g_96qq5l7X0XUI3zDZEwVcnZrvAsPmtnggvj1fm1RJO5OoYugDQ
Request Chain 536
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEGUj8tl40eLu5FGTjP_Po6k&google_cver=1&google_push=AXcoOmTHDMRSCFdPdIl0CMx3kjdYM0H_-ePV2IRD1zX3JROAioBuT6igzwNayfpHw6Njlf7lqifwjuMIoGQCU__KQ3RR5ug1AoL3Fg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEGUj8tl40eLu5FGTjP_Po6k&google_push=AXcoOmTHDMRSCFdPdIl0CMx3kjdYM0H_-ePV2IRD1zX3JROAioBuT6igzwNayfpHw6Njlf7lqifwjuMIoGQCU__KQ3RR5ug1AoL3Fg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTHDMRSCFdPdIl0CMx3kjdYM0H_-ePV2IRD1zX3JROAioBuT6igzwNayfpHw6Njlf7lqifwjuMIoGQCU__KQ3RR5ug1AoL3Fg&google_hm=MzF0dDJaZ29QSkxKT2Y2WlNTVEE=
Request Chain 537
  • https://an.yandex.ru/mapuid/google/CAESEBQc0Tmr_g-9RNaT-lJE9Gk?ext-param=AXcoOmQ8Nf_yxlEGSh3q5DBYoE7j_rOPpkcRePtz8IokWuX_EcA6daDTGbbeFTWh5ay54CS2F8hSDUhxReUAUpkUwDlOHVp07bgHcPg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEBQc0Tmr_g-9RNaT-lJE9Gk?redir-setuniq=1&ext-param=AXcoOmQ8Nf_yxlEGSh3q5DBYoE7j_rOPpkcRePtz8IokWuX_EcA6daDTGbbeFTWh5ay54CS2F8hSDUhxReUAUpkUwDlOHVp07bgHcPg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBQc0Tmr_g-9RNaT-lJE9Gk&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 538
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED_s85JaPw3qePCsuPEqFxc&google_cver=1&google_push=AXcoOmSc3P3SaSm1D87gOvrxWOgN5XJA6ZE8TM6_rCQUGktPfSzZ8p9h4FoP_-alT2Xlo94od9yo_uBEkCynXk6GeYCvxkkWyvZ4tEg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
Request Chain 563
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=EEE3E576-B227-4C65-8D68-44CBF9A8C3AC&gdpr=0&gdpr_consent=
Request Chain 564
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=099e220400ce3b120b4f3ba3&gdpr=0&gdpr_consent=
Request Chain 566
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZRaxqwAT72T74wAN&gdpr=0&gdpr_consent=
Request Chain 567
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjE3NDIwOTYxMDc4NDQ0MDk3OQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJH-T4Oa_ucG7K1Hy5oP7GU&gdpr=0&gdpr_consent=&google_cver=1

577 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/ 		184 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9278a929392efc957d7c1f7646d15d4c84e47ac26f7ec3d78116716bf16bf2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=2592000
cache-tag
d7ac72c7-be8f-4ad1-a3e1-0848fe4ca3a1,fe2b2f86703397f67918b685b604d1177acced78f8677d95944506a2a93130a3
cf-cache-status
HIT
cf-ray
80e3cdfe1c939262-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 11:14:48 GMT
ki-cache-tag
d7ac72c7-be8f-4ad1-a3e1-0848fe4ca3a1,fe2b2f86703397f67918b685b604d1177acced78f8677d95944506a2a93130a3
ki-cache-type
Edge
ki-cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
last-modified
Thu, 28 Sep 2023 06:19:28 GMT
link
<https://techbullion.com/wp-json/>; rel="https://api.w.org/", <https://techbullion.com/wp-json/wp/v2/posts/20301>; rel="alternate"; type="application/json", <https://techbullion.com/?p=20301>; rel=shortlink
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNWJyXjew308rDiERMQM5jWBLHMw8YVE4wnJ8yReXMaiJmdKGSM7DLnZMPfUDGEuFgIbiCKfOsz3FWbjypxX%2FP9LSfH9AOCBqVJb7Veu%2BNGbONp2xtU5DK%2FFucT%2BpU6LuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-edge-location-klb
1
x-kinsta-cache
HIT
style.min.css
techbullion.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,37ddf57f8ecd1d81eaa888d0f4713dfda52a9a54bbde45704a90c867396042b9
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 09 Aug 2023 15:22:18 GMT
server
cloudflare
etag
W/"64d3af2a-19824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMJhzCqBtowQGAalBhagLOLm1t4qKALwqelONZCoZxXdE7S8FhrDKQiF9kTYb3cSmIEY%2Bvp%2F2F6oT8PJIdX65ju8QnJdhjWbScnyv%2FrpyhMRXwL8IjNF4RjLsDzJ9eXUZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff0d569262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.css
techbullion.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,c706a4351a6e72a92d5a09ea877ef1d128d8296538e03c9a77475b377fcb0e7e
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
63023
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 07 Aug 2023 08:21:36 GMT
server
cloudflare
etag
W/"64d0a990-b2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Tse1kKmOM66a0sscGAwX3NNYzPCbfBAvq10MYNMhp2wxMDmI2xR57ef1gPf%2BSc8Or6kUP7U0L65G2Beo3iOpCu1w%2FD0g4pUiI7QnyN%2BUQfSLaJH%2F5%2BKhSenZPV2nU%2FEcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff0d5a9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.css
techbullion.com/wp-content/plugins/wp-user-avatar/assets/css/ 		101 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.13.3
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd4ea0c51ab60a7a520269e7634dfd43ca5bd23b589305247926d188514a7c43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,76c12179d8ff34df2f4cf66bf47ffd75a1473d081a249ef126fd6a91ef75f45c
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Sep 2023 19:49:49 GMT
server
cloudflare
etag
W/"6509fb5d-195a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58%2Bs1INXOXLRML8fnpFgQnIQ8bYZ0psWEc51ay8aG%2F4H%2BAYvP4NATKOs%2FYb1D4pdHYDDr8RbEjbRxTZO27US18b9t02qz753%2BMyut3izr87r6YSbcpopn9iLlnbg2uMQ0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff0d5d9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
flatpickr.min.css
techbullion.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.13.3
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,bf16eaa7e85dac96e42b1ee6fc6f58d656cad938c7dd3c421748379407c9a265
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Sep 2023 19:49:49 GMT
server
cloudflare
etag
W/"6509fb5d-3601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06m%2FNKz1%2FoLlp0XLAQqGN1pvq3rhPWuSa5EWCYrK7Gic%2BWGLLmoUiiq8j6Sl6UJ48%2B%2BNSdPRWCid29E5%2FpcKtIi%2B7TDJpGmaJ%2BV3X%2BhKkdtYKjzlAEbjvj2XSoAVNsMQiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff0d5f9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
select2.min.css
techbullion.com/wp-content/plugins/wp-user-avatar/assets/select2/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,a7a2c863151b3a66a7b942e13a74d7a3cf78f71cb933a5f40218c78766eebdbf
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Sep 2023 19:49:49 GMT
server
cloudflare
etag
W/"6509fb5d-3a75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVeCXbwyswhxb%2BAyu6%2FsPzW1aDyHa2xhVmMlg7M0bf71VYxlBmSnJk7NMIe4Q2LDqsCgvIXqpmP6uBfOcy%2Bq85RZ4kPlbxEtHVdEIHYyUK21K0TCALgZMGCI62vyb91Cwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff0d619262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
techbullion.com/wp-content/plugins/monarch/css/ 		113 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/monarch/css/style.css?ver=1.4.14
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,117fc3a5d7fc385048f9483dc0718fd7f1e6cfbf7437dc8c4d76d8e79a4ebb7c
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Apr 2021 18:38:19 GMT
server
cloudflare
etag
W/"606a079b-1c56d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OX0k1TPn7u1P0PI8OUdfs6MCzZIleYD6BKunQ%2B8t0d10lLwJH2vi3CKlLeJk%2BAz%2BarP6ZZULRV6x2vU5fcSNrUTjFFW9Hw7rSCDbl13dKW27cVUt9hb%2Bhw8jDRrUn6%2BxqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff0d629262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d81372d24594f6fc20de51c71f80266e35bf19666316ab3de588145fe7bd39c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 10:08:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Sep 2023 11:14:48 GMT
reset.css
techbullion.com/wp-content/themes/flex-mag/css/ 		1 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/themes/flex-mag/css/reset.css?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,0f1d72fc0b504b84dd7f3c21f3abe505f1d7851c4622361712bd25208c63d20b
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 14:36:52 GMT
server
cloudflare
etag
W/"63988e04-434"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXq6pwO9c%2FWXXj%2F0x5JlSr%2BcykqPAYtzMy7l4dd3e3lnXc18w6hO3%2FITkIiQTeYbePOq%2FG1zgohx0MZIe%2Fe0naTUHg3C%2FM1mOtWDhilqbaQ%2B%2F7sa8JLHQme2gli%2FQCTxvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff0d639262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
2662173
cdn-cachedat
05/01/2023 15:46:09
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"c495654869785bc3df60216616814ad1"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b1fef931cb5a5f3fe511048c31224b71
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
80e3cdff5b6a2c1e-FRA
cdn-requestpullsuccess
True
style.css
techbullion.com/wp-content/themes/flex-mag/ 		97 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/themes/flex-mag/style.css?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2361280886b49d0e746b35fcdc69926b05e77746655fb768ac57d23b14e8097
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,304b143f7528db78d085d92f8ce6dc6e39219f386f44affef44fa4ba1047b41a
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 14:36:52 GMT
server
cloudflare
etag
W/"63988e04-18279"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OK4C4MrAe97HDPA8Yv9Q04r5TE75hoqa5uD8kEcvBgCy%2F4qTmSaZ5C2ogZwQU0GKhxxzlN1Z3k4Y4UycTk2kXRPeGVEz3P%2BCki4Ty61a92fOtl8gSdPmEFY3prhiJZo04g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff0d649262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		50 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CLato%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1a5a8948a4414e40dfedd07b46109983d5950597c2543f45ba8132bb2bc04582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 11:14:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Sep 2023 11:14:48 GMT
media-queries.css
techbullion.com/wp-content/themes/flex-mag/css/ 		91 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/themes/flex-mag/css/media-queries.css?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,75db0c12208e7167df4486a78e418d7450c66dda3418fc029ce66fc29cbc9e8e
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 14:36:52 GMT
server
cloudflare
etag
W/"63988e04-16af9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2lt3RPrEQ5SPcgTm3BfYidTSKGVVP14BiF3pirhPZlT1BrRF3HjEMGt%2BrgrGZf57aB%2FCQiMILphBtu8arZY2TSnd84%2FqGFV5QJBYNzbpOuqYXM9QxNUI8qgTEhzv%2FsD3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff0d659262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
techbullion.com/wp-includes/js/jquery/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,3a7a90d0363536c18a90361c9c757c4daa20c8e333801864c9cc714afd27713f
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 09 Aug 2023 15:22:18 GMT
server
cloudflare
etag
W/"64d3af2a-155ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BSnG5%2FcOZ%2BI4BXGTf%2BMrQmhb1zvPfBLI3fxHSsI1m9yI%2BV3ONmkSYRZXuT79v2IZ0LgtlWeSjF7qUK2CjY74IXuxVAUX4j8%2BT9wE0Z%2BjXiU3PU8A8ozM0bal2KVsH5w8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff0d669262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
techbullion.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,be88b72fa9a0dc8024aa81274689b46ee52dae12db16da42d4615734928a6f0c
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 09 Aug 2023 15:22:18 GMT
server
cloudflare
etag
W/"64d3af2a-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xeCUbjxVcu%2FMEuHrFZU8NtAsgQQBXs5GaZy6XodSNu0D%2B9MdWKO4ABiYhZZshs4HLSYbfJGrVjWUGGJBLS7vVHoA8yS%2B1X575z35k%2BrKuU8PziHAH6adG9%2BxW0BoppmsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d879262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
flatpickr.min.js
techbullion.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.13.3
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,7e5aae70e2a4f3726600b359ece09568c74ae47b9980db7bc2c980e2f58f9d3e
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Sep 2023 19:49:49 GMT
server
cloudflare
etag
W/"6509fb5d-c5a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erB4CBVBM8pA22k%2BpHiD6ALxsMhHvCciwxub5EWhFk8oybtUaCwKo7Zu1zwparHVDWxXQjQVFMRZQIn76mUKvhrWlA1ciy%2BBUdqaVAkn08LNrv%2B2qA%2FffwFWwQ3vnRRH2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d8a9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
select2.min.js
techbullion.com/wp-content/plugins/wp-user-avatar/assets/select2/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.13.3
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,1f160dcd41fa67efbc8ceffaa3feddab42ea1e1ea65c87b0850055c11fb015b8
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Sep 2023 19:49:49 GMT
server
cloudflare
etag
W/"6509fb5d-114c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkbXBkO8FVg6jrXV%2B9LJmT7X2Y51T%2FZSxo7olTpulZ0ODPuhrncWJdW3J998QhFtfYvNd8h1Cwa4h7IWPPLSLA3DHprmYhJdH8HS8aA7uY5EXQlB7FyaZK7Z5MC49o7mng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d8c9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-77396124-1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa2795f4f555f9f778d64da70be98eeb0a564f77b66ca4504ba58f4259adc163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68969
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Sep 2023 11:14:48 GMT
modules.ttf
techbullion.com/wp-content/plugins/monarch/core/admin/fonts/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/monarch/core/admin/fonts/modules.ttf
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,17522ad34dec07b369f9b3f0a44e22ddeaae1ceaad643ff8dfdd6b4f66a5bd28
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Apr 2021 18:38:19 GMT
server
cloudflare
etag
W/"606a079b-168f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HRbzrlFsojLm%2BI%2Fzi8egRgb1wz9NcPis66ytjLlIKK5nJgzMjvhoAI%2FnU53XUGAeC8Qnio5iCQSTGtsZe5mCzBGcqneDaWHLypWHH1GSpil6k4M4X2lRBfWJeuCcCxP5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d8d9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4909624562623679&host=ca-host-pub-2644536267352236
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3b8af4aabef05c10b1a9deb067e632c5df7b90e04817ca7a44719b4806f0658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51089
x-xss-protection
0
server
cafe
etag
12220193047015844643
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:48 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fecf49b4b8b25a8e342fcf6cc8307912d26430c418dd096f7b50c6084e73f4bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51040
x-xss-protection
0
server
cafe
etag
13028942575348208909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:49 GMT
comment-reply.min.js
techbullion.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-includes/js/comment-reply.min.js?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,21e020ba51bf9ad8f00812f8ea47913cd0d1ffa75587c756c1e6f29673fcb29d
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 25 May 2022 08:25:31 GMT
server
cloudflare
etag
W/"628de7fb-ba5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pufMMeoBYxWWttrxcQ%2FXm%2Fy7SDlkCfXRC2yys4%2BGLAmRnsLnKy%2BS2bznAo8TngE9JeoALIlIRuYjgKaZBjXjzuQ4f9WN9%2BjCZGZl0zz6FOlLkh7vRS0wMgA7GNC5VjL9Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d8e9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
techbullion.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,27bdac661623649b6f1e6acdac0f4e70cd197eb4f9d816368f2efa2cf8b9db8f
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
63023
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 07 Aug 2023 08:21:36 GMT
server
cloudflare
etag
W/"64d0a990-2a12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oOzU9bDxaw1kDUCg5tJgh%2FEdPakEa79kueJXw27UF6sJZmA9ZELhzsojVsP1%2Fn395M7pCOmK2s8El0o6AwqDY9BDXprJG%2Bq5xhpgy6uBDDeHnRBjudOtNwPFL94Sf2c%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d8f9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
techbullion.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,e3374faed7c5980e1fd523525ad4c8e9d56f7928ee3c22831163a1826e894376
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
67528
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 07 Aug 2023 08:21:36 GMT
server
cloudflare
etag
W/"64d0a990-328f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuDzyBM4TKy9nBNBnUwwmkctS1O%2B5GAmMy%2BsXZ9WPiZzegwG8oaCrPhqwDAJKzh8S20tS4OTs4hVSn8uD7LZZ9dR50GaJtoMpXsgNxPE4o%2F8ziiOR%2BC7UJAUUtrSS%2BIeDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d919262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
ResizeSensor.js
techbullion.com/wp-content/plugins/theia-sticky-sidebar/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,92667534cf59be7f7fe0c0966c2d473287807b43f1fe2c82c3be47482178266e
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 Feb 2023 09:05:06 GMT
server
cloudflare
etag
W/"63e4b742-1743"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVRhdinlln3VatnwPtEFlY7601LVUQg%2B9%2B9enS1C2yoiqNM7Mw8sFI8C4cYagJxLB2L7MssWO1PI9%2Blm6Xlf9yOLuMFCPw4uYfwqUdnqkedMvXLKbhZXQ6OVSWubGLJMGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d939262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
theia-sticky-sidebar.js
techbullion.com/wp-content/plugins/theia-sticky-sidebar/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,05e473435c7a0d28d863da98b81a327d823ff237c9f7b010d405d81add54485d
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 Feb 2023 09:05:06 GMT
server
cloudflare
etag
W/"63e4b742-3e36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMyApnlHFhuMAL%2FT8FKofzl3%2BT7Q7YdAx%2BQWe9UCudPd3sr3Wjk5jS%2BtDSqXCfpMrDrLWf%2FumjBVkV0pCORnhu1nl2lTj7SCUClRros7UN9pW1XV8e6qBQH6fbnW4HTnBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d949262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
techbullion.com/wp-content/plugins/theia-sticky-sidebar/js/ 		435 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,09f20f966d673d8054660ecf18be2483e71fa2b4ee3de72835a7348e0535fca7
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 Feb 2023 09:05:06 GMT
server
cloudflare
etag
W/"63e4b742-1b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTdf9qzrhIA7ZmJlO8%2Fx2ydW%2BZsOn1aoBXB0Ls%2BPyLTgl10Wp2Xs4bT0UZhPnSfbTwVrq4i7CADXxAywU6h67pW5AJ%2B6jt9ZmkUr3LT%2BJSxAMnlOhnEhzjNhWVRa9Ud7Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d959262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.js
techbullion.com/wp-content/plugins/wp-user-avatar/assets/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.13.3
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
572e5e4a394913b6c3c000f37295ba6da7f7cadd25e3c70c7552e90b9f99ac58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,81ef36aa9e6e8aab2574bbf0ebc5b39ab97d535688d86293811fcfe8e0fdbd47
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Sep 2023 19:49:49 GMT
server
cloudflare
etag
W/"6509fb5d-4733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2znOcdBAoicVTsFy6iHqnm1jJ%2FqVxWuOYgzgjnygS1eYQRBAUTpdeETNUBnjRauPxNGCFB2G%2FWS0VNoC9ZrW9q4GI8QQzZ1yE4u3qgU8LROWOPrHFyGTY3y65Y3OTrNBpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d979262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
idle-timer.min.js
techbullion.com/wp-content/plugins/monarch/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.14
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80fa756dda143f69fb3ce750e905cc8188150dc4c6b7539bf3627fe26530b405
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,687fbee5b5bda050134a71a9a6e3e83bf8fc176eaa0ebeda91650a2d24c2d62f
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Apr 2021 18:38:19 GMT
server
cloudflare
etag
W/"606a079b-a4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KitbtCzIBOjqBVhfhgixPuI6JrLzalzV%2BenJScE4xLU0%2B1y8d9WnIQ7165qPwznqE0aKHdtn%2F5Yv%2FO5AUvJtXe%2Fnhp5I72d03adpUGIXC21X%2BXIlP%2F39JRRF4hcer%2FJNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d989262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.js
techbullion.com/wp-content/plugins/monarch/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/monarch/js/custom.js?ver=1.4.14
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43b5c9ad80f0a5d1c63568583e9cf6cd5ca8454a680f4ee80d5d63d00b15a360
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,d997ef288a02704f310ba311fc56e521a1d557d25397a05e26b8f19dbd4fdcff
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Apr 2021 18:38:19 GMT
server
cloudflare
etag
W/"606a079b-6855"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcJKZoUqoJ%2BhG9cx02TEDD5QDUTzWmZ%2BcZyKCph3l7dUZ996oDx1QUg47y%2FuxAHHuzn0Qx%2BqhPWzJKFJVyWT0hEDa0kbdG0kUsLJB2XLHwvozW1FnfX0ghiKhx3m1FerSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d999262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
techbullion.com/wp-content/themes/flex-mag/js/ 		142 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/themes/flex-mag/js/scripts.js?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,c0c05eefe803422b9e898aae3b2a060f3da2727c946f080bc3f61417620b0037
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 14:36:52 GMT
server
cloudflare
etag
W/"63988e04-237aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9FkTXDLBoVqENo3OglxlIjyb9PIS5EbxRozDG0aXMLRzEEoZoh3qSOIJrj8Nki38GgV%2FcXNOqBosrxxKvnrdwpDu14%2F%2Fg36CbtG14qL4QLDOWxUuf6GpYLCPjqx5X62UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d9b9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
retina.js
techbullion.com/wp-content/themes/flex-mag/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/themes/flex-mag/js/retina.js?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,72570aa72a809062ed89e5dedbc227a555f40e920d004fc281a59dbf07527096
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 14:36:52 GMT
server
cloudflare
etag
W/"63988e04-c20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dk0%2FSc4GaABlUwHSRh9WBjKX0CRDPnhSTy5%2F3W%2FKP33ebRJA7wt5fCiI8cf0pky9bclzfFTc0qllnoSCPHO7ymgIcy%2FMROVPXuE07SXJPmasgBZjX7IjYihw4eWDPmgQeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d9c9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
common.js
techbullion.com/wp-content/plugins/monarch/core/admin/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/monarch/core/admin/js/common.js?ver=4.9.3
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,7b082b05bd06c0b35e08e057e58c23766f611b8ee0e9f1417a38601f99687050
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Apr 2021 18:38:19 GMT
server
cloudflare
etag
W/"606a079b-53f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p08ZwlMffZywUXIpRchDo%2BBRv7E%2FcSGS2FakfjXk8mzUgid5fXibsizizBBO9cFAJC5KbBhM52wcraUfJnSoXbQ7Flci1bliTD%2FJssvGifTexTZWF4mfs1Mr2XlBLyS2Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d9d9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&ver=3.0
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a0b66cc384e826890c38a3ed76122f023b568aac4089db040921e0f3defc7119
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 29 Sep 2023 11:14:48 GMT
wp-polyfill-inert.min.js
techbullion.com/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,6ca42e7be5a1cd9d0ed58ae93923f892b3bb7b238dc2e88e5b6b33be747049b9
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Mar 2023 08:03:39 GMT
server
cloudflare
etag
W/"6425425b-1feb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWbExGs%2FVLsiOZd32n9ntcjSDZNpVTPategoI5cuwYg4SLQnpsKwEMx93JF8N0qz%2BICjXieJ%2Be6Ec74rdfPZ3pAjDq4JFSki9%2BBo3WBL3V3VrETPYYqkYKIITQdmQiByNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d9e9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
regenerator-runtime.min.js
techbullion.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,5f2e037f3a0cea12fbb9789ed53dc3749727177fc7062b551453ead6019f1169
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Mar 2023 08:03:39 GMT
server
cloudflare
etag
W/"6425425b-19cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFCRNzvsYXnXLyVsEBbDr1C%2BhoQd5ipuMf2dtYc%2BqZ%2B7X0sRM1WGkmSNDYrYUb2nK%2FytDWQTwIRGz9LZQkSAgs5TFZGwof0NycVaI10ZZgZchToIh%2F9a%2F79i9d62IkwT4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2d9f9262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-polyfill.min.js
techbullion.com/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,b43f6b04c3826e3204562a660a03c439894f56f3da08ff943c766fee2dbafc1e
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 09 Aug 2023 15:22:18 GMT
server
cloudflare
etag
W/"64d3af2a-3f12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1H5zZ2bPyAedIzhM0aIoEP%2BmAB5ZcibSBhYLMZJpoWgmzeQQ2n0hLNQdPRqiSxADzDqCrKztnfvXpOotlG4iXPv0EbBvALMHAjL7PjNAFkSUBiujmDGubbjNxAKytkFWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2da09262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
techbullion.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 		991 B
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.8
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f26e74a5392e23175b93e81e7b642e02c20d3ca132207dc7f00abfb7dae2b6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,6263969e8e24f6d80a644b25d75a7814ce1d28c7117f301703d6705a4286264c
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
63023
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 07 Aug 2023 08:21:36 GMT
server
cloudflare
etag
W/"64d0a990-3df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCIRcocQ3ZgR2vjUAssQTzrscdqHcMVZCyF3WWLL6PwiMlqbxjOmq4RicmuIym4ZAUaCAM1xsf7FlrepcmFo6ypecRnr80te%2BZjE3GjGIH6YpaEw66%2Bb8ZG8gh3YmptRlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2da19262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
smush-lazy-load.min.js
techbullion.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.14.2
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,bed06dbaa6fb6448b0bae2e093f72b3d8346becde447d5e35c64b8e9a93fb4c9
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70036
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 10:16:20 GMT
server
cloudflare
etag
W/"64e72df4-1ef2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o969p6Cg1%2BEi357sSqqH2WsMniDK5Cfw0M1UfNT1L0XUixZ9mx5rJukrRJOHNMBW0YOb78EG2cn9b19KqZUO4IB6qW%2FjvHh30b5%2FwUwNtB4iie85VgeaP6yh57AN3xaLfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdff2da29262-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed.js
techbullion.disqus.com/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.disqus.com/embed.js?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
86491d6886c4488c5638c81b628e733cbe7856fe8f698df6f6696971dba01bdd
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 11:14:48 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
60
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25462
ec409e75-743a-4ce5-be69-566414d371ab
https://techbullion.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://techbullion.com/ec409e75-743a-4ce5-be69-566414d371ab
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
loader.js
cdn.taboola.com/libtrc/techbullion/ 		229 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/techbullion/loader.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c541b2381767e1dace36ff6eff314d5e9da24767421a24b95779ec24985c3027

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xWKseyOmkAUcuy71OBaPyClwbSH0XwRc
content-encoding
gzip
via
1.1 varnish
date
Fri, 29 Sep 2023 11:14:48 GMT
x-amz-request-id
S69PDR8DS6XHMSHE
age
59
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
47313
x-amz-id-2
DkYkoLkSQOlM2dYcyPWE8K3Twd85eNmF1IiOJ1FaSohLJSUellQ5+YVdwoi8/wN/rTBTsFdsAzo=
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Thu, 28 Sep 2023 12:15:46 GMT
server
AmazonS3
x-timer
S1695986089.977636,VS0,VE1
etag
"73740957e555202e85ee75baf18ce162"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
88
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
pubfig.min.js
a.pub.network/techbullion-com/ 		259 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/techbullion-com/pubfig.min.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911acfe37ae454190591b0875359afa9512b9020ef7266725f34d3a14b1fe832

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
48421
x-guploader-uploadid
ADPycducOANnDyN_2vKYyJK2dW4hrESgQBZhepNFXrL1VEHPRpvMPoXBDrZZaseme2qvZp7rThrptec9s57F89yfQlq8KBj9HaCK
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 21 Nov 2018 17:11:36 GMT
server
cloudflare
etag
W/"193b51a7e065aecf7bdc46f583ebc723"
vary
Accept-Encoding
x-goog-hash
crc32c=PzV3Gw==, md5=GTtRp+Blrs973Eb1g+vHIw==
x-goog-generation
1542820296241442
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
265039
cf-ray
80e3ce0008512c21-FRA
expires
Fri, 29 Sep 2023 11:44:48 GMT
techbullion.js
cdn4.buysellads.net/pub/ 		488 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
f1f23442cb0d0b379c268616680ac233f500fa49c4eeb0602ac4a725648fe46f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2023 11:05:34 GMT
server
AmazonS3
x-amz-request-id
R1XMMTZ85VQGJ747
etag
"0a88b949be7e126ec42172997b9364f4"
x-amz-server-side-encryption
AES256
x-hw
1695986088.cds333.fr8.hn,1695986088.cds274.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
136999
x-amz-id-2
JGr9435Xasrj/wUYn1FREsMQJiGzldExJyr2xh20fLsG9zELdQF52igkibZRPZL1tNnAaUi5Xww=
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e19febe27f4f993ae864356ad7e39be1f85b880e012aad6ec4ae63d1700fb3de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 29 Sep 2023 11:14:48 GMT
content-md5
HZYiF7LkJzEQ3UhYGe3oiA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-debug
vNFKFpLfboyCIcH8R5St5gcKWlVzHXOVt5l/bVMSnqhyRtOx9oBJVLLWemjxyDViCJQ0U2vh2sojXAZxJbLHkg==
x-fb-content-md5
7f75ba695ea70f7ef8338ba25c33b8aa
cross-origin-opener-policy
same-origin-allow-popups
etag
"b0b0da5561e58d079d326e4fe181ff9e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:27:10 GMT
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css?ver=6.3.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css?ver=6.3.1
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
894
age
23181520
cdn-cachedat
07/10/2022 05:11:48
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
eacc06db7f8f8c494397b54e4b9cd354
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
80e3ce001bb82c6e-FRA
cdn-requestpullsuccess
True
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CLato%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 18:19:05 GMT
x-content-type-options
nosniff
age
60943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 18:19:05 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CLato%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af5a9628858b383c6257068c476c25b5a8a6421b686a349a828c47f526e7f877
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 18:30:59 GMT
x-content-type-options
nosniff
age
60229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18628
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:07:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 18:30:59 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CLato%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 18:36:55 GMT
x-content-type-options
nosniff
age
59873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 18:36:55 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CLato%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 21:23:50 GMT
x-content-type-options
nosniff
age
481858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 21:23:50 GMT
monarch.ttf
techbullion.com/wp-content/plugins/monarch/css/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by
Host: techbullion.com
URL: https://techbullion.com/wp-content/plugins/monarch/css/style.css?ver=1.4.14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://techbullion.com/wp-content/plugins/monarch/css/style.css?ver=1.4.14
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:48 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,9f60e1882be0e3faa7ef23aa85033318fec792f32aae051aeb374f5dc7aca50c
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70596
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Apr 2021 18:38:19 GMT
server
cloudflare
etag
W/"606a079b-3af8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWGscq%2FofIh9cNHcfdC2qgCybGAdQUhDuV9%2BUjuqwlhx3XbfS0YE4FTq6h9LumxpvMQOJvjpp%2FcWLVAuVFzW3IgNLUoJ8HNfwHYSreP3oOuYRJ%2Bw0h1IUIj9czLDGDyNQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3cdffda749137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CLato%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 21:18:33 GMT
x-content-type-options
nosniff
age
482175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 21:18:33 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 18:16:19 GMT
x-content-type-options
nosniff
age
61109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 18:16:19 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ 		461 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3a82bbda9976a0f7fd499cd71b41b78b86fb3c50e11ef3a5dc159033a3111bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 01:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188777
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 04:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Sep 2024 01:43:52 GMT
TechBullionLogo-3.png
techbullion.com/wp-content/uploads/2016/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2016/09/TechBullionLogo-3.png
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b054b6caaa04c7df71ffae166ad1ceebc5fa627be271758cf29983fcdb3690f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,cb0b88dd073a1c205d32100106dafd45f9daa28725ccd14c8a590200a57e41b7
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70596
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4730
last-modified
Sun, 04 Feb 2018 17:17:42 GMT
server
cloudflare
etag
"5a774036-127a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPmbus1YSvYS%2BAkOb17E4kM%2F%2FsjoVYQBWg96nzuDA25lGe4L1pJhbUNr2ZD%2Fre9qPt2bU1RX8FtV7DjcLPCg2Wr1HCm3ZIVDT%2F0hn0xVD%2Brz%2BCErQmD5zN26rye3e0d6XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce006b379137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Jim-Bevin-80x80.jpg
techbullion.com/wp-content/uploads/2020/05/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2020/05/Jim-Bevin-80x80.jpg
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e652fe30151551709a9a1b69bd9d2cc5cf5f4d95b6ea11a6092d5704c8af8220
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,5cbbf6bb0a6fa664bc8d4d530ff62966c3e16b339a0c6bedca6e277244f4153b
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,5cbbf6bb0a6fa664bc8d4d530ff62966c3e16b339a0c6bedca6e277244f4153b
alt-svc
h3=":443"; ma=86400
content-length
2340
last-modified
Fri, 14 May 2021 09:15:32 GMT
server
cloudflare
etag
"609e3fb4-924"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7r%2BRebS9fLSKuOPkWvlRtj8Mzd7vG%2Bz%2FkuvyX3dqC4GM9QS3JRZRx0ocObdPcExQMuoqNsOjLPA1%2F2x2hCesONJlajX6mVaXE2h28Z1%2BB0gGNGkoBzDMP06%2Fwn7KUyfpVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce007b409137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
6.jpg
techbullion.com/wp-content/uploads/2021/02/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2021/02/6.jpg
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54297f97c184218dafa90bdc1a288f41e00985886335833e4401c53649c3b0b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,8a67623f61c1801f30cec507272c1f597ca69e60d51bd6cc2d0dc954d4d341b4
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,8a67623f61c1801f30cec507272c1f597ca69e60d51bd6cc2d0dc954d4d341b4
alt-svc
h3=":443"; ma=86400
content-length
36367
last-modified
Mon, 12 Dec 2022 04:01:50 GMT
server
cloudflare
etag
"6396a7ae-8e0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A86nB5S5M1dMOYiJIq8CrMiFSytgPByJS6J2%2BeYr4GtMQfk256qngWWR1MkOHS6z%2BNHrBZ04T2MwmIAzOJE%2B2FUHUgv2q%2BoxUMAPHPmvLEtOhJAqGgdMiaKGhwhlmGzNHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce007b439137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Open-An-Online-Store-80x80.jpg
techbullion.com/wp-content/uploads/2023/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/Open-An-Online-Store-80x80.jpg
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2197c95adf29181c7d866ed999a4553157c2c092e0246d2dc5ad17f6a053aede
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,38d65cb65a6e7900b8d5c7e4bc13702337c294e1ffbe504c2949c1113ce1e037
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70596
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2043
last-modified
Tue, 26 Sep 2023 03:13:05 GMT
cf-bgj
h2pri
server
cloudflare
etag
"65124c41-7fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Enoj0zmcRE9ImQqmx3s1QmGP%2Bt1U2qxOnAY8DxOrd4K4%2BGxyisK2Mahcfzpoz0f1SOKsS%2BinHFUF3hZmYESafVBgFuJyiWLi2n%2FaotB6m9de1zhl0l%2B9gHHvFarSOCM0MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce007b459137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Screenshot_2023-09-26-17-12-33-16_a1b1bbe5f63d5b96c1a0f87c197ebfae-80x80.jpg
techbullion.com/wp-content/uploads/2023/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/Screenshot_2023-09-26-17-12-33-16_a1b1bbe5f63d5b96c1a0f87c197ebfae-80x80.jpg
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68f1d2cdde65c21f09c381329f6f4d33b95384d791b247bc15a9d5a2af02ff89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,72a87e11f6164c6cf890005f0cba65c22a538b1ae64afe38022a2585a5038c06
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70596
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2834
last-modified
Tue, 26 Sep 2023 12:13:14 GMT
cf-bgj
h2pri
server
cloudflare
etag
"6512cada-b12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwUscvzZrQoWvj%2Ff2w7It6Zc%2BPIf6%2FkPT8hzKRh8pObVvpDrxJeoz7nPq%2Bf6mMTTsRSTzz8LAc1SG3zNHqmk4NX3PUi9wygxa5vmT8M7mqs7%2F%2Bjf18cdDtuPy6GEhhDw3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce007b479137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
expo-80x80.png
techbullion.com/wp-content/uploads/2023/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/expo-80x80.png
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d249a18a1a3c28215f017d9249038b6bdd75bc24c3a70fe827a1be154f2a4a79
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,11965665a4fca1cae174d1113d2b226130f2d2f8111aa4aa8b9b1fde16fbd2f1
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70596
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2629
last-modified
Mon, 25 Sep 2023 08:28:04 GMT
server
cloudflare
etag
"65114494-a45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40fGowOziWtNwT6sYm%2Bd9REzUHL4hBVWUM5RugjtOKBZ14eZfJ0XUZoC7tzxfzJ2ciEqdhGdGvxCBSjcrts%2By0ilKEYJONmSxtwJs4OWXVoO3OKzv9rR8u8J3XnMqEOblA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce007b4a9137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
IMG-20230926-WA0001-80x80.jpg
techbullion.com/wp-content/uploads/2023/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/IMG-20230926-WA0001-80x80.jpg
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d4c5cd0873c980789e49c0fb57805521da15cf3aebb56b193b501990f302e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,2603b2f3464414af73ccfdf72d49acbf9bf79a644f6bc68fb7903c12900ad3e3
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70596
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2264
last-modified
Mon, 25 Sep 2023 22:01:38 GMT
cf-bgj
h2pri
server
cloudflare
etag
"65120342-8d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyc9AjTJcUL9i4Azze5kmDuv6M2vus%2BIFHnUKpYWp207fmpYnZh4O8eA8riVeHWiX%2FwoaVYUtm5px8AFd%2BB2OZ0FuAli14qPZzaxsF0LlXvbGwzp%2B6sagOid5Vznwujnlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce007b4c9137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
john-schnobrich-FlPc9_VocJ4-unsplash-80x80.jpg
techbullion.com/wp-content/uploads/2023/09/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/john-schnobrich-FlPc9_VocJ4-unsplash-80x80.jpg
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f5a73ea1fc268944012af813fbf4c65a9a6aa0f06de1e08367d73f4f1e5e2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,957b8a8865f57bf04b25bef464c7ffe41219f8de355b4c437b2d6266e965ec70
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70596
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5313
last-modified
Wed, 27 Sep 2023 02:25:27 GMT
cf-bgj
h2pri
server
cloudflare
etag
"65139297-14c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4KxH1hyQZLtniFgZ7G50KCIca1SKHyCXB8Zb%2Fdm1KzsDUexq4sEojVpRMrw4nQKMdbp40ldA%2FxAWQPXuLlewa%2Ft1OXfA946Iot%2F4i3%2Fm%2B6dJyXLzZBQr8t%2BJ5%2BBNQQUNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce007b4e9137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
D-Style-5-768x576-1-80x80.jpg
techbullion.com/wp-content/uploads/2023/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/D-Style-5-768x576-1-80x80.jpg
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6ef36627b1c7ea1478b870bc3a9f517a7972fea9f4a7c8783b01c4edfd6d2b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,3d944dc4238b0714bf457a86bcf56efc77ea6b4ae8632573e19b0541c04ee78e
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70596
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2789
last-modified
Tue, 26 Sep 2023 16:51:52 GMT
cf-bgj
h2pri
server
cloudflare
etag
"65130c28-ae5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hf4iroA7q0h6tp%2BIyrsMjimdw0CM0Ra2%2BtP0JzjiediRPHVKuM%2FuS52Xqr%2Br5%2BfaWDSu7niO6JK%2FgTShEHtksLOmbPkIIDC3csWylB6zyYpuhr33gBuwxtItRylPDCmCTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce007b4f9137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Neil-Kilgallon-Managing-Director-ID-Studio-Web-Agency-80x80.png
techbullion.com/wp-content/uploads/2023/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/Neil-Kilgallon-Managing-Director-ID-Studio-Web-Agency-80x80.png
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eadd87a517274d979534b492b1e8966d7a8f84c1b4609f4290983850c5b569f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,4932718dfefbc9c9a7d223cf879af11d62dd5f2d21af553d6e17ea2cee82ebea
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70596
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3779
last-modified
Mon, 25 Sep 2023 08:42:24 GMT
server
cloudflare
etag
"651147f0-ec3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Lao4rNtWLU4mDBAhDAJRr09vtjD6bUVF4kON2C2wWhCi8%2FnFB52TIz92sA%2Blw3LrdET5gRvEcwiDaA84a%2BsYstjSi%2BPeUXHVx2WIRrslD0C9%2BM%2FptaMjKokalwvvzIQhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce007b509137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
sdk.js
connect.facebook.net/en_US/ 		298 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=562a9ff4d3dd9087974975f1ff167187
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
891a83477c74c132663fc1f9920e3f00e9c598eef36eb1b2c8a346c0410e4da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://techbullion.com/
Origin
https://techbullion.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 29 Sep 2023 11:14:49 GMT
content-md5
nFSX9ZnipMjoznJNc3KByg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86647
x-fb-debug
FGM9cbiDTGW6pvd0jWRoFNt11tHV7m2vOnwZu//xp7GNADc+2qILuEvbvlCt2fbICZL6SJWan7uk8uFi9Fg6NQ==
x-fb-content-md5
39ec6cf7b94729169fbcd4bff34fe069
cross-origin-opener-policy
same-origin-allow-popups
etag
"0413419900b43693c71f532b1317460f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 28 Sep 2024 10:57:13 GMT
impl.20230928-12-RELEASE.js
cdn.taboola.com/libtrc/ 		811 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230928-12-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/techbullion/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6026aabd17061aa51f6cb452cfc226fac56614d17fd12557a1fa4d339a79ea80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
of.G8PLQnS_rtePH9.dhbRqJ1VS_XABg
content-encoding
br
via
1.1 varnish
date
Fri, 29 Sep 2023 11:14:49 GMT
x-amz-request-id
4DF6FPR51DKS86H5
age
26699
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171923
x-amz-id-2
BD52r/2YE0TnCbo6bkThTUc2UPk2Iwoo8CQQEdeOyS997yN1A9Z8girUP5u0j4ijlNHaLnygQeo=
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Thu, 28 Sep 2023 11:49:34 GMT
server
AmazonS3-br
x-timer
S1695986089.108736,VS0,VE0
etag
"e16f89ad8f03978fe74a2e8685f150bb"
vary
Accept-Encoding
content-type
application/javascript
abp
43
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
85876
cookie
d.pub.network/
Redirect Chain
  • https://c.pub.network/cookie
  • https://d.pub.network/cookie
36 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/cookie
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
75c62e82f74bd25345dc7a5f8e4d286a64916d81ef047b956a18b554146a8606

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
null
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36

Redirect headers

date
Fri, 29 Sep 2023 11:14:49 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
https://techbullion.com
location
https://d.pub.network/cookie
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gpt.js
www.googletagservices.com/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8de32782bfd8b1ad61b16c850632125163ef02de00c3f4e4a3d344999135f9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29391
x-xss-protection
0
server
cafe
etag
339 / 19629 / 31078264 / config-hash: 6693637385863441016
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:49 GMT
prebid-analytics-1.32.n.js
a.pub.network/core/ 		308 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-1.32.n.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36112871d4951f2a2e84b8ba14b77e5c536b592817cb8524fcaedb90f3a185a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
46493
x-guploader-uploadid
ADPycduXMPf-b3DKtq22pZTD9zgTuEN18szTI-vRI0y1VPelQS84dY-lBkO9zWvJxgRSZXBjnmiQc8dR0be3X_3J1o2mf8RtM0w1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Mon, 26 Nov 2018 16:33:15 GMT
server
cloudflare
etag
W/"f1aaff07653f49b6b2aa23b6ea6720cf"
vary
Accept-Encoding
x-goog-generation
1543249995500335
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=T5cm0g==, md5=8ar/B2U/SbayqiO26mcgzw==
access-control-expose-headers
*
cache-control
public, max-age=31487640
x-goog-stored-content-length
315497
cf-ray
80e3ce017add2c21-FRA
expires
Fri, 27 Sep 2024 21:48:49 GMT
location
d.pub.network/
Redirect Chain
  • https://c.pub.network/location
  • https://d.pub.network/location
66 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/location
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
422e89f0aebf779b16727ccf9b174ac2f834c850f23d117802622ad16cac2e0f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Fri, 29 Sep 2023 11:14:49 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
https://techbullion.com
location
https://d.pub.network/location
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
wp-emoji-release.min.js
techbullion.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://techbullion.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,459504eea1a359b648edf2406476a24cf33c0059a95843690b1fb815196c689e
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70596
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Mar 2023 08:03:39 GMT
server
cloudflare
etag
W/"6425425b-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmKM8y1ZhjVIUL4gaMfdh0HNLolP95LIz0KexM6FBsFIiPI%2BN4C50mSHYuEN7XarcdV26LQDMzuijUg7hzjC%2FF%2FhvTYpQsUgWvtuVDTCDJSP1gzyypa4akoxYd0VMOIg1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
80e3ce017cbc9137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ffda7ec650729679454404b90679c0ec7fffc3f3cb0f7d0db349e0e49830918
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29363
x-xss-protection
0
server
cafe
etag
829 / 19629 / m202309210101 / config-hash: 6693637385863441016
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:49 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79bc00b1ba3e228fe806d7ddfc0bd9a9b9eb904701a35d6dc435932c0b17c1e3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:46:36 GMT
content-encoding
gzip
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 4792ba662c3860029a9df33f3dc5f36c.cloudfront.net (CloudFront)
last-modified
Thu, 21 Sep 2023 19:18:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS58-P4
age
1694
x-amz-server-side-encryption
AES256
etag
W/"1e9fb8c04a3987274adf2a65103a9f65"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
v4EFtAAkdaWU7gYL9gygBr8VOZFz09cPzsLB7F6tLFHisWGtNIHG9Q==
js
www.googletagmanager.com/gtag/ 		239 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R48ZLMXHJS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77396124-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f29a813007b6b2d62203613920d714f29ede6cd0a4e9154525e33fe79d6de24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84532
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Sep 2023 11:14:49 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77396124-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 29 Sep 2023 09:47:06 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5263
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 29 Sep 2023 11:47:06 GMT
js
www.googletagmanager.com/gtag/ 		239 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-K5LQDCX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77396124-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86460bd9c65b4943cf599a0902eb884fd2e0e292124748a45456978c82eb8c98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84404
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Sep 2023 11:14:49 GMT
/
disqus.com/embed/comments/ Frame BF1F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
Requested by
Host: techbullion.disqus.com
URL: https://techbullion.disqus.com/embed.js?ver=6.3.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f09fffccbd5d13734ddd63f6a1acdbd83e47c3a45be7fe077fd2b1228a4c308
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2762
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 29 Sep 2023 11:14:49 GMT
ETag
W/"lounge:view:8400638688.0eeed944c2df0b8402933c9b0b130595.2"
Last-Modified
Thu, 08 Jun 2023 17:17:41 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4909624562623679&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2b79f758ec0b990a6aa1c91605729c138d22b97916a6a399ceaa3174d19cef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131818
x-xss-protection
0
server
cafe
etag
2821615568603714263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame 9C89 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4909624562623679&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 10:44:07 GMT
etag
2603938475786422795
expires
Fri, 13 Oct 2023 10:44:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 38F5 		52 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&co=aHR0cHM6Ly90ZWNoYnVsbGlvbi5jb206NDQz&hl=de-CH&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=ku7ljq964tm7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0b86e7d7d1a3629326cd88f3ba1029cb66412d51c60c3a625d154b113f62cb96
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YtjESCYF3jmik-UzziCG8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YtjESCYF3jmik-UzziCG8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230928-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
249196
expires
60
styles__ltr.css
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ Frame 38F5 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&co=aHR0cHM6Ly90ZWNoYnVsbGlvbi5jb206NDQz&hl=de-CH&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=ku7ljq964tm7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 23:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 04:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Sep 2024 23:40:18 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ Frame 38F5 		461 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&co=aHR0cHM6Ly90ZWNoYnVsbGlvbi5jb206NDQz&hl=de-CH&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=ku7ljq964tm7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3a82bbda9976a0f7fd499cd71b41b78b86fb3c50e11ef3a5dc159033a3111bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 01:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188777
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 04:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Sep 2024 01:43:52 GMT
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=884511560&t=pageview&_s=1&dl=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ul=en-us&de=UTF-8&dt=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%20-%20TechBullion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1678831864&gjid=1748277104&cid=910471404.1695986089&tid=UA-77396124-1&_gid=653462098.1695986089&_r=1&gtm=457e39r0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1437508342
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-R48ZLMXHJS&gtm=45Pe39r0&_p=884511560&_gaz=1&cid=910471404.1695986089&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1695986089&sct=1&seg=0&dl=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&dt=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%20-%20TechBullion&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-K5LQDCX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R48ZLMXHJS&cid=910471404.1695986089&gtm=45Pe39r0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-K5LQDCX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R48ZLMXHJS&cid=910471404.1695986089&gtm=45Pe39r0&aip=1&z=840338398
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 		410 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
18665
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132541
x-xss-protection
0
server
cafe
etag
15229329507080665565
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:03:44 GMT
747b8b51-ec47-4dee-9823-b2b73124b71f
config.aps.amazon-adsystem.com/configs/ 		537 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/747b8b51-ec47-4dee-9823-b2b73124b71f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
74360287cb87eb4145a630d23ee115b394f23cf0dc923b0e06388f6b2b5dab29

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:19:01 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
3348
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
YXP64TzcINXVJmUyCdZuG0SBdnPf4AfBgQy5h0uxBPqszX75rvBTuA==
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftechbullion.com&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
Server /
Resource Hash
7cbf21b170320c61a57de956dd34f3c5954d84438503be2d6320f3e5da29dbbe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 07:14:19 GMT
via
1.1 4792ba662c3860029a9df33f3dc5f36c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P4
age
14430
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2813
x-amz-cf-id
fmAS0AErGKh9zxT9f7Utj8maMupSkJpa8YBzlUDDiGtkuW3JkoxrhA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 eb78cbb81a4ab555c78ae1168deff6e2.cloudfront.net (CloudFront)
date
Thu, 28 Sep 2023 13:09:47 GMT
x-amz-cf-pop
AMS58-P4
age
79503
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
TvZkCLVuVcxKy2h60Ws8nKsJ0x6Db82lzi-vjhMqK009UuAdPd6klg==
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-77396124-1&cid=910471404.1695986089&jid=1678831864&gjid=1748277104&_gid=653462098.1695986089&_u=YGBACUAABAAAACAAI~&z=1614255063
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 29 Sep 2023 11:14:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
lounge.load.62db764f4f0426e1eaaed71de8896900.js
c.disquscdn.com/next/embed/ Frame BF1F 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.62db764f4f0426e1eaaed71de8896900.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ceaf148b8332b81c551c93aa9124cbdbbbd6192fbb9bfe8dab8501547b35083e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
Origin
https://disqus.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 20 Sep 2023 11:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
777491
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
620
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 20 Sep 2023 10:55:06 GMT
server
nginx
etag
"650acf8a-26c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
Ba93eUNvZIWJiDcw7LLhhABZPd83_AXlmleD93N6Danwx9IxW1b7_A==
expires
Thu, 19 Sep 2024 11:16:38 GMT
cookie.js
partner.googleadservices.com/gampad/ 		397 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=techbullion.com&callback=_gfp_s_&client=ca-pub-4909624562623679
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cff04aa99c9cdeeea14619c64b397d416825fe6cb1408d7cc34288e59ce88406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7F1E 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4909624562623679&output=html&adk=1812271804&adf=3025194257&lmt=1695874768&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695986089288&bpp=10&bdt=501&idt=291&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8080749305913&frm=20&pv=2&ga_vid=910471404.1695986089&ga_sid=1695986090&ga_hid=884511560&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31077327%2C31078201%2C31078320&oid=2&pvsid=2227620224526580&tmod=2100242589&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:49 GMT
expires
Fri, 29 Sep 2023 11:14:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FDF0 		436 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4909624562623679&output=html&h=510&slotname=5710385232&adk=2822807138&adf=2845327126&pi=t.ma~as.5710385232&w=1021&cr_col=4&cr_row=2&fwrn=2&lmt=1695874768&rafmt=9&format=1021x510&url=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&host=ca-host-pub-2644536267352236&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695986089299&bpp=1&bdt=512&idt=340&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8080749305913&frm=20&pv=1&ga_vid=910471404.1695986089&ga_sid=1695986090&ga_hid=884511560&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=132&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31077327%2C31078201%2C31078320&oid=2&pvsid=2227620224526580&tmod=2100242589&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TBzol3A3Sy&p=https%3A//techbullion.com&dtd=345
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7258586fbbb29903dd92a49fb3f2e6c9c284fd492fc004ab7f6fd562c4fdeb0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Fri, 29 Sep 2023 11:14:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 29 Sep 2023 11:29:49 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 04:31:23 GMT
content-encoding
gzip
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
24207
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
SYlzJMvblRHHxMCIsGd-XWdvjFWOUoERsrdsnz9QFpyNSVkSncYS5g==
config.js
cdn.confiant-integrations.net/muZ2q5dBlAewr_LEhDFV2R0Q-bU/gpt_and_prebid/ 		127 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/muZ2q5dBlAewr_LEhDFV2R0Q-bU/gpt_and_prebid/config.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c6d453f6e6ebc355e7f067b02166b8135381bbc49300f5a5c375886ebef956

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 07:48:49 GMT
server
cloudflare
x-amz-request-id
9QJ1RFJ0DRQGN8PX
age
163
etag
W/"14f403838fce06912f11a08e951001f8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
80e3ce049a850204-ZRH
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CPrqemRrQ95zGAGc5Uobh8LaMP9bDvefMEiELenOD9EKEALqRz6Yqld6Rn+4g2+1l61F5aXle4PAPHeNjUw2KeV8qBaUhtLT5rfBcVUXouI=
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ref=&_it=amazon&partner_id=617
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
2514
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
80e3ce04cefc1cbb-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		142 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362cb3ee451098e7663093e3dc502c715c2c942c5e026387806197a9a815bc35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 09:24:45 GMT
server
cloudflare
x-amz-request-id
Z5HSE7MGEMA19B68
age
2150
etag
W/"7bfa86f4fd91656713a35814298e67fa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
80e3ce04c9fe1da0-FRA
x-amz-id-2
rjMjyHE7rky2Fid+FBXT0JYx1IFQ6pU/NMTfThfF1pDB8iQHR+UwckBT2flKBhUdIUWATPk8k3tpCGgMVV4nPA==
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 38F5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 07:44:15 GMT
x-content-type-options
nosniff
age
358234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 02 Oct 2023 07:44:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 38F5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&co=aHR0cHM6Ly90ZWNoYnVsbGlvbi5jb206NDQz&hl=de-CH&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=ku7ljq964tm7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 02:58:03 GMT
x-content-type-options
nosniff
age
548206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 38F5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&co=aHR0cHM6Ly90ZWNoYnVsbGlvbi5jb206NDQz&hl=de-CH&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=ku7ljq964tm7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 05:51:22 GMT
x-content-type-options
nosniff
age
537807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 05:51:22 GMT
v1
dmx.districtm.io/b/ Frame 		0
0
qchb
qcx.quantserve.com/ 		0
0
qchb
qcx.quantserve.com/ 		0
0
qchb
qcx.quantserve.com/ 		0
0
qchb
qcx.quantserve.com/ 		0
0
qchb
qcx.quantserve.com/ 		0
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=false&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.58.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-58-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0ca39afc3ad0989edee2567c8a33f4f15ae4efe0708d08754f8f980b03df888c

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=false&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.58.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-58-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c839abe488fd0f1bad77fdf38dcf96497232184df294a5d17a8581244d3fc8cc

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14285&pi=3&gdprApplies=false&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.58.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-58-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a611b40a0cb9fdb3a5d195884b04df502375dd5ff757e9a718749b9448e2e72e

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=false&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.58.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-58-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
af694f595724a81a7c863ec1fbf157eb7eee4523a10eacd7dfc3bd0341dca39e

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14285&pi=3&gdprApplies=false&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.58.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-58-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
86cb0c1f606f2215e998f367c31ad7af03b9da596088f255234388eeaf9d525e

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14285&pi=3&gdprApplies=false&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.58.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-58-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b5987b0f98b48b628cabea0df7047066efe28d186467c87c416e0aaa9ad678fb

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=false&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.58.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-58-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aaf1a2e3b72b0a364e1884ea8fd1c7b4502acee959ae940e218acfbd7365f941

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=false&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.58.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-58-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8bfbc95bdd083716d0c5cca5b321daed55ec265bb7fba5626f90e25861f116e7

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v1
btlr.sharethrough.com/header-bid/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=23b9fdee0e11c2a&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.173.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-173-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=2426ea30b25e513&placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.173.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-173-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=252872516ecb80a&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.173.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-173-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=2664ffe2d4cf089&placement_key=Y2PwNBba8FyKXESSc72DFF25&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.173.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-173-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=27224854dd8b827&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.173.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-173-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=285ee0cc30aeb2d&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.173.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-173-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=29186b8cc98654c&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.173.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-173-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:49 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=3081d48f8ebfd86&placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.32.n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.173.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-173-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:50 GMT
access-control-allow-credentials
true
vary
Origin
v1
dmx.districtm.io/b/ 		0
0
HeaderBiddingService
ssp.pub.network/ssp-server/ 		0
0
v2
d.pub.network/floors/ 		3 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/floors/v2?key=414desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://techbullion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
freestar
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/freestar?fsuid=c6eea4ab-168c-484e-858c-c0abf10812b9
  • https://px.adhigh.net/p/cm/freestar?fsuid=c6eea4ab-168c-484e-858c-c0abf10812b9&bounced=1
49 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/freestar?fsuid=c6eea4ab-168c-484e-858c-c0abf10812b9&bounced=1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Server
193.232.148.143 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp4.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:50 GMT
server
nginx
x-backend-id
f4-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
server
nginx
x-backend-id
f4-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://px.adhigh.net/p/cm/freestar?fsuid=c6eea4ab-168c-484e-858c-c0abf10812b9&bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
CWYDPK7N.json
srv.buysellads.com/ads/ 		1 KB
722 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CWYDPK7N.json?forcebanner=510828&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.227.38.224 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-17.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
98ad8de99faa1cf51663343960bec6a908041e3a7ab9b39d7f5e57a76f24e88b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:50 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
585
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://techbullion.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a8be64f62b179a7688220a48ae541aeff0ac8084e73ef488207e8226f0e52b14

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://techbullion.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Sep 2023 11:14:49 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		516 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=482056&zone_id=2859582&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,17133,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&tg_i.domain=techbullion.com&tg_i.page=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&tg_i.pbadslot=%2F22960212090%2C22070893282%2FTechbullion_S2S_FixedFooter_ROS%23bsa-zone_1682501841548-9_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=6c1a5969-b8ca-493b-94a8-ff73f79666d1&l_pb_bid_id=30fa807f3fe5d37&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6c1a5969-b8ca-493b-94a8-ff73f79666d1&rp_maxbids=1&p_gpid=%2F22960212090%2C22070893282%2FTechbullion_S2S_FixedFooter_ROS%23bsa-zone_1682501841548-9_123456&slots=1&rand=0.6130614239967567
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
52d9662e9ffee344f6de6bcf32df38166e79eca053e611287a8610849210529f

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
516
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		522 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=482056&zone_id=2859582&size_id=2&alt_size_ids=1%2C55%2C57&rp_schain=1.0,1!buysellads.com,17133,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&tg_i.domain=techbullion.com&tg_i.page=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&tg_i.pbadslot=%2F22960212090%2C22070893282%2FTechbullion_S2S_TopLeaderboard_ROS%23bsa-zone_1695648277374-6_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=7e26931e-b110-44e8-b799-9bea9db97063&l_pb_bid_id=311335f6152e591&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7e26931e-b110-44e8-b799-9bea9db97063&rp_maxbids=1&p_gpid=%2F22960212090%2C22070893282%2FTechbullion_S2S_TopLeaderboard_ROS%23bsa-zone_1695648277374-6_123456&slots=1&rand=0.1622644872411929
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1ac66e8990482bb31fc1367de1e52a00b66397bcc21167937bae877f2e22fc97

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
522
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		525 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=482056&zone_id=2859582&size_id=2&alt_size_ids=1%2C55%2C57&rp_schain=1.0,1!buysellads.com,17133,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&tg_i.domain=techbullion.com&tg_i.page=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&tg_i.pbadslot=%2F22960212090%2C22070893282%2FTechbullion_S2S_BottomLeaderboard_ROS%23bsa-zone_1695648394347-0_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=39fb26e8-03fe-4bcb-b803-90256477552c&l_pb_bid_id=3274d6fb3ac60d9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=39fb26e8-03fe-4bcb-b803-90256477552c&rp_maxbids=1&p_gpid=%2F22960212090%2C22070893282%2FTechbullion_S2S_BottomLeaderboard_ROS%23bsa-zone_1695648394347-0_123456&slots=1&rand=0.5389619155367844
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a54c886bb5efc68c64107d63f8d9448414a6317f625b92252933f0e5b0fb8004

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
525
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		496 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=482056&zone_id=2859582&size_id=15&alt_size_ids=16&rp_schain=1.0,1!buysellads.com,17133,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&tg_i.domain=techbullion.com&tg_i.page=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&tg_i.pbadslot=%2F22960212090%2C22070893282%2FTechbullion_S2S_Uppersidebar_ROS%23bsa-zone_1695648447858-3_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=c0c7dd44-5daa-4b5e-ba51-8cda944291a4&l_pb_bid_id=33ffcbbb30510be&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c0c7dd44-5daa-4b5e-ba51-8cda944291a4&rp_maxbids=1&p_gpid=%2F22960212090%2C22070893282%2FTechbullion_S2S_Uppersidebar_ROS%23bsa-zone_1695648447858-3_123456&slots=1&rand=0.800855210734503
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e5e2f961f2a0af7d2ea8fa06b2db32c119f86b236d89ad3e4910c4894d1b9783

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
496
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		520 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=482056&zone_id=2859582&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,17133,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&tg_i.domain=techbullion.com&tg_i.page=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&tg_i.pbadslot=%2F22960212090%2C22070893282%2FTechbullion_S2S_Lowersidebar_ROS%23bsa-zone_1695648499296-7_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=e39b80de-ae20-4267-b63d-453c424e4c13&l_pb_bid_id=34079bdf190db54&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e39b80de-ae20-4267-b63d-453c424e4c13&rp_maxbids=1&p_gpid=%2F22960212090%2C22070893282%2FTechbullion_S2S_Lowersidebar_ROS%23bsa-zone_1695648499296-7_123456&slots=1&rand=0.7431521391311342
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
82b4d48df13e2eb43b350e6dc8d28911830a26f76a0beeab1f5a4e36ab449d09

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
520
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d61cc26f4706b0fbbe06f96944796ffd339d3e9d5cf31776dcfb6c2111983a72

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://techbullion.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
bb5a014d956d959c357f798c152473bc1468b45f9a9d07fef88f0de73956df99

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://techbullion.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		961 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
40ab97f2e45e85d3039abec4772f2976485ef3990ae72efb6ef6fdea3d2ee140

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://techbullion.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e7d609c4c97aef22e56b7071bcb067671629fa1d5f8906182c26feceea13bb58

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://techbullion.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
fdfef2dbe5671f5902cf580a72847b80e37eda9a38c7a92e0b961b4f07581943

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://techbullion.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
050aca70a65e2937f59c87af8c04cbaff655e65b494bd7eb917503ef669e3af2

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://techbullion.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=12430529897&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:49 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&PageUrl=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&PageReferrer=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&CanonicalUrl=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
58fc6bdc8cb09a527be7f71f458b44ad0854267dd4e684d22eecc6384a2a3222
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
137
content-length
632
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:49 GMT
an-x-request-uuid
ab3a9ee6-97a9-4b3f-9941-33523c787f18
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://techbullion.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.130; 195.206.105.130; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		174 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&pid=JQD0pAWW3dERH&cb=0&ws=1600x1200&v=23.919.1525&t=2500&slots=%5B%7B%22sd%22%3A%22bsa-zone_1682501841548-9_123456%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F22960212090%2C22070893282%2FTechbullion_S2S_FixedFooter_ROS%22%7D%2C%7B%22sd%22%3A%22gpt_unit_%2F22960212090%2C22070893282%2FTechbullion_S2S_TopAnchor_ROS_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22960212090%2C22070893282%2FTechbullion_S2S_TopAnchor_ROS%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1695648277374-6_123456%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F22960212090%2C22070893282%2FTechbullion_S2S_TopLeaderboard_ROS%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1695648394347-0_123456%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F22960212090%2C22070893282%2FTechbullion_S2S_BottomLeaderboard_ROS%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1695648447858-3_123456%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22960212090%2C22070893282%2FTechbullion_S2S_Uppersidebar_ROS%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1695648499296-7_123456%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x600%22%2C%22120x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F22960212090%2C22070893282%2FTechbullion_S2S_Lowersidebar_ROS%22%7D%5D&schain=1.0%2C1!buysellads.com%2C17133%2C1%2C%2C%2C!google.com%2Cpub-9961814823930967%2C1%2C%2C%2C&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
914fdf835aff2989f08ff17bcfb4a97c167d7610d328a481bc44d38ead03dc3d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
N2MT66M80Y9TNQZ80J1B
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://techbullion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
174
x-amz-cf-id
TVESXYa7kAbGCDBN955GuCG0_ewLYs-0wtcSSOsFG3shEuY0Q5p3pw==
webworker.js
www.google.com/recaptcha/api2/ Frame 38F5 		105 B
138 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de-CH&v=pxZcVU8Dk73FyvFvdCgp2MSG
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&co=aHR0cHM6Ly90ZWNoYnVsbGlvbi5jb206NDQz&hl=de-CH&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=ku7ljq964tm7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5974d1517b24564f68b51dd609ec1dc9aefdfaa9cb3a535d8a44645390d0f240
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&co=aHR0cHM6Ly90ZWNoYnVsbGlvbi5jb206NDQz&hl=de-CH&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=ku7ljq964tm7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 29 Sep 2023 11:14:49 GMT
0619KV_Final_PC-80x80.jpg
techbullion.com/wp-content/uploads/2023/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/0619KV_Final_PC-80x80.jpg
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8b4a657472c9c097bbb8e8f249f2a756907f1ee81af076765b37cecb9c8352
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,88f2fda4095d5d7129382503dd14e39f8c3115780b6df8d36a57802ac2520a5b
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70593
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2203
last-modified
Fri, 22 Sep 2023 16:48:58 GMT
cf-bgj
h2pri
server
cloudflare
etag
"650dc57a-89b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4%2BVf118wFGMPCuANfSsm29nffv4xXVil%2B2HLmDX87BsVaSkQUVfVf9PQmUzgoX87UqU3d%2F0bM8OAdREUscQFUq%2Fo22qzlGU1CYL2aGMzDxfb7TVFnQ4dHuxkUNjnhrxNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce05da729137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
1-50-80x80.jpg
techbullion.com/wp-content/uploads/2023/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/1-50-80x80.jpg
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4170ee7e0b7536427ca9854b54544308d9605b0e5c1c2dcdc97c75c8c847364b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,648217ea19b4dbcac50a315d57ba346180cbbdbe486e18b97e7d17ef0a56389f
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70593
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1936
last-modified
Tue, 26 Sep 2023 09:23:53 GMT
cf-bgj
h2pri
server
cloudflare
etag
"6512a329-790"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFQ8oauQkyu6bn8ou%2BEr8EnTchZ%2FpvnBftsqui4RtAUKLUY0RV%2ByXKX56pm4lzeUhZRYpOolQyItSVz6X5NeVSr2BI1ZgwCuEf%2B2NYBDchkE7DzY1w%2FS3TmucoqtSIA9CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce05da759137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Kinetix-DeF-80x80.png
techbullion.com/wp-content/uploads/2023/09/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/Kinetix-DeF-80x80.png
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4078f90bce2f39e044f6637e5ae0e50ec00d09a0bc78ce62aac25791ed9c1023
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,7d3d7a3993e44eff8083600e474fead224d280c2ae864e2b3d290d1166b56475
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
70524
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1422
last-modified
Mon, 25 Sep 2023 21:01:49 GMT
server
cloudflare
etag
"6511f53d-58e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKlzXGDoX9A20HkSTlpYQbFgLQWEAvgKquUx8BVOG7s%2FmgIZX5xRs7zzNScV634762uttEspLFRYi%2FdiNSJRzL0sFDjkgDLA2nFX4YKkXX7CXFrLBLOuQsAqECvgKLhc4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce05da769137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
customer-marketing-sales-dashboard-graphics-concept-80x80.jpg
techbullion.com/wp-content/uploads/2023/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techbullion.com/wp-content/uploads/2023/09/customer-marketing-sales-dashboard-graphics-concept-80x80.jpg
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af03da3d2ccb4f9f8a6f3045386bd65da002ebf0acc2b86daf395b27c7ebe38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
ki-cache-tag
c96a7ab6-8ee9-4abc-87ed-18280cf6092e,322c6d59f26016f79c4f18b3165f35bacd1c9a5184f6925ec5c6c46781c91ffa
cf-cache-status
HIT
ki-edge
v=20.2.1;mv=2.2.4
x-content-type-options
nosniff
age
51102
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2874
last-modified
Mon, 25 Sep 2023 09:51:50 GMT
cf-bgj
h2pri
server
cloudflare
etag
"65115836-b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdwFTjWkVXMlBdApabE5Vg27vuDoStl5kVpx%2BYBKxCZhO%2FrQC0XHFdeJPgsN6aDEeiYwUneLHVvPqwvj%2FbkfP%2BmKDZes%2FXnbWn9bUJ7zm2EHChcm0KEYgpg1awc0UHKUDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
80e3ce05da779137-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
common.bundle.f2a270bb37834887ad900431f6cb27eb.js
c.disquscdn.com/next/embed/ Frame BF1F 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.f2a270bb37834887ad900431f6cb27eb.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.62db764f4f0426e1eaaed71de8896900.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
17dfdeb0ea6a4edf44cba4f38a953e89af8094d116796ef91157a2a86a459a1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 21 Aug 2023 16:20:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3351249
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94118
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 21 Aug 2023 16:02:52 GMT
server
nginx
etag
"64e38aac-16fa6"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
w8yUOP7uMli4XjyuL_RUMnuqVW9a0ubkhcyhe8tkrpEjNsCx7OPliA==
expires
Tue, 20 Aug 2024 16:20:40 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202309261100/ 		267 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202309261100/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/muZ2q5dBlAewr_LEhDFV2R0Q-bU/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356b587371621f9b029bec5b020533020877170a18b2843aef33fb29f89c8638

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 15:03:35 GMT
server
cloudflare
x-amz-request-id
PBNNMZDR5QG2KD43
age
238138
etag
W/"f6bc3952c3f639b40176607e20bfe270"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
80e3ce063cc20204-ZRH
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WseRiVuGOzVrX43gOS950pacuxjW1nO53TgMHrXjGyBVIzfWmoz668jdW5v/6r+H3Tlpjsouxok=
hadron.json
id.hadron.ad.gt/v1/ 		100 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=617&sync=0&domain=techbullion.com&url=https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&ref=&_it=amazon&partner_id=617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89f4aac083fe2a30f16958e9d4562bfa79a60d6633ad409855dc3a202c15adcf

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Sep 2023 11:14:50 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
80e3ce078c6b6931-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=617&sync=0&domain=techbullion.com&url=https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://techbullion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
80e3ce06bb8a6931-FRA
content-length
0
content-type
application/json
date
Fri, 29 Sep 2023 11:14:50 GMT
debug
OPTIONS block
expires
Sat, 28 Sep 2024 11:14:50 GMT
server
cloudflare
map
bcp.crwdcntrl.net/6/ 		235 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.30.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1039df1fe932e5dd1ed646406774ecf7c6c1150cc15869f796869ce1d3070f5e

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:50 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://techbullion.com
cache-control
no-cache
x-server
10.45.2.150
access-control-allow-credentials
true
content-length
235
expires
0
iu3
aax-eu.amazon-adsystem.com/s/ Frame D336
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&dcc=t
344 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&dcc=t
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d2efbdfe0c58a80934f5109a119162e731a8aa61f022f548571076478cc4d23b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
344
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 29 Sep 2023 11:14:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9YCGXGZH90FSSCV6JZVH

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 29 Sep 2023 11:14:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BFYTXD27EQMVJVZH0SKB
lounge.dbc47866f009f9d6f1556cd58214d9a3.css
c.disquscdn.com/next/embed/styles/ Frame BF1F 		233 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f2a270bb37834887ad900431f6cb27eb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 30 May 2023 18:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
10513290
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
33282
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 30 May 2023 18:28:53 GMT
server
nginx
etag
"64764065-8202"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
ObPQM-Nwdl1KB1qZbpND-FEmn-rQ3GE2fY4GBj92KO0tA8FDe_p6wQ==
expires
Wed, 29 May 2024 18:53:20 GMT
617
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/617?_it=amazon
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f2bc3fa0b469f17402f1b00cc98d398c33e48ed6f5c2b8401f3ab1650805aab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 11:12:15 GMT
server
cloudflare
age
155
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
80e3ce08fea1190b-FRA
lounge.bundle.9afa89eebe6bbc95928fca003dbc8884.js
c.disquscdn.com/next/embed/ Frame BF1F 		513 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.9afa89eebe6bbc95928fca003dbc8884.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f2a270bb37834887ad900431f6cb27eb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d91e9d886683d0b738455179f4e0fc544a1fc5f94982073e4c7ad9a2a5497c74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 20 Sep 2023 11:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
777491
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
130976
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 20 Sep 2023 10:55:06 GMT
server
nginx
etag
"650acf8a-1ffa0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
ulh0VlD4lzlLS2dXqy35ExAJS42WWSKsEHje9EhHI3IPgjA_abEKuw==
expires
Thu, 19 Sep 2024 11:16:39 GMT
config.js
disqus.com/next/ Frame BF1F 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f2a270bb37834887ad900431f6cb27eb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b84b2674999e681b8a7670954141d72790595c47a305397c5b2d7dfd8681b6f3
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 11:14:50 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
41
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
18882
X-XSS-Protection
1; mode=block
reload
www.google.com/recaptcha/api2/ Frame 38F5 		33 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__de_ch.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5ae46894fe4121c3171e3c06f4bd0f12890aab86bd01de4b5398de3594b8abd8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0-0gkAAAAABV0s8b1QHz03eamY8EKrdT2n1Mf&co=aHR0cHM6Ly90ZWNoYnVsbGlvbi5jb206NDQz&hl=de-CH&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=ku7ljq964tm7
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Fri, 29 Sep 2023 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 29 Sep 2023 11:14:50 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		255 KB
39 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2227620224526580&correlator=342494343109092&eid=31076480%2C31078264%2C31077231&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=22960212090%3A22070893282%2CTechbullion_S2S_FixedFooter_ROS%2CTechbullion_S2S_TopAnchor_ROS%2CTechbullion_S2S_TopLeaderboard_ROS%2CTechbullion_S2S_BottomLeaderboard_ROS%2CTechbullion_S2S_Uppersidebar_ROS%2CTechbullion_S2S_Lowersidebar_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C1x1%2C728x90%7C970x90%7C980x90%7C990x90%7C970x250%7C1200x280%7C468x60%2C320x50%7C728x90%7C970x90%7C980x90%7C990x90%7C970x250%7C1200x280%7C468x60%2C300x250%7C336x280%2C300x250%7C336x280%7C300x600%7C120x600%7C160x600%7C240x600&fluid=0%2C0%2C0%2Cheight%2C0%2C0&ifi=3&didk=3040013836~2853708384~3418936807~1675263865~2398583599~2028296888&sfv=1-0-40&ists=16&fas=0%2C2%2C0%2C0%2C0%2C0&eri=1&sc=1&cookie=ID%3De5f1bdc766d2a017-2276bf5f69e4001f%3AT%3D1695986089%3ART%3D1695986089%3AS%3DALNI_MZ_Bhqeug1SZhgq1qM0cdvsNBsEKA&gpic=UID%3D00000c88300aee6b%3AT%3D1695986089%3ART%3D1695986089%3AS%3DALNI_MahxcgfbaYgdPXGBJ7pJ3KlNPqrAA&abxe=1&dt=1695986090410&lmt=1695874768&adxs=-12245933%2C-9%2C436%2C436%2C1200%2C1200&adys=-12245933%2C-9%2C65%2C4021%2C140%2C3406&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C1%7C0%7C2&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&vis=1&psz=1600x-1%7C0x-1%7C1400x60%7C1400x60%7C300x250%7C300x600&msz=0x-1%7C0x-1%7C1400x60%7C1400x60%7C300x250%7C300x600&fws=644%2C2%2C4%2C4%2C4%2C4&ohw=1600%2C0%2C1600%2C1600%2C300%2C300&ga_vid=910471404.1695986089&ga_sid=1695986090&ga_hid=884511560&ga_fc=true&dlt=1695986088788&idt=918&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1682501841548-9_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Coptimize_ad_unit_id%3Dbsa-zone_1695648208239-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Coptimize_ad_unit_id%3Dbsa-zone_1695648277374-6_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Coptimize_ad_unit_id%3Dbsa-zone_1695648394347-0_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Coptimize_ad_unit_id%3Dbsa-zone_1695648447858-3_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Coptimize_ad_unit_id%3Dbsa-zone_1695648499296-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&cust_params=user-agent%3DChrome%26optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dtechbullion%26optimize_xp%3Da&adks=3042646370%2C421706272%2C323906682%2C2646576759%2C3506699808%2C4215429855&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00cabfcae1880cb0a8be0f5cc35713b4e2f9948c9b8222b5748d166e346ba54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39985
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB35 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl_page_level_ads.js?cb=31078264
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab8007c277130826b8a87e5b30bd689ee55a199d430c36e2032c9611a538dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:36:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
2289
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13202
x-xss-protection
0
server
cafe
etag
9134410016569746439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 28 Sep 2024 10:36:41 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 3A4B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ee64b48a4adc34c93f7e98197baa722c303f42fd8344a8c50c59b6727d35c546
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2110
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 29 Sep 2023 11:14:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5N1AF6Y5Y55E0NV39759
details
disqus.com/api/3.0/forums/ Frame BF1F 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=techbullion&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f2a270bb37834887ad900431f6cb27eb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e21fa32c09e488c701473729a0139e0e3cfc7e116ed5f84ae9897443e9d0fc8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 11:14:50 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3010
X-XSS-Protection
1; mode=block
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3A4B
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=042eff3b-ce98-4c93-bf03-c8866ecaa6c4
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=042eff3b-ce98-4c93-bf03-c8866ecaa6c4
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
27HZYRTJZ1Q98B3DMRZ5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=042eff3b-ce98-4c93-bf03-c8866ecaa6c4
date
Fri, 29 Sep 2023 11:14:50 GMT
server
_
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3A4B
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3389876908454630000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3389876908454630000V10
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YAK426R6AFSSEY83TBA2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:50 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3389876908454630000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 29 Sep 2023 11:14:50 GMT
ecm3
s.amazon-adsystem.com/ Frame 3A4B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AABeK07KLWMAABk4xJ4LMA&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AABeK07KLWMAABk4xJ4LMA&ex=beeswax.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4F4PX4XCQA1VHBNZ5VE8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AABeK07KLWMAABk4xJ4LMA&ex=beeswax.com
Date
Fri, 29 Sep 2023 11:14:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3A4B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WFBACJF9PMV21C87G0SG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
88
Content-Type
text/html; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame A3ED 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 29 Sep 2023 11:14:50 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 76D6
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=2
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2174209610784440979&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2174209610784440979&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 11:14:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
D7C7N40GN4ATKRE5904G

Redirect headers

content-length
0
date
Fri, 29 Sep 2023 11:14:50 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2174209610784440979&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame E09F
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4425881647291587&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAIBBK6CK1E6ANbVQvwAAAAAAA&expiration=1696072490&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAIBBK6CK1E6ANbVQvwAAAAAAA&expiration=1696072490&is_secure=true
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 11:14:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
DVVMSQWVH01CJY9BZD7D

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAIBBK6CK1E6ANbVQvwAAAAAAA&expiration=1696072490&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 34D8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=4170372529826451915&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=4170372529826451915&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 11:14:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6HA7WQ2Z03BFFPQQZG6C

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
96a6b966-afea-4cde-9f4a-a9c9eedbdbde
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=4170372529826451915&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.130; 195.206.105.130; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8FE3
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=7f614d4002799a3e49fca79589f1ea18
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=7f614d4002799a3e49fca79589f1ea18
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 11:14:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EQS5MPXR84KF4P66X6VT

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=7f614d4002799a3e49fca79589f1ea18
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
7
css2
fonts.googleapis.com/ Frame BF1F 		11 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Sep 2023 11:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 09:36:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Sep 2023 11:14:50 GMT
truncated
/ Frame BF1F 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 16 Mar 2023 10:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
17022181
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 02 Mar 2023 09:36:57 GMT
server
nginx
etag
"64006e39-67d2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
6NFboViLLvkOnSU3Zv7cgtFUG6TAUm1gsS8JhV03maVK5D_P0x8Eqg==
expires
Fri, 15 Mar 2024 10:51:49 GMT
pixel.gif
cdn.viglink.com/images/ 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=9.056677504336427
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:40 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
12
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-length
43
x-amz-cf-id
rQY_WFyKP-4RjRcj1PY1igyKsIHrLfqcXQYK8RF5mMg7dcwihTI60g==
pixel.gif
cdn.viglink.com/images/ 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=9.056677504336427
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:40 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
12
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-length
43
x-amz-cf-id
fUWSyxuGFwld9J7qFmES_IsTO20H2kzzUAEXLl5sULpX8YsDjdWNHA==
event.gif
referrer.disqus.com/juggler/ Frame BF1F 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=1&embed_hidden=1&load_time=333&event=init_embed&thread=8400638688&forum=techbullion&forum_id=4257683&imp=5h0qrl7ltbs0j&thread_slug=nick_oberheiden_sheds_light_on_what_to_do_after_receiving_a_cybercrime_subpoena&user_type=anon&referrer=https%3A%2F%2Ftechbullion.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=prebidbidisrequired&variant=active&service=dynamic&promoted_enabled=true&max_enabled=true
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=techbullion&t_i=techbullion-20301&t_u=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&t_e=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_d=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&t_t=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 11:14:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame A3ED 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b0cb7d4b3cef95429a64326761eecf513b476adfb30ee40b0ee7712497e4e65a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 11:14:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Sep 2023 17:10:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21339
Connection
keep-alive
Content-Length
10472
Expires
Fri, 29 Sep 2023 17:10:29 GMT
khaos.json
token.rubiconproject.com/ Frame A3ED 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C2E9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AFEC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C80F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A2E8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A3ED
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LN4IBU7G-1O-5579
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LN4IBU7G-1O-5579&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LN4IBU7G-1O-5579&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZKHPJJH3QEB7VKYKGWDM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LN4IBU7G-1O-5579&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3156 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 06 Oct 2023 11:14:51 GMT
bxl.js
hbx.media.net/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=techbullion.com&version=&https=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-160-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c48706dfa0da7088c6e78a314e6dd327fe5389bbc46772cae4c83266d2be2ee5
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Fri, 29 Sep 2023 11:14:51 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=172800
content-length
11062
x-mnet-hl2
E
expires
Sun, 01 Oct 2023 11:14:51 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:16:23 GMT
content-encoding
gzip
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
35930
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
eUQJPBty0tfvoOtfu8jNakVSxZr6qU5j1Dg5CpsITqP6dyzO8PYPGA==
qchb_notify
qcx.quantserve.com/ 		0
0
c6eea4ab-168c-484e-858c-c0abf10812b9
d.pub.network/rfm/cookie/ 		3 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/rfm/cookie/c6eea4ab-168c-484e-858c-c0abf10812b9
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://techbullion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
classification
d.pub.network/ 		3 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/classification?siteId=414&pageUrl=https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://techbullion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
f4bb6c152c06cdb9be9ea4e80e4862f3feea51ba5d7121de4295320d232d44f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
afr.php
ads.eu.criteo.com/delivery/r/ Frame 78B3 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8f5f96085cdb219d9f24011065877695e4383632e785d9731b7fa058c912538c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=L6ZWq2nhQQHg7_W-kLDMxeCRx_V838NavpMFKdi6rYYSps_kqgxg49LDMralL_oXypJiqKH_tqHx6fPV5y3kM4Lay6YXsh_tSNRhqadcO5uAGLL2fqoDAhKJt3M6CKDpXd3tetUTxJ7VDZ2bSD4ilUsMlwQoYj7PflI5VRTPMF8-GjsfGkMNedi1d7wg3TJmcDD7jKOtYugQBTWob0N3LiCMf2icONnGmUVDVVlTBhkpkPS5Dx-dOff-ZnYhhGOl2MrH45F8XQExvDe-"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3442533
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame C2E9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C1E0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame C2E9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame C2E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxvE0jleQc8nV_3sIkcgdxHHLq0VdEdeMaYILj6efuXfIa6Wh2opYvfEdMi5mjHPn8cqM0abG5Qjxq5d9kM8leGW6Glg
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C2E9 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C2E9 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:51 GMT
pixel
protected-by.clarium.io/ Frame C2E9 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bXVaMnE1ZEJsQWV3cl9MRWhERlYyUjBRLWJVLzMyMzI0MjA3NjI6OTcweDkw&v=5&s=v31hbgac13a&id=eyJkZnAiOnsiYWQiOjUzMzc0Nzk4ODYsImMiOm51bGwsImwiOjAsIm8iOjMyMzI0MjA3NjIsIkEiOiIvMjI5NjAyMTIwOTAsMjIwNzA4OTMyODIvVGVjaGJ1bGxpb25fUzJTX0ZpeGVkRm9vdGVyX1JPUyIsInkiOjYwMTg3NCwiY28iOjAsInMiOiJic2Etem9uZV8xNjgyNTAxODQxNTQ4LTlfMTIzNDU2In0sImRzcCI6MjJ9&cb=559881&h=techbullion.com&d=eyJ3aCI6ImJYVmFNbkUxWkVKc1FXVjNjbDlNUldoRVJsWXlVakJSTFdKVkx6TXlNekkwTWpBM05qSTZPVGN3ZURrdyIsIndkIjp7Im8iOjMyMzI0MjA3NjIsInciOiI5NzAiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.213.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame D989 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d9221b4469c6a7024a5720a843feb67f5d32ce16ec0e44818119924fe2d9f985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=xCl6X2nhQQHg7_W-_PYKDMDMqgIhDa3uZioOVXSKBBmHWy9t-9bcY41Rhgt1jCyJ58bBARuxuW52H1r7WIvLaRkKrWeiGaHwL26ztp2jUhR-vER38jJl_VpB2ile2IqLP5w1UgAgvsbexf46_SmB9aw1xdphwklfhBt6uKm8ZAXg9Ifgo59imhjnK70xr34wwUY6sGD68nhgNx5hfoJdQeF4qq_2ygfCkS_zN-1odI1-SEMi92MdFUdnqhbd8HK6Z0MQUQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2741066
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame BABE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 84A8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame BABE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame BABE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXAvcivkiV5-pQurn4MEBacZ4ViI35D69D-ohGao4XlX3hc8rWqhkWzrJmKkvzJLNPsUWeapnNJmRv_sBFR2sKg4mLnQ
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BABE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BABE 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:51 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2B0C 		54 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7d25ee292ba73286f97145a7b654c5d245f8be56eaaab9e658c9d970294eae8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TsRr8mnhQQHg7_W-lAFW5E1LSd0ARfwvKxh1VNtutjbwi4oHOqRnedTr7GZv76eeIyJ2JkFd158XOWqxkK7_8LeuwQArRSqmwlSo_ySJ24QJzU10kSu0Ga-mHB0pCPM38pz6hnBzpPEcFnDPslHP_YwkPEF0ulMe1DfOYkSgT6A0kJe2jcCv_fKMPjBy3n4mnV3BNe_PkS_NOsFhwfWMkADwEfFwJpOkUhMpBXpwiSg46wnYwL9hdzDY-8Hyf_A7Bt9LkA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3124288
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame AFEC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8A7F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame AFEC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame AFEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7U-vRRGCui8kNTQMfdDPPQY4_UcefDDPAl4ruO93V1k6h5rA0EduanSp491ycYnwNoXi0vDGoEmBsE32E26ujmIyWDQ
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AFEC 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AFEC 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:51 GMT
pixel
protected-by.clarium.io/ Frame AFEC 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bXVaMnE1ZEJsQWV3cl9MRWhERlYyUjBRLWJVLzMyMzI0MjA3NjI6OTcweDI1MA==&v=5&s=v31hbgac16g&id=eyJkZnAiOnsiYWQiOjUzMzc0Nzk4ODYsImMiOm51bGwsImwiOjAsIm8iOjMyMzI0MjA3NjIsIkEiOiIvMjI5NjAyMTIwOTAsMjIwNzA4OTMyODIvVGVjaGJ1bGxpb25fUzJTX1RvcExlYWRlcmJvYXJkX1JPUyIsInkiOjYwMTg3NCwiY28iOjAsInMiOiJic2Etem9uZV8xNjk1NjQ4Mjc3Mzc0LTZfMTIzNDU2In0sImRzcCI6MjJ9&cb=773856&h=techbullion.com&d=eyJ3aCI6ImJYVmFNbkUxWkVKc1FXVjNjbDlNUldoRVJsWXlVakJSTFdKVkx6TXlNekkwTWpBM05qSTZPVGN3ZURJMU1BPT0iLCJ3ZCI6eyJvIjozMjMyNDIwNzYyLCJ3IjoiOTcwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.213.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1402 		54 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f429e4aab97e19545d83726b6764c3b73a95438be05747a26be856513b1d157a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=zae1YmnhQQHg7_W-AmWUAUCWE45oya-pQfpHwvhcpLmlHC1_Pm9OghWOZFbEdax77dIymTIxZr30imErUU5nDaAL-ZlooRUnjYzb_M5uzBCbbL6llD4WcNuDQveZb-Tps0aC9iInNATlflZWlSWtsas1E01FFu5SE6bj-rDBW898qiQYx1wbA4kT8yBStXTwjLLSzuynkXXfL75Fs3AS0_2u45YuCD6fnCANJWZPmFNlkN_so-C7O1_jVI0CvlexjItRHQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3732613
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame C80F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 85E4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame C80F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame C80F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStii1Y6F2S4hTPUr-N10t8eJ1h5AEhVOHiQr50gr1mUpQwmbIfcOf6uTP59b0Pka_4WlTn5CepMQiHfZoZ4ZRCOaXnWg
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C80F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C80F 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:51 GMT
pixel
protected-by.clarium.io/ Frame C80F 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bXVaMnE1ZEJsQWV3cl9MRWhERlYyUjBRLWJVLzMyMzI0MjA3NjI6OTcweDI1MA==&v=5&s=v31hbgac189&id=eyJkZnAiOnsiYWQiOjUzMzc0Nzk4ODYsImMiOm51bGwsImwiOjAsIm8iOjMyMzI0MjA3NjIsIkEiOiIvMjI5NjAyMTIwOTAsMjIwNzA4OTMyODIvVGVjaGJ1bGxpb25fUzJTX0JvdHRvbUxlYWRlcmJvYXJkX1JPUyIsInkiOjYwMTg3NCwiY28iOjAsInMiOiJic2Etem9uZV8xNjk1NjQ4Mzk0MzQ3LTBfMTIzNDU2In0sImRzcCI6MjJ9&cb=3484705&h=techbullion.com&d=eyJ3aCI6ImJYVmFNbkUxWkVKc1FXVjNjbDlNUldoRVJsWXlVakJSTFdKVkx6TXlNekkwTWpBM05qSTZPVGN3ZURJMU1BPT0iLCJ3ZCI6eyJvIjozMjMyNDIwNzYyLCJ3IjoiOTcwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.213.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9FAF 		53 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7d20f5c7fdbf2ea9dac76dc517c54e364da2c490df30dd4bb7bdae03a4e20861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=9nPrX2nhQQHg7_W-_ePnh__38yNL0oCFUZ-5q0sWsXZVI9IosheEbF8T3NS5LTpAdFX7knBp8Ka96emph9YKaWjoX6ECGet0gKoS-syB6PoQTiiHZIvcTRWu0-sVKwbO8n8BxKp1njpg_tqF5BUQO1MYeKZzg4OBl6zziZ17yx0PeZEWY6LP3JjN5zKjaRTh8p8J4jzQKPjrAaBDzbe_6ikD8GuDpXcSv2_3MbRbyegVi0OQ3PgWNg4o0CcqD9_FtiZHxbO1x0P04wKF"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2479984
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame A2E8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E29E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame A2E8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame A2E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyrnQTB6NXXj1rNf6SxZc1w0Rw02RoMym-cdktJ6cF_EXwd0lsK1Rm52LmI9ssm0Vaf18WIqJxpWL8GVQdkVbq7VweuQ
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A2E8 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A2E8 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:51 GMT
pixel
protected-by.clarium.io/ Frame A2E8 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bXVaMnE1ZEJsQWV3cl9MRWhERlYyUjBRLWJVLzMyMzI0MjA3NjI6MzM2eDI4MA==&v=5&s=v31hbgac1a9&id=eyJkZnAiOnsiYWQiOjUzMzc0Nzk4ODYsImMiOm51bGwsImwiOjAsIm8iOjMyMzI0MjA3NjIsIkEiOiIvMjI5NjAyMTIwOTAsMjIwNzA4OTMyODIvVGVjaGJ1bGxpb25fUzJTX1VwcGVyc2lkZWJhcl9ST1MiLCJ5Ijo2MDE4NzQsImNvIjowLCJzIjoiYnNhLXpvbmVfMTY5NTY0ODQ0Nzg1OC0zXzEyMzQ1NiJ9LCJkc3AiOjIyfQ%3D%3D&cb=9341035&h=techbullion.com&d=eyJ3aCI6ImJYVmFNbkUxWkVKc1FXVjNjbDlNUldoRVJsWXlVakJSTFdKVkx6TXlNekkwTWpBM05qSTZNek0yZURJNE1BPT0iLCJ3ZCI6eyJvIjozMjMyNDIwNzYyLCJ3IjoiMzM2IiwiaCI6IjI4MCJ9LCJ3ciI6Mn0=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.213.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame A3ED 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A3ED
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RkLnxZ5aRtKkVZZbek2FGQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RkLnxZ5aRtKkVZZbek2FGQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RkLnxZ5aRtKkVZZbek2FGQ
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DGADX04FWMDMA0XP43ZP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=RkLnxZ5aRtKkVZZbek2FGQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame A3ED
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NsrQQ6FgTJS05moZxKjP2A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NsrQQ6FgTJS05moZxKjP2A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NsrQQ6FgTJS05moZxKjP2A
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TS8K42WKHR1VNBY7CHS2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NsrQQ6FgTJS05moZxKjP2A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A3ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE40SUJVN0ctMU8tNTU3OQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOd_s5TRC70u5H7U98D65Yg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE40SUJVN0ctMU8tNTU3OQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE40SUJVN0ctMU8tNTU3OQ==&google_push=
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE40SUJVN0ctMU8tNTU3OQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A3ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/boAKqKMMsV-bOpGQ4xEAAcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JfLV0JBE2oKWXwDJ0UMfpa4tMWpd4aiBdR0gyA--~A
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JfLV0JBE2oKWXwDJ0UMfpa4tMWpd4aiBdR0gyA--~A
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JfLV0JBE2oKWXwDJ0UMfpa4tMWpd4aiBdR0gyA--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame A3ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ0ZTgwYTA1NGY0YzZkNjEzMGMyZDIyNDRiNWIxZWY3ODA3NTcyZA
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ0ZTgwYTA1NGY0YzZkNjEzMGMyZDIyNDRiNWIxZWY3ODA3NTcyZA
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ0ZTgwYTA1NGY0YzZkNjEzMGMyZDIyNDRiNWIxZWY3ODA3NTcyZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A3ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHFLEz8Zj4_iCOEE-B7JhpU&google_cver=1
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHFLEz8Zj4_iCOEE-B7JhpU&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHFLEz8Zj4_iCOEE-B7JhpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame A3ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN4IBU7G-1O-5579
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN4IBU7G-1O-5579
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:50 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5FACD8FDEA244AED97854C59719CB743 Ref B: ZRHEDGE0713 Ref C: 2023-09-29T11:14:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYGfYiIjmmPoYABwZkNgg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN4IBU7G-1O-5579
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A3ED
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABeK07KLWMAABk4xJ4LMA&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABeK07KLWMAABk4xJ4LMA&expires=30
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABeK07KLWMAABk4xJ4LMA&expires=30
Date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
liveCS.php
live.primis.tech/live/ Frame A3ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN4IBU7G-1O-5579
0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN4IBU7G-1O-5579
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-LoopMe_rbd_n-MediaNet_n-Beeswax_smrt_cnv_an-db5_n-adYouLike_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2600:9000:236e:e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
4x3qgscQiSdxdIP02-bvF_v-Lz1zBDiC1pRc0nxYKal9wbrTwsi2xg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN4IBU7G-1O-5579
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame A3ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LN4IBU7G-1O-5579
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN4IBU7G-1O-5579
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN4IBU7G-1O-5579
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN4IBU7G-1O-5579
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
hb.yahoo.net/ Frame A3ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LN4IBU7G-1O-5579&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LN4IBU7G-1O-5579&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1XcWZFQ190RTJ1RWhHLnlqMkNCNmtaZlNLS0k5eWwzTH5B&ovsid=LN4IBU7G-1O-5579&dpid=58160
53 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1XcWZFQ190RTJ1RWhHLnlqMkNCNmtaZlNLS0k5eWwzTH5B&ovsid=LN4IBU7G-1O-5579&dpid=58160
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Server
23.48.23.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 29 Sep 2023 11:14:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Fri, 29 Sep 2023 11:14:52 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1XcWZFQ190RTJ1RWhHLnlqMkNCNmtaZlNLS0k5eWwzTH5B&ovsid=LN4IBU7G-1O-5579&dpid=58160
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
afr.php
ads.eu.criteo.com/delivery/r/ Frame EC7D 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7b9f76f6d8e9a83e258a2b2ae5f565da4d3ce3a27985bcfcfed9a20c47582def
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=MM-4PGnhQQHg7_W-U5627rYFCVLMSzBFGq94E4f1Q828NwnFjvRSscrxHfjSAZUSiBB5IlYOgM_YBRYcFZJ2757__Sam63XougmGHqNcKHunk2avIqiQPNGlw7RWWGqfvgtOFbyRb8dKoAU4qHk5lMOm54xYtPgtZCuMj8B1NiYqfm5O5k3ukdEOdk_wsymVqS4PcClEtu0bjx7S1jiiSabEO5AOyMYbwmaee04ng6lBK9-cDyOSTVRkuKcIXPrsDi_CPA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2473882
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3156 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 50DC 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3156 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame 3156 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVhJczNUOv6TRoNPxO4IAGpreUP559atJrfYzJSgi4XESi5BqP-BtXh7L992v4EFzVFUN1cC6Pqmue00sTqbA_l6UrBQ
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3156 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3156 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:51 GMT
pixel
protected-by.clarium.io/ Frame 3156 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bXVaMnE1ZEJsQWV3cl9MRWhERlYyUjBRLWJVLzMyMzI0MjA3NjI6MzAweDYwMA==&v=5&s=v31hbgac1cl&id=eyJkZnAiOnsiYWQiOjUzMzc0Nzk4ODYsImMiOm51bGwsImwiOjAsIm8iOjMyMzI0MjA3NjIsIkEiOiIvMjI5NjAyMTIwOTAsMjIwNzA4OTMyODIvVGVjaGJ1bGxpb25fUzJTX0xvd2Vyc2lkZWJhcl9ST1MiLCJ5Ijo2MDE4NzQsImNvIjowLCJzIjoiYnNhLXpvbmVfMTY5NTY0ODQ5OTI5Ni03XzEyMzQ1NiJ9LCJkc3AiOjIyfQ%3D%3D&cb=8248201&h=techbullion.com&d=eyJ3aCI6ImJYVmFNbkUxWkVKc1FXVjNjbDlNUldoRVJsWXlVakJSTFdKVkx6TXlNekkwTWpBM05qSTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjozMjMyNDIwNzYyLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.213.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ping
links.services.disqus.com/api/ 		300 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
fb5f5da8ea50ff67cf96a43bb65bc0ee3306637e91766f2461366afb811707dc

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:51 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://techbullion.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
300
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c
c.pub.network/ 		36 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
75c62e82f74bd25345dc7a5f8e4d286a64916d81ef047b956a18b554146a8606

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://techbullion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
privacy_small.svg
static.criteo.net/flash/icon/ Frame D989 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame D989 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D989 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame D989 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:51 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame D989 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=N6s7AmuWM48oJQBk_UEoVyipImrxetsE9xxvNtjAjcc8P4Yjub6pffzzs6GxIrNWwwXdhmLdEX82v5_VOTskxHsnUhRJTRgu7Za_xWjygbnn3xmwB9_xPKEmKfSIaGNAWFBAdyt6joIonZVqc0bwNWeU4fMkJ3x445lrQ57-fFA9gBRzbEWQHeMOs0aezJizinnq2UZqCRv-3uvAxs8_ymY04Qb3x2PC0elVI3DQTvE4shd8oHm5JZWxRgmbKYKMUQLqiibHQUgCvlTexc0RUZHjIzBX--BEAHwLGABJ5kyFcbo3q-6o0hTB6lJNhfPQiHt7XO5bRWNVV6ftoSfhpdbvka7fLTiKDZ73wiDK4YXE1tJuxaJjQEhid_ghXufa17Q5tJhW1sUamkh-zhzn2F8cgKFxvRZSowcqZdGZP0Imepw8puK7bmengLLTf6TVcKnnPw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1566269
expires
Mon, 26 Jul 1997 05:00:00 GMT
e2e899b75a834fbab06a126224102313_image_ad_970x90.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame D989 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/e2e899b75a834fbab06a126224102313_image_ad_970x90.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
84668247ec45d9e497720cf6a3c7a8ae586cdecc4e1f6802540dbce06728c349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f7-cebf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
52927
expires
Mon, 23 Sep 2024 11:14:51 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2B0C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2B0C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2B0C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2B0C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:51 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 2B0C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0GqeEkN-lqGZJlJdy2CTm2J1AdpvfVivUgo9nRPWDs_tFByEbqRrJ4JWMDERK9efhm6wxhrlrNyz2jP85sZ1GQ_MpaEv5tgXoJJ03aaBLzxrJhcQVVnmWtGIn0qdAB0vKQmjA6xXM88toZv2lRqedbdxP78keGG14kQeH0jkNrFj5Cl28p3V72bGbbdy5c2hLVjBBWbicVE85B5Vc5ad7_qtaLzjdyUzxf-dlBf8DoUba7kX8Wcd0mbUY8iTNS7w7DHJblVDo4lcmdfJkZqTCmchQZVVRxe34cDyiJ1dmtfICSDWa5xo4ShnI4aC4qviRuSFp_uYXVfB2CWAC802uoeF2m2_0Vqa_a9YT6lx2DKIraVwKVoLPsa73_hjyT2FrAnAawd4sc-msnV7-iihsStErbRbzs_hwJc0LiD_PDqzSt2c9O5wO94tkiWakO6vNeXbzQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1628656
expires
Mon, 26 Jul 1997 05:00:00 GMT
2a9f70062f4a4ed6901a5ae42c8805a2_image_ad_970x250.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame 2B0C 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/2a9f70062f4a4ed6901a5ae42c8805a2_image_ad_970x250.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0276a27e67bdbc6bb0c57fe00eb45ddf79382623d4218e3f246b89ba9116b5c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f7-17efb"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
98043
expires
Mon, 23 Sep 2024 11:14:51 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 78B3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 78B3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 78B3 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 78B3 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:51 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 78B3 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=8JSUZmuWM48oJQBk_UEoVyipImoaa8b_fhaEem1HRkugI82U72EA1qAAhEmcTt9c8V-u57LmGsZXY5W6DfWExO5zzFA7jQSADs9HJ9rOU7GMnefUfGstnOKMigfpXNacWfxuHLEKsZ3HYjHRpe5vdnMnyhh8e3a1KNwI7ZX1JDhOfUBdt6DR56C2bFoSbpZso1XOHVdac8q7tm16tiASSrbtU16sIIItXcwRXm1juonrT-soFmtMmjVXCpnalczzsjSsnVhNgPOVRjOh5TO6VscR060vUmwdM2lxa0IKK5FRuMOCiISb5rLYd_QljUy0-s4Ov5iqk0a60_1JllMZ-L_8lKNMJnGcTOtgTb9VoV4FUhftG1ri1flSDvcXdaSJvqdi0kXEJ8ysK1nJW2g6XjCIi0UCvhQN7-euN8ixjtAtC7FE3GLVbbnkZJygPoEX_iw8bg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1983316
expires
Mon, 26 Jul 1997 05:00:00 GMT
e2e899b75a834fbab06a126224102313_image_ad_970x90.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame 78B3 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/e2e899b75a834fbab06a126224102313_image_ad_970x90.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
84668247ec45d9e497720cf6a3c7a8ae586cdecc4e1f6802540dbce06728c349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f7-cebf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
52927
expires
Mon, 23 Sep 2024 11:14:51 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1402 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1402 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1402 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 1402 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:51 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 1402 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Wceu8EN-lqGZJlJdy2CTm2J1AdoRz7ogDOgs2N6yPC1xtUGOh_lrHgcWBl1-E6O71rhRLwLo_aiqQEeYQmlcUOYYP8tz-uFIuJWMNoBpcNbrXvF695t17Om5QFIinUGo9D8hgoLM7RcgRFCTUSINtDskhoBmf8J6CvpyTJPuIk6kpdFVtH9qaswysomtYeTR5p2Mv59uG1IYLmdj9GJX0mBvwcx51xCHZElmmRti_TFkb-_7jqvxhDHfmWT-b9LQMGogjrZVF0kqby953M7XN2F0PgiW5X3GYtPxYFF57qY4mQ-0nC9nueZdQFUP7Y7f97-ti08UkjTf6JvivhxHLwu-M-_x0Z0BNDiNVdkAttXSmeOkNkI6n7wiHGgC1L0QgrvbWeMsTfCBoy0xupcUbni4MudoqBjAlMQK_QwFdehXjyY5FbPxAg95P8VmqVnRw0Ihaw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1755390
expires
Mon, 26 Jul 1997 05:00:00 GMT
2a9f70062f4a4ed6901a5ae42c8805a2_image_ad_970x250.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame 1402 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/2a9f70062f4a4ed6901a5ae42c8805a2_image_ad_970x250.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0276a27e67bdbc6bb0c57fe00eb45ddf79382623d4218e3f246b89ba9116b5c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f7-17efb"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
98043
expires
Mon, 23 Sep 2024 11:14:51 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9FAF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9FAF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9FAF 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9FAF 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:51 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 9FAF 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=nvCwkv6Ti2WFjV803WoWkZUmQL7zYyybScoSZRZRcf1YEI9xbB8uUCii7ES8o1ZJEe0jj7F7tDG7NZ7TKAZSzZrjctoxTr8wJlBsSjeya2L1obiR1-1pTAnbpLbGQokNPdkeX_l7Ntc1eh5bYSWs47z-rHgHkCbUfF2Vt5g342TZ3eE1pCL-hVm7gXWPoFlNjk0bH8FHzAAxMCNuh1vS-Gw5FuDMnOemvlajlnkmWk-sw-ImbdIlrb7xgujJwDwNU-gMLsG-HBkTiaAZooKlglOkofVXk0RrYIpfDN78sHKGEZrAi-q0S54asxN_T3CsAJdXYLlrZnDXjoTgkk8b3EUKKw617UZ8caDesWktOzk2zu0qNwj1vycGrNnFkOWBuqT170lcijxLMEI2O8czH0sqUMP2UaN_EXGYUOqKBrGiuehp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1590625
expires
Mon, 26 Jul 1997 05:00:00 GMT
4de9845dbc3b4002b9397b4dc38aeeb9_image_ad_336x280.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame 9FAF 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/4de9845dbc3b4002b9397b4dc38aeeb9_image_ad_336x280.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
bfe9b0c81b360f6235931630ab559b1a9912fbd8874e5df4e16866ecf5557d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f5-11725"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
71461
expires
Mon, 23 Sep 2024 11:14:51 GMT
fbevents.js
connect.facebook.net/en_US/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3c23f58e5c037e4b8b1efc40ff22d331b67606d8eaf34e6ed9203a3fba9a2641
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 29 Sep 2023 11:14:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53277
x-xss-protection
0
pragma
public
x-fb-debug
6s5Pn8pb0kERJMJKEMdMhNY41hZj8FLzC+3ucItko0TRn10IZwOrfbb/5FpZnJXXX1sKipjlpR32TtSWS8GqWg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
v2
id5-sync.com/gm/ 		276 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
32a1b5c201ae36a6fcba52ec5b93b3e7234b3a5cd856f38f3a78b0a880639734
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techbullion.com
date
Fri, 29 Sep 2023 11:14:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
privacy_small.svg
static.criteo.net/flash/icon/ Frame EC7D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame EC7D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EC7D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame EC7D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:51 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame EC7D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=F8vjBsY05qag_bTTP79udlk-QxypoeCJNBc3qMU0qeexzNrO1uOjLjccGwBuiMFY3swfKtTVEaLiSXUEejfg1aY_Z1w-tSNRY9pTbZjwk3W9wFxwceCpLO4i61FmLqr3pXw-_CAdntxzADNxyYYGE43QUspE6MR04oHY9m5KR5gX40DQ566LQLDbmsNlnwa3nNjXNnaZwGfa6d5rITEcy0qy8thnp2nQlao8IOcJVbpKP3x97s2qHOGsAFgX4-H0rbMNLCm_k3tQoKdENo_bQha9HVWycmPvtD1KyP7Bo5G2EFYZtvyAszhE95s_Dgpbj4H4_MhfhoEwu-9UTCJYQfD3A6kjNAyuKjzqNlN1jkC9-3b1EIuRWP_1ApmpLDK5z2mLKST2xb9rh6VKq0Lb-do09agNongKn3Ws-yqv5zkyPGkCGsZrF2eHQsR1qvowY6zoFw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1817419
expires
Mon, 26 Jul 1997 05:00:00 GMT
cf7bd23d305241dd94a45ac5515c87d0_image_ad_300x600.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame EC7D 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/cf7bd23d305241dd94a45ac5515c87d0_image_ad_300x600.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8899aad3ca8863fd7d1a05a6d202e17053ad6f7ffe21a3d51d8f74150a9ff4b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f3-16ecc"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
93900
expires
Mon, 23 Sep 2024 11:14:51 GMT
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:07:20 GMT
content-encoding
gzip
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
452
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
RRq0T0z_otDCDu4pLxaT1Bn_u20D6nT3MJdHZ-7yTgjDfGxgJ3m2YA==
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C1E0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKupKJEH7GH6eqvxndQNl50&google_cver=1&google_push=AXcoOmSZiMOHlFD6z8E_PqWFkZpSBXdWe2QSgc8KVaPfIPvn-cGnj8CQGdRT01Hvj4tvLLZER84gFojc-jLY7m5ntyFUVznbE_Bz
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk1MzE5ODkwNTkzNDg3MDQzNg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKupKJEH7GH6eqvxndQNl50&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKupKJEH7GH6eqvxndQNl50&google_cver=1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKupKJEH7GH6eqvxndQNl50&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gcm
a.c.appier.net/ Frame C1E0 		0
0
pixel
cm.g.doubleclick.net/ Frame C1E0
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7uPldrInTGWNaETL-ajDrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7uPldrInTGWNaETL-ajDrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRbHBLXHw-YJGKthFcoavfeqNIGZnViiepIPCc3cLOoe4IHAVZu83_IDw-6z1rtIQQVFhCmCYni6hjm6RvXsmoA81qBZiHQ9Q
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7uPldrInTGWNaETL-ajDrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRbHBLXHw-YJGKthFcoavfeqNIGZnViiepIPCc3cLOoe4IHAVZu83_IDw-6z1rtIQQVFhCmCYni6hjm6RvXsmoA81qBZiHQ9Q
date
Fri, 29 Sep 2023 11:14:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C1E0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOd_s5TRC70u5H7U98D65Yg&google_cver=1&google_push=AXcoOmQLgQviixE3Aa53lsmFJ-xMtpNzskbaxFwzngj3IQvkhtRXtvTCFL7xTwlRXkF5OYYv0Qz...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE40SUJVN0ctMU8tNTU3OQ==&google_push=AXcoOmQLgQviixE3Aa53lsmFJ-xMtpNzskbaxFwzngj3IQvkhtRXtvTCFL7xTwlRXkF5OYYv0QzU4QTLW4_4n-LKcS0uSVSKP74MQw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE40SUJVN0ctMU8tNTU3OQ==&google_push=AXcoOmQLgQviixE3Aa53lsmFJ-xMtpNzskbaxFwzngj3IQvkhtRXtvTCFL7xTwlRXkF5OYYv0QzU4QTLW4_4n-LKcS0uSVSKP74MQw
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE40SUJVN0ctMU8tNTU3OQ==&google_push=AXcoOmQLgQviixE3Aa53lsmFJ-xMtpNzskbaxFwzngj3IQvkhtRXtvTCFL7xTwlRXkF5OYYv0QzU4QTLW4_4n-LKcS0uSVSKP74MQw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
pixel
cm.g.doubleclick.net/ Frame C1E0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJphu9i-LhZPygaC8w2anjM&google_cver=1&google_push=AXcoOmR3d_ZbPnNGEown1MLfNryvv-cEPTUZ43ROWtMtGdqHHeColvAM9j4PSu5gdB0AQCpXiyQjWyvhbeNP...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR3d_ZbPnNGEown1MLfNryvv-cEPTUZ43ROWtMtGdqHHeColvAM9j4PSu5gdB0AQCpXiyQjWyvhbeNPgTK2QWvQZ_91ArCF
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR3d_ZbPnNGEown1MLfNryvv-cEPTUZ43ROWtMtGdqHHeColvAM9j4PSu5gdB0AQCpXiyQjWyvhbeNPgTK2QWvQZ_91ArCF
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR3d_ZbPnNGEown1MLfNryvv-cEPTUZ43ROWtMtGdqHHeColvAM9j4PSu5gdB0AQCpXiyQjWyvhbeNPgTK2QWvQZ_91ArCF
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame C1E0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRaTXSZzJ8B599YMtvAcXqUHJ_EmAVTbxgDXYL6v8j4SOEMErF7T0GjZEKTJOWG90ePbjxunL-uvkDIw56RnDDWYzDHUSKo&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-a299bed7-7db2-44e3-a185-cc097c5ceec1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRaTXSZzJ8B599YMtvAc...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRaTXSZzJ8B599YMtvAcXqUHJ_EmAVTbxgDXYL6v8j4SOEMErF7T0GjZEKTJOWG90ePbjxunL-uvkDIw56RnDDWYzDHUSKo&google_hm=A6KZvtd9skTjoYXMCXxc7sE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRaTXSZzJ8B599YMtvAcXqUHJ_EmAVTbxgDXYL6v8j4SOEMErF7T0GjZEKTJOWG90ePbjxunL-uvkDIw56RnDDWYzDHUSKo&google_hm=A6KZvtd9skTjoYXMCXxc7sE
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRaTXSZzJ8B599YMtvAcXqUHJ_EmAVTbxgDXYL6v8j4SOEMErF7T0GjZEKTJOWG90ePbjxunL-uvkDIw56RnDDWYzDHUSKo&google_hm=A6KZvtd9skTjoYXMCXxc7sE
date
Fri, 29 Sep 2023 11:14:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa299bed77db244e3a185cc097c5ceec1003
content-type
text/html
sync_before
tg.socdm.com/rtb/ Frame C1E0 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame C1E0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IH2d7LyvVmp7b-TaYGSD9rePjNi9cA8xNH874JroApYUjnmiAAQC9YR7Uuy9Kb7HoPM7ih
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 84A8 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE76CehBzERmaRjxSL-dbD4&google_cver=1&google_push=AXcoOmTPyRpkRuE45oyFtsMtdPulrJhKWEzc2fTuabZQkBWboS6C9aZngIBLofbgyynpcHK4uDX_5zsF-muXZH6JTa8QIy3rP91taw
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 84A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOd6rldHWNiftU5LrbZOV_0&google_push=AXcoOmTDE3O45pW3KniGjppnnCiqcxPKFxJGta-XHPSxJxEHkY3tIjcTwg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOd6rldHWNiftU5LrbZOV_0&google_push=AXcoOmTDE3O45pW3KniGjppnnCiqcxPKFxJGta-XHPSxJxEHkY3tIjcTwgyW_QFrnhpvmztJD8SF4Jam_Q0wCyUfKqj_l0Ajr_X7tQ
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230083-FRA
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1695986092.672649,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOd6rldHWNiftU5LrbZOV_0&google_push=AXcoOmTDE3O45pW3KniGjppnnCiqcxPKFxJGta-XHPSxJxEHkY3tIjcTwgyW_QFrnhpvmztJD8SF4Jam_Q0wCyUfKqj_l0Ajr_X7tQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 84A8
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED7-Al_pJ1v54Hlep0Y2XRI&google_cver=1&google_push=AXcoOmQvpjT-1ndVcAXpiLp0NJqfnMVp_3vq1EbFK5hdVEzQfpddnlh-2kQ4yciWM2lu9IjG6GC1SmL-wlG...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQvpjT-1ndVcAXpiLp0NJqfnMVp_3vq1EbFK5hdVEzQfpddnlh-2kQ4yciWM2lu9IjG6GC1SmL-wlGd_INN_i5c_gLVyD9jsQ&google_hm=7ggHE4SOTZyHEcAIe3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQvpjT-1ndVcAXpiLp0NJqfnMVp_3vq1EbFK5hdVEzQfpddnlh-2kQ4yciWM2lu9IjG6GC1SmL-wlGd_INN_i5c_gLVyD9jsQ&google_hm=7ggHE4SOTZyHEcAIe3f2LoI
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQvpjT-1ndVcAXpiLp0NJqfnMVp_3vq1EbFK5hdVEzQfpddnlh-2kQ4yciWM2lu9IjG6GC1SmL-wlGd_INN_i5c_gLVyD9jsQ&google_hm=7ggHE4SOTZyHEcAIe3f2LoI
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 84A8
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHxWEHIpuPtTKlIdEtgEMBo&google_cver=1&google_push=AXcoOmSEBtB9ZP4BIrlwdMO7zXdEDzLpupgBmSdwb8KCkxSlDVFRU-GpPvpT06KOSHbvZtpcLtFIWkqdF1rCTi1_...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zfH4raHVSJ8me9DJzrovfg&google_push=AXcoOmSEBtB9ZP4BIrlwdMO7zXdEDzLpupgBmSdwb8KCkxSlDVFRU-GpPvpT06KOSHbvZtpcLtFIWkqdF1rCTi1_EJu59A_TnUZXIg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zfH4raHVSJ8me9DJzrovfg&google_push=AXcoOmSEBtB9ZP4BIrlwdMO7zXdEDzLpupgBmSdwb8KCkxSlDVFRU-GpPvpT06KOSHbvZtpcLtFIWkqdF1rCTi1_EJu59A_TnUZXIg
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 29 Sep 2023 11:14:51 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zfH4raHVSJ8me9DJzrovfg&google_push=AXcoOmSEBtB9ZP4BIrlwdMO7zXdEDzLpupgBmSdwb8KCkxSlDVFRU-GpPvpT06KOSHbvZtpcLtFIWkqdF1rCTi1_EJu59A_TnUZXIg
x-host
tde-deliveryengine-production-8b9d7bc7f-66jzb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 84A8
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJdXO9D4Q9Ar_dhFV-bODlM&google_cver=1&google_push=AXcoOmS0-TIGpnOMYEbsQSK0PtB3cZq9rp7B3gytue9kR-_OMZ7XO199cCc17Z64x0tD61DWSOjP2cbYR_05i011...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=19ef7b318a&gdpr=0&gdpr_consent=
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=19ef7b318a&gdpr=0&gdpr_consent=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 29 Sep 2023 11:14:51 GMT
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=19ef7b318a&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
7VtImIXrz2U3jVRhBa6MPErH1_wLINFToyEdGnGeZcgfBvPQ1iabXg==
pixel
cm.g.doubleclick.net/ Frame 84A8
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEIaqNarYeFtIGMtuZZnBZN0&google_cver=1&google_push=AXcoOmRN6UC0AmN8uGgP_keSlu5cqAONn11AgPnNXkuSJGLkPtRI4aDvh5RQGSypqET60C4y1n7KC36izqna9-nsxcpXsSxtEhJcEA
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRN6UC0AmN8uGgP_keSlu5cqAONn11AgPnNXkuSJGLkPtRI4aDvh5RQGSypqET60C4y1n7KC36izqna9-nsxcpXsSxtEhJcEA&google_hm=M1JVdzJBQTk5c0FhTl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRN6UC0AmN8uGgP_keSlu5cqAONn11AgPnNXkuSJGLkPtRI4aDvh5RQGSypqET60C4y1n7KC36izqna9-nsxcpXsSxtEhJcEA&google_hm=M1JVdzJBQTk5c0FhTlRsaU52dXY=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRN6UC0AmN8uGgP_keSlu5cqAONn11AgPnNXkuSJGLkPtRI4aDvh5RQGSypqET60C4y1n7KC36izqna9-nsxcpXsSxtEhJcEA&google_hm=M1JVdzJBQTk5c0FhTlRsaU52dXY=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 84A8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo&google_cver=1&google_push=AXcoOmQUVLibqzkjAP3Zt82ODYvz77e9EB3at7LS58Wqq8X_htWLw7EOqHfSa6r8A6e1KBo7irEZKIf8vUaf5mieMxKA1KogZSC7
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQUVLibqzkjAP3Zt82ODYvz77e9EB3at7LS58Wqq8X_htWLw7EOqHfSa6r8A6e1KBo7irEZKIf8vUaf5mieMxKA1KogZSC...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmQUVLibqzkjAP3Zt82ODYvz77e9EB3at7LS58Wqq8X_htWLw7EO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmQUVLibqzkjAP3Zt82ODYvz77e9EB3at7LS58Wqq8X_htWLw7EOqHfSa6r8A6e1KBo7irEZKIf8vUaf5mieMxKA1KogZSC7
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmQUVLibqzkjAP3Zt82ODYvz77e9EB3at7LS58Wqq8X_htWLw7EOqHfSa6r8A6e1KBo7irEZKIf8vUaf5mieMxKA1KogZSC7
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 84A8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Knlhv0cfyfAZTXIBpaz58HHm1JuhcdEf6Hbh_fLTviiFw8GTiXWfE24siqlr54oipY1hT0
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
checksync.php
hbx.media.net/ Frame C033 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?&vsSync=1&cs=17&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C59%2C70%2C77%2C80%2C82%2C97%2C99%2C108%2C109%2C111%2C112%2C113%2C117%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C203%2C214%2C222%2C226%2C229%2C246%2C251%2C294%2C337%2C339%2C359%2C2025%2C2026%2C2027%2C2028%2C2030%2C2031%2C2033%2C2034%2C2043%2C3007%2C3010%2C3012%2C3014%2C3016%2C3017%2C3018%2C10000&usp_status=0&usp_consent=1&gdpr=1&gdprconsent=0&https=1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=techbullion.com&version=&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-160-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
020d18831e25830f4b8cf3ca08121019861a272cd1fa54b5596380fd1e407d3d
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8253
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 11:14:51 GMT
expires
Sun, 01 Oct 2023 11:14:51 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
i.match
s.tribalfusion.com/z/ Frame 8A7F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJ_Uyy2lIKu1xPFrQ7OjOu4&google_cver=1&google_push=AXcoOmQh2Mcw1nez8eP6qP6eEdabmLtFr7qcLLNq2W5tMycZgO237oWZs0euCmTLG_d19LOS15A03_neRnq6x_XmdsivZFM4ZR9Df...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ_Uyy2lIKu1xPFrQ7OjOu4&google_cver=1&google_push=AXcoOmQh2Mcw1nez8eP6qP6eEdabmLtFr7qcLLNq2W5tMycZgO237oWZs0euCmTLG_d19LOS15A03_neRnq6x_XmdsivZFM4ZR9...
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ_Uyy2lIKu1xPFrQ7OjOu4&google_cver=1&google_push=AXcoOmQh2Mcw1nez8eP6qP6eEdabmLtFr7qcLLNq2W5tMycZgO237oWZs0euCmTLG_d19LOS15A03_neRnq6x_XmdsivZFM4ZR9DfA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh2Mcw1nez8eP6qP6eEdabmLtFr7qcLLNq2W5tMycZgO237oWZs0euCmTLG_d19LOS15A03_neRnq6x_XmdsivZFM4ZR9DfA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
80e3ce133fe22c4e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
104
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ_Uyy2lIKu1xPFrQ7OjOu4&google_cver=1&google_push=AXcoOmQh2Mcw1nez8eP6qP6eEdabmLtFr7qcLLNq2W5tMycZgO237oWZs0euCmTLG_d19LOS15A03_neRnq6x_XmdsivZFM4ZR9DfA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh2Mcw1nez8eP6qP6eEdabmLtFr7qcLLNq2W5tMycZgO237oWZs0euCmTLG_d19LOS15A03_neRnq6x_XmdsivZFM4ZR9DfA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
80e3ce10fde52c4e-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8A7F
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHxWEHIpuPtTKlIdEtgEMBo&google_cver=1&google_push=AXcoOmS8caTlyHUNQGROFnuR3fDR1q8lkyK3PhfGwXpKIh-cSgbj0_dnioBJnOjKwpvUPPQ4VIAdqm8tGRg3Sidp...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vSzjjUd-RAUP22DrLamDWg&google_push=AXcoOmS8caTlyHUNQGROFnuR3fDR1q8lkyK3PhfGwXpKIh-cSgbj0_dnioBJnOjKwpvUPPQ4VIAdqm8tGRg3Sidp75OtXxtXAssyww
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vSzjjUd-RAUP22DrLamDWg&google_push=AXcoOmS8caTlyHUNQGROFnuR3fDR1q8lkyK3PhfGwXpKIh-cSgbj0_dnioBJnOjKwpvUPPQ4VIAdqm8tGRg3Sidp75OtXxtXAssyww
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 29 Sep 2023 11:14:51 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vSzjjUd-RAUP22DrLamDWg&google_push=AXcoOmS8caTlyHUNQGROFnuR3fDR1q8lkyK3PhfGwXpKIh-cSgbj0_dnioBJnOjKwpvUPPQ4VIAdqm8tGRg3Sidp75OtXxtXAssyww
x-host
tde-deliveryengine-production-8b9d7bc7f-72cx9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8A7F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL9kwMfOXim-O_hsk7Vi19M&google_cver=1&google_push=AXcoOmQ2f-2zibJY68xfDzJh57gGJ8wjDzwcYwECZBMc7mk-YvoTU6V9QflGwjeyMWTtlhSUkUZHCP272z9p_K4jApam...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEL9kwMfOXim-O_hsk7Vi19M&google_cver=1&google_push=AXcoOmQ2f-2zibJY68xfDzJh57gGJ8wjDzwcYwECZBMc7mk-YvoTU6V9QflGwjeyMWTtlhSUkUZHCP272z9p_K...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ2f-2zibJY68xfDzJh57gGJ8wjDzwcYwECZBMc7mk-YvoTU6V9QflGwjeyMWTtlhSUkUZHCP272z9p_K4jApamtFmmY3abHw&google_hm=0h3KtT_PQ_uicTqHnC4Sng==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ2f-2zibJY68xfDzJh57gGJ8wjDzwcYwECZBMc7mk-YvoTU6V9QflGwjeyMWTtlhSUkUZHCP272z9p_K4jApamtFmmY3abHw&google_hm=0h3KtT_PQ_uicTqHnC4Sng==
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ2f-2zibJY68xfDzJh57gGJ8wjDzwcYwECZBMc7mk-YvoTU6V9QflGwjeyMWTtlhSUkUZHCP272z9p_K4jApamtFmmY3abHw&google_hm=0h3KtT_PQ_uicTqHnC4Sng==
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8A7F
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTAVUyE3ByPQ-W6sPzq8TQ10KqEN3csZGHTs_bR5yqDbyb3SZEOV54-ixOSGazTHVZW94IEe1IBYq...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTAVUyE3ByPQ-W6sPzq8TQ10KqEN3csZGHTs_bR5yqDbyb3SZEOV54-ixOSGazTHVZW94IEe1IBYq5dwlrn_2p7LhhbknXj&google_hm=eead468c-f96a-4fd1-8b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTAVUyE3ByPQ-W6sPzq8TQ10KqEN3csZGHTs_bR5yqDbyb3SZEOV54-ixOSGazTHVZW94IEe1IBYq5dwlrn_2p7LhhbknXj&google_hm=eead468c-f96a-4fd1-8bc5-e3d78d798a1a
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-56
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTAVUyE3ByPQ-W6sPzq8TQ10KqEN3csZGHTs_bR5yqDbyb3SZEOV54-ixOSGazTHVZW94IEe1IBYq5dwlrn_2p7LhhbknXj&google_hm=eead468c-f96a-4fd1-8bc5-e3d78d798a1a
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8A7F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo&google_cver=1&google_push=AXcoOmTZKE3okDY5nfG7KDpLChv7VCmDlfDZn_g139VeFBLxvkOMqU-kDp_6x2ZARnh3-sgV7CNJ3qfVahCuX2nUFrMiNoPAw9...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTZKE3okDY5nfG7KDpLChv7VCmDlfDZn_g139VeFBLxvkOMqU-kDp_6x2ZARnh3-sgV7CNJ3qfVahCuX2nUFrMiNoPAw9t...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmTZKE3okDY5nfG7KDpLChv7VCmDlfDZn_g139VeFBLxvkOMqU-k...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmTZKE3okDY5nfG7KDpLChv7VCmDlfDZn_g139VeFBLxvkOMqU-kDp_6x2ZARnh3-sgV7CNJ3qfVahCuX2nUFrMiNoPAw9t5Hg
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmTZKE3okDY5nfG7KDpLChv7VCmDlfDZn_g139VeFBLxvkOMqU-kDp_6x2ZARnh3-sgV7CNJ3qfVahCuX2nUFrMiNoPAw9t5Hg
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 8A7F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmSC1dYKJ-FKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE3MDM3MjUyOTgyNjQ1MTkxNQ%3D%3D&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmSC1dYKJ-FKegzyldT2KpavPd7ThX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE3MDM3MjUyOTgyNjQ1MTkxNQ%3D%3D&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmSC1dYKJ-FKegzyldT2KpavPd7ThXQGIqGLhZ_bEoarZwYoxuSf0U_EdO2gngkr9NpbnYARH5PYFImrhtdp-QXB1NaOmrF11g4
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
an-x-request-uuid
d9c9a047-83f1-4b5f-87fb-60d07bc2d071
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE3MDM3MjUyOTgyNjQ1MTkxNQ%3D%3D&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmSC1dYKJ-FKegzyldT2KpavPd7ThXQGIqGLhZ_bEoarZwYoxuSf0U_EdO2gngkr9NpbnYARH5PYFImrhtdp-QXB1NaOmrF11g4
x-proxy-origin
195.206.105.130; 195.206.105.130; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8A7F
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED_s85JaP...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED_...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8A7F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQTdRmTRsEZdF_zgaucCkk37Vg1MhrHWpbHzA2-xTN9YTEATLo_IWBQr0wN23kIXF7KNmVnFU
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.eu.criteo.net/ Frame D989 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=xCl6X2nhQQHg7_W-_PYKDMDMqgIhDa3uZioOVXSKBBmHWy9t-9bcY41Rhgt1jCyJ58bBARuxuW52H1r7WIvLaRkKrWeiGaHwL26ztp2jUhR-vER38jJl_VpB2ile2IqLP5w1UgAgvsbexf46_SmB9aw1xdphwklfhBt6uKm8ZAXg9Ifgo59imhjnK70xr34wwUY6sGD68nhgNx5hfoJdQeF4qq_2ygfCkS_zN-1odI1-SEMi92MdFUdnqhbd8HK6Z0MQUQ&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D989 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D989 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2EKd5UEAC3eub_vXtCWTb2fN9g10g&u=%7CurkAnIHIT4ZAoXa3qF7FSZAP7DxqhUPOboj5aloizlU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zGjEEIBTp6HwQGyTt8E7aZl8o46a4HR4AUm7eE0T9axjBqPmShcN8mvVVvJQxwML9WwE6UPZF3eFCml4sv162EX9KulUZ6qPwK_LLFrbW1qK12wLwG7FZ5hDd8lQoAji7u5RgyVYl92ZdbsjpheU-WlsYR-urlslzr49EH_V23rLqITwi_me5fUBB5eGK-1VdcahE2KIuneQPq-qulzS7LKLQ1V_JCxmQ5Y6mc2maoZg1kwiCsh4-4HMy6ShVgbij-N6hhcclCeqvApn6csLdWNHse4-qhdPOTP08B3mywjXZAtB9huRbBUVyjcPCFtuJKr_g7q9iZ555G1rDoxqe6IyTY01vQ_XEpfCQ19Lmg5nWeaBjEeFv6P3jHuNJW5tM62jueuc8VOItOzz47EZ08Ec5NzzDScB-YXABfpuVyQ6yyxCSoEju-cKDRc_uTH9w8KFK1V5CJR0FHaO81yW7Fc8jb_r4avylAqCfb80tRiXIZdYng5nCam8qav3DMqKrtH92BbOrwQ_vZ_i-_5-OSU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf0JEqrEWZeHWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPUCT9CVSJK8qBPUFF6QhIOOK6B4Ip9l_pn_A0TF-wriLQ1d437oJDFwYlQqgF8wVMoBdWpaxNR73JF9_m_-dfIXRUEr52l9pwj4za6rcEBjrmCeYoefS8k3ZJ3Wo_i9DI5Yw9phliuxJpr34pDE1C3oKzod_7Ho4C1xccrfl_fYA5-TGur1iJOQWXalVQZPyqoJX6Of0KTZaP6FA-PPhqd1muWTdlWRiBBgZ_NEcGOqYoRXE5TT5Zzsyyo9QbRr6Tv9-Zny0bQGvOTZSxoFrzaSQWRzrYqAwT7UFrY0V9eCppv45eQt4Q0gK4-0Q_X5pYAyU9PheCjaUFDcaAMk4hY5VdXVXLx0UYz9YeXTrAT3WyB3Ciry7A3Z9DeGUsv7oFz6Mm7FcpfIQqmKzIuG1B_tgurf_fJI2_PK97eNYmOf8EZ1JlApiQQ2jM9qKvyXtxEgJhePOpm5Ht1PT2Ug1wTP70rn0Vq6EBCL8cGwWVsTm-oUfpAKheAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o-QNldyBoOIdIIaOIHMvQ3HKT1A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
pixel
cm.g.doubleclick.net/ Frame 85E4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmR_VYaytZEGS4PhNteXqd8vDVDGl-ytO2cG19KB_tB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmR_VYaytZEGS4PhNteXqd8vDVDGl-ytO2cG19KB_tBQq9WoDcXsLnFwuHvG3IrtaiFp2SU4ZssCLyJS3Sl8Nb9thmSSyMo
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:51 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-0f37db6ac3f837baf@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmR_VYaytZEGS4PhNteXqd8vDVDGl-ytO2cG19KB_tBQq9WoDcXsLnFwuHvG3IrtaiFp2SU4ZssCLyJS3Sl8Nb9thmSSyMo
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 85E4
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPFjPrpjWx3xMaYZaPuJbSQ&google_cver=1&google_push=AXcoOmQgwNZ4osomC1GmJISo54DfP_N-HvOfX2LKoNM0CxeWTlEVQvU93RSVP0h6HuFcmAwQbol5boxVzYJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQgwNZ4osomC1GmJISo54DfP_N-HvOfX2LKoNM0CxeWTlEVQvU93RSVP0h6HuFcmAwQbol5boxVzYJn_n0_XOXkdlL9k9g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQgwNZ4osomC1GmJISo54DfP_N-HvOfX2LKoNM0CxeWTlEVQvU93RSVP0h6HuFcmAwQbol5boxVzYJn_n0_XOXkdlL9k9g
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQgwNZ4osomC1GmJISo54DfP_N-HvOfX2LKoNM0CxeWTlEVQvU93RSVP0h6HuFcmAwQbol5boxVzYJn_n0_XOXkdlL9k9g
Date
Fri, 29 Sep 2023 11:14:52 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 85E4
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESELlZigjFnqhnR1NqyUuDI1U&google_cver=1&google_push=AXcoOmSEKxqxJ-mKDknZk0zmqWvi2vOFToZ2nVu6lUbPCmbBAHgGsrscMe7SC5z2_A31yw5BvpPiQ7oREgITiTe-By6KaEg...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NTZkZDI5YjI2ZGUyNGFlMThjYThlMTQ2YjExNWJmN2M%3D&UIDF=CAESELlZigjFnqhnR1NqyUuDI1U&google_cver=1&google_push=AXcoOmSEKxqxJ-mKDknZk0zmqWvi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NTZkZDI5YjI2ZGUyNGFlMThjYThlMTQ2YjExNWJmN2M%3D&UIDF=CAESELlZigjFnqhnR1NqyUuDI1U&google_cver=1&google_push=AXcoOmSEKxqxJ-mKDknZk0zmqWvi2vOFToZ2nVu6lUbPCmbBAHgGsrscMe7SC5z2_A31yw5BvpPiQ7oREgITiTe-By6KaEg1r3c
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NTZkZDI5YjI2ZGUyNGFlMThjYThlMTQ2YjExNWJmN2M%3D&UIDF=CAESELlZigjFnqhnR1NqyUuDI1U&google_cver=1&google_push=AXcoOmSEKxqxJ-mKDknZk0zmqWvi2vOFToZ2nVu6lUbPCmbBAHgGsrscMe7SC5z2_A31yw5BvpPiQ7oREgITiTe-By6KaEg1r3c
date
Fri, 29 Sep 2023 11:14:52 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pub
cs.chocolateplatform.com/ Frame 85E4 		0
0
pixel
cm.g.doubleclick.net/ Frame 85E4
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENWtczFu33u-ELkAwd54TQ8&google_cver=1&google_push=AXcoOmRcTJgdYwUwhLw-pzWef_w6hIbYPkvr6bGRx7RDg1QumLLLnwVBL848RbmBmjx-Ww_KgF-PwG...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRcTJgdYwUwhLw-pzWef_w6hIbYPkvr6bGRx7RDg1QumLLLnwVBL848RbmBmjx-Ww_KgF-PwGvCyQfLp7k4O8kvLep3j20&google_hm=MjE3NDIwOTY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRcTJgdYwUwhLw-pzWef_w6hIbYPkvr6bGRx7RDg1QumLLLnwVBL848RbmBmjx-Ww_KgF-PwGvCyQfLp7k4O8kvLep3j20&google_hm=MjE3NDIwOTYxMDc4NDQ0MDk3OQ%3D%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRcTJgdYwUwhLw-pzWef_w6hIbYPkvr6bGRx7RDg1QumLLLnwVBL848RbmBmjx-Ww_KgF-PwGvCyQfLp7k4O8kvLep3j20&google_hm=MjE3NDIwOTYxMDc4NDQ0MDk3OQ%3D%3D
date
Fri, 29 Sep 2023 11:14:51 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 85E4
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEBJVUvGHDxnZVt94d-uJWw0&google_cver=1&google_push=AXcoOmRXDU1Bkm_G0dhOzSDJuGnLYmor34f91L2s8CzCWblMc4vBIeosx...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRXDU1Bkm_G0dhOzSDJuGnLYmor34f91L2s8CzCWblMc4vBIeosxFvU4O8YPbgbM2jPqhsTy1aU1oiN8VF5lBf5RBrRoSA6&google_hm=QlMuYTYzNS0xNmE3LT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRXDU1Bkm_G0dhOzSDJuGnLYmor34f91L2s8CzCWblMc4vBIeosxFvU4O8YPbgbM2jPqhsTy1aU1oiN8VF5lBf5RBrRoSA6&google_hm=QlMuYTYzNS0xNmE3LTQxYzctYTlkOQ==
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRXDU1Bkm_G0dhOzSDJuGnLYmor34f91L2s8CzCWblMc4vBIeosxFvU4O8YPbgbM2jPqhsTy1aU1oiN8VF5lBf5RBrRoSA6&google_hm=QlMuYTYzNS0xNmE3LTQxYzctYTlkOQ==
Date
Fri, 29 Sep 2023 11:14:52 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
0.gif
id5-sync.com/i/495/ Frame 85E4
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEI1VMYloraih76B-J_Zzlwc&google_cver=1&google_push=AXcoOmSKSQKzmuqcnPOhUPhpE92-rCY_yRbddlYobRJ-VBxV0MVTj12qFbpibyXF8lV37qAT34aehVxWFqDzKWEEbj4pZnUBkJnX
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSKSQKzmuqcnPOhUPhpE92-rCY_yRbddlYobRJ-VBxV...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 85E4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDplYjI4ythZhx2cVXTU8IjdVuiq7BM9LImMGPSPbECVd-de-3M5AwTQCHQ7WNnXCwfDEtw2s
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.eu.criteo.net/ Frame 2B0C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=TsRr8mnhQQHg7_W-lAFW5E1LSd0ARfwvKxh1VNtutjbwi4oHOqRnedTr7GZv76eeIyJ2JkFd158XOWqxkK7_8LeuwQArRSqmwlSo_ySJ24QJzU10kSu0Ga-mHB0pCPM38pz6hnBzpPEcFnDPslHP_YwkPEF0ulMe1DfOYkSgT6A0kJe2jcCv_fKMPjBy3n4mnV3BNe_PkS_NOsFhwfWMkADwEfFwJpOkUhMpBXpwiSg46wnYwL9hdzDY-8Hyf_A7Bt9LkA&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2B0C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2B0C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&u=%7CurkAnIHIT4YR%2BHoabxO5bQ85D6H8koIhJJGO0cTcJdY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBRVvJhzsgIgYN0Oaqr1Do4ZkmuYAA9rviAk4TT-pc1TZVfVcu4fPJiUnZNOHn_MGqh8WtOd33FsG06K8VD-kMFIUC4z2ECG0tPxXnfadY9AM36l6MQt2Us0NwIJft9Okm_1r8vC7VLBYE6stlrgtrNmV11RnTxFIYoegrRcqXSETwR3mf7jRO16FWFuV_YJk1tinQCz27zCTnit-wVyQ7Hh0xJIIZ8XtqHntVMPPcbB4B2lE_1BqR-68VPVMgee9hHN2WS7bEdhOxtM4BeWovxDTS_vZJi657CMYvXhfHw-5YLE9rNbrJWHpPaLL1MhR7OHXI58nseaXgMh-eF4oFU0XC9hQ-ITbUcBBnzsz7SJC_3lKzj7KIj-OaHSyRBr6NofeyTyTVaNZ8EPWzXYNhIStGdGjvBu3iphjHXS2F7hM2Wbg1Zfm1NFLoJZlu5HMXdgdcWReLkb_i07dmNlg2yUnEnOiKstflbmBJtZlpWFSKAlnm-iSJ4u7do2Jnh2DF_ckVesdAXB4INyDNeXZJfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0tMmqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpafj9hx4GJluxCZdEUPOsIe8oBEfXtGGtCMNsfH4S5us-qnerOBWs4lY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3oKhpegKtiulWQfjVBcQ8gHHDBDg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
all
csm.eu.criteo.net/ Frame 78B3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=L6ZWq2nhQQHg7_W-kLDMxeCRx_V838NavpMFKdi6rYYSps_kqgxg49LDMralL_oXypJiqKH_tqHx6fPV5y3kM4Lay6YXsh_tSNRhqadcO5uAGLL2fqoDAhKJt3M6CKDpXd3tetUTxJ7VDZ2bSD4ilUsMlwQoYj7PflI5VRTPMF8-GjsfGkMNedi1d7wg3TJmcDD7jKOtYugQBTWob0N3LiCMf2icONnGmUVDVVlTBhkpkPS5Dx-dOff-ZnYhhGOl2MrH45F8XQExvDe-&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 78B3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 78B3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&u=%7CurkAnIHIT4YrtH4C84W%2F%2B%2FbLqUqZEBmqxR3Hro9WM64%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zBOMW8l-B7hOQuCnkhkksPrRfqJPCWpEuK0H3vm6JF2ydS7OY4c99WPYOTrRKW0cBzyw0SDB8KV5wcBgznRZaoIfQOFS_Rte0Jel16SHTKksJv-3k83ouP34kiOLG_RO1ixqOO3dg-9ocww2rAJvplI3N2ZDTi2CLe6zZgVrCR10tyNLE1gfhA3JJ8UrJlqk2RBDVWZXYALvQtKMko8UxPUiL5luBSoz9b-AzD3Il5JfIu-vtdsLgq2yyseBj-KMajDnUYnNGsofnwOx0BgKvVjp3BoXc7cRHRhLcbmCbt4nW-y17p8LwXYTpJ_GVeRGJyhB-YcAMw48plgET7R27005UJ1TeuaIYu2-5yWh-cyOasPGrfiMzMMEm7r1M9rSX27yKGHV4LFUk07hTRQilUcIpHLJHoipcRRwTm6u6dsiAthNNFzLxx_U1uWHEV7sFAUQcNxsZvAVumjzAuhxM0gE7AU-dltWqhzvkkQPXr5YVV31Cx5wRj8N8v9XOgP1HmmelsBQqNHQJi_d90dL17k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDLqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPsCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqbel-s683tMD20p6M563M6_6kNdf-g5j_Ugqb2PUbQ4IoBKKSZ8sykSaeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qmZFO8j0nmreGIWOonqUHaVX16g%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
all
csm.eu.criteo.net/ Frame 1402 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=zae1YmnhQQHg7_W-AmWUAUCWE45oya-pQfpHwvhcpLmlHC1_Pm9OghWOZFbEdax77dIymTIxZr30imErUU5nDaAL-ZlooRUnjYzb_M5uzBCbbL6llD4WcNuDQveZb-Tps0aC9iInNATlflZWlSWtsas1E01FFu5SE6bj-rDBW898qiQYx1wbA4kT8yBStXTwjLLSzuynkXXfL75Fs3AS0_2u45YuCD6fnCANJWZPmFNlkN_so-C7O1_jVI0CvlexjItRHQ&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1402 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1402 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&u=%7CurkAnIHIT4ZfIFL530gVk%2FF1JFPGaAm6FCcdoAFxctU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBShk3YAZYqdc-mMgWlzyrG2Imf0fc6_2xizEybjb3ioXlCMdgio-6iuYp4aUwfxyv0SSTkoDG_cBF86rQ4CvUTZvElk0dpKX_xJ7QYfeQWjlVhUPrDgENCBbTqedvm4j3K3RDjPJdGyhGwzeP0HyqJxhZfPx_QiHAenHofe17MZPL7HF7gZ1xpymXGFrWySirtitf03QgpWVFDseCpty_xkmtvQjKb--baX_8eFtm6z48BWhEGMWBElZ8gbkzoseBbXLwTaKXVl8Ypm0bbsgcmGLxflUmF3TP9bDLugjB1V9mx0Kdv8EWuacQUzpwBYXvZRlSE53mS11fSTNW3ZLcf9u061M71SQUtxcW1ng9rGc1Di8oMje0lhw2RaH8DSIuP1_0z_NZIT-ckK0Og3dQfkbt1d8CXOp6dU7vQSU5dI_MY6-OJzWJVaPwjmEPpMo4jSfJZNLGRVvN4Ioj6z5cSvJgyAzWo3_M78SzXV2Yo7Z6j-GiS-GiXBBSuBOLIdE80yHWwJQLHZcGX9GVagawX1dyg_Fd1Zg3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQZMIqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIMDT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56YnvsrastlhdYmcEgb9AC6_tyWYC36LwJQ3H9wZ32vHxUmNviDKWHwSA4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wT-Hqj-oV4Q3X6L0bsQ47yYOwYA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
pixel
cm.g.doubleclick.net/ Frame E29E
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE76CehBzERmaRjxSL-dbD4&google_cver=1&google_push=AXcoOmQtbXCbseXmVXnP_iowPF19VB-cxMUjIdDNKNRV41De1iubEX0EyG...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQtbXCbseXmVXnP_iowPF19VB-cxMUjIdDNKNRV41De1iubEX0EyGUo_UiTbMOYpcJhfc7mBngO0SbAJ06sDdcwec3Ucu0_&google_hm=rCNJvV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQtbXCbseXmVXnP_iowPF19VB-cxMUjIdDNKNRV41De1iubEX0EyGUo_UiTbMOYpcJhfc7mBngO0SbAJ06sDdcwec3Ucu0_&google_hm=rCNJvVND0-xYnWsBrzE5aQ
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmQtbXCbseXmVXnP_iowPF19VB-cxMUjIdDNKNRV41De1iubEX0EyGUo_UiTbMOYpcJhfc7mBngO0SbAJ06sDdcwec3Ucu0_&google_hm=rCNJvVND0-xYnWsBrzE5aQ
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E29E
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJO2hbF956afrHrUy-0IHgw&google_cver=1&google_push=AXcoOmSakMUzrjzAgIKJ2C-Ez-nd0FLaLKDScxnPQRG09S2vQQBUaxQgEP2FYnmCkgE4jfU3lY3UtbHeBKCbaxxGThWBNl3Vjfzi
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BEDC81BD7B4A42B9B8ECC33405451AC0&google_push=AXcoOmSakMUzrjzAgIKJ2C-Ez-nd0FLaLKDScxnPQRG09S2vQQBUaxQgEP2FYnmCkgE4jfU3lY3UtbHeBKCbaxx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BEDC81BD7B4A42B9B8ECC33405451AC0&google_push=AXcoOmSakMUzrjzAgIKJ2C-Ez-nd0FLaLKDScxnPQRG09S2vQQBUaxQgEP2FYnmCkgE4jfU3lY3UtbHeBKCbaxxGThWBNl3Vjfzi
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BEDC81BD7B4A42B9B8ECC33405451AC0&google_push=AXcoOmSakMUzrjzAgIKJ2C-Ez-nd0FLaLKDScxnPQRG09S2vQQBUaxQgEP2FYnmCkgE4jfU3lY3UtbHeBKCbaxxGThWBNl3Vjfzi
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 28 Sep 2023 11:14:51 GMT
pixel
cm.g.doubleclick.net/ Frame E29E
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE8i3wZ3rESgvABMZF0RKnQ&google_cver=1&google_push=AXcoOmS9jEllcYS8JA8FXY1T9I3WhGnXmotZpXcySnAyfIcnWUCiYelBYpRfkVLHuzB-U-ooWIZ2mtVNiTLCFp6qa...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE8i3wZ3rESgvABMZF0RKnQ&google_cver=1&google_push=AXcoOmS9jEllcYS8JA8FXY1T9I3WhGnXmotZpXcySnAyfIcnWUCiYelBYpRfkVLHuzB-U-ooWIZ2mtVNiTLCFp6qa...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS9jEllcYS8JA8FXY1T9I3WhGnXmotZpXcySnAyfIcnWUCiYelBYpRfkVLHuzB-U-ooWIZ2mtVNiTLCFp6qa2tVLhwkRyZm&google_hm=HZuCvGZHGjRJSJDfQNiW9F2V
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS9jEllcYS8JA8FXY1T9I3WhGnXmotZpXcySnAyfIcnWUCiYelBYpRfkVLHuzB-U-ooWIZ2mtVNiTLCFp6qa2tVLhwkRyZm&google_hm=HZuCvGZHGjRJSJDfQNiW9F2V
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 29 Sep 2023 11:14:51 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS9jEllcYS8JA8FXY1T9I3WhGnXmotZpXcySnAyfIcnWUCiYelBYpRfkVLHuzB-U-ooWIZ2mtVNiTLCFp6qa2tVLhwkRyZm&google_hm=HZuCvGZHGjRJSJDfQNiW9F2V
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
psync
sync.lunamedia.live/ Frame E29E
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJdXO9D4Q9Ar_dhFV-bODlM&google_cver=1&google_push=AXcoOmRsPFm23RqGmsWQLaIVzcbpYwdrNK6hwRpYutqxs9PQARlgtAWHe8pVpftJm1diaSAbiy09Xp50iXXPPw9B...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=b77a19f02a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=,&google_hm=19ef7b318a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D,
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=,&gdpr=0&gdpr_consent=,
  • https://sync.lunamedia.live/psync?t=s&e=255&cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001875%26dspCookie%3D%25USER_ID%25%26gdpr%3D0%26gdpr_consent%3D,,,
0
0
pixel
cm.g.doubleclick.net/ Frame E29E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo&google_cver=1&google_push=AXcoOmTS_X_puQoEnFDCOXXkaHDLGU_gl5czgvfdBj19jaflR-t1xIJ_KO-dYJ5WRzJ4V5CaFWYmTcvqDEtyBhb9u2XRVhMsYvXP
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTS_X_puQoEnFDCOXXkaHDLGU_gl5czgvfdBj19jaflR-t1xIJ_KO-dYJ5WRzJ4V5CaFWYmTcvqDEtyBhb9u2XRVhMsYvX...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmTS_X_puQoEnFDCOXXkaHDLGU_gl5czgvfdBj19jaflR-t1xIJ_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmTS_X_puQoEnFDCOXXkaHDLGU_gl5czgvfdBj19jaflR-t1xIJ_KO-dYJ5WRzJ4V5CaFWYmTcvqDEtyBhb9u2XRVhMsYvXP
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmTS_X_puQoEnFDCOXXkaHDLGU_gl5czgvfdBj19jaflR-t1xIJ_KO-dYJ5WRzJ4V5CaFWYmTcvqDEtyBhb9u2XRVhMsYvXP
date
Fri, 29 Sep 2023 11:14:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame E29E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENWtczFu33u-ELkAwd54TQ8&google_cver=1&google_push=AXcoOmTf7PzINscZARjJzqooxlpcVg41dGKSEmv2wLKfmqz_PO0ia34zb3WZfMn8bXNkg0HZtrPoPi...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTf7PzINscZARjJzqooxlpcVg41dGKSEmv2wLKfmqz_PO0ia34zb3WZfMn8bXNkg0HZtrPoPiWaKJ16X0peAhsljlTHzLE&google_hm=MjE3NDIwOTY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTf7PzINscZARjJzqooxlpcVg41dGKSEmv2wLKfmqz_PO0ia34zb3WZfMn8bXNkg0HZtrPoPiWaKJ16X0peAhsljlTHzLE&google_hm=MjE3NDIwOTYxMDc4NDQ0MDk3OQ%3D%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTf7PzINscZARjJzqooxlpcVg41dGKSEmv2wLKfmqz_PO0ia34zb3WZfMn8bXNkg0HZtrPoPiWaKJ16X0peAhsljlTHzLE&google_hm=MjE3NDIwOTYxMDc4NDQ0MDk3OQ%3D%3D
date
Fri, 29 Sep 2023 11:14:50 GMT
content-length
0
v1
match.sharethrough.com/E4rooAtA/ Frame E29E 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEN2bq1OBJiodPMFeKzyozVM&google_cver=1&google_push=AXcoOmQdJuBZDFx1Bxs9xBPVjd5iIWxgQCGjPLeBUdJJuzmVP8wjROLTeup6hJJVV64uLog6fx7U1-G1U-qJx2Br4HN6ATE9Q-4mAg
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.71.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-71-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E29E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IR73Hfr4gJfDXslmMUsxxT9mX4PAZXjNbuE1tOSwGtXci_9ee8HMrK8HzNrqbNcwNqUqx-JA
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.eu.criteo.net/ Frame 9FAF 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=9nPrX2nhQQHg7_W-_ePnh__38yNL0oCFUZ-5q0sWsXZVI9IosheEbF8T3NS5LTpAdFX7knBp8Ka96emph9YKaWjoX6ECGet0gKoS-syB6PoQTiiHZIvcTRWu0-sVKwbO8n8BxKp1njpg_tqF5BUQO1MYeKZzg4OBl6zziZ17yx0PeZEWY6LP3JjN5zKjaRTh8p8J4jzQKPjrAaBDzbe_6ikD8GuDpXcSv2_3MbRbyegVi0OQ3PgWNg4o0CcqD9_FtiZHxbO1x0P04wKF&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9FAF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9FAF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&u=%7CurkAnIHIT4Yc3yJsw6VDIDoB8wNaaPCAc5Fjc83dQwA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoYg3UZdaQZasGHKzzf0au_Ji2E0EdCaAKplGe-WphMouyzhCrg76-C-r5vyaU9gTE6CVA-3DFLwY7C72LWdzTrFC7Ts38EmgFvOv9n0TP149SElA4mXypbEAD9iOJkTZC6iLN6CBxVwSa9g5BDfK4C2DxSgqVCjt3CLHBl5Xo2essVB89beYGKnh6fo3fhwhpsHazgLqvAxZgDk-IfPVR8zg1j1Nq_7oelR_mZGPDtZV2Qn9PLgC6g8Xjt1TLZr88ZVxN39tSat35f9RDMV0-8xrvrO6n41LMcO8hKHK4kBxJvjwut5yVBfwfK-Ca8Bgokr_RFT16K_XhbRHI6ZJclWkw6eGCXniROF9VKaof0u9A6-kZJUF7SCuoFEgMpWxNcsBSFXZX5PIzudjs57Rjx14Q4xJZndM3Bi2GO3koWEdNNtTqGtXxPI_-3sDmn1NS__ochBU-SUVpdNaxyPz0JarefvXcCWRbGlXKTm6EtVIXGkc323ALxRS0xUFeWhtGeLTRCDah7z7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt8rqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqgWyLcFlut5aZ8AdyvN4CtTuwwcn7004YpPX3PrhhoUUvpNXIWNxJduG4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcpUxl9G0DPJ39gOd-y8inpGB8Q%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1695986091656&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1695986091656&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-t...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1695986091656&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&c8=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%20-%20TechBullion&c9=
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
cW3gIxMn6n2T3bNHyxeTCvhGhqWulUxh4qzG6cB8hvb71vylmtHpWw==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 29 Sep 2023 11:14:51 GMT
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1695986091656&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&c8=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%20-%20TechBullion&c9=
content-length
0
x-amz-cf-id
9wGak_7VLdfeVlmBdt9jLn2ZxGTIgkGIQsZzputb_3KOB5l3A664TQ==
pixel
cm.g.doubleclick.net/ Frame 50DC
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED7-Al_pJ1v54Hlep0Y2XRI&google_cver=1&google_push=AXcoOmTKse-4czFpvOP6FiqjW1-ZA_I9DOy4gPbeOJ62hFLrz80bsFkLiDlGx0bhDNaaI3g49lY4dqOmj8r...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTKse-4czFpvOP6FiqjW1-ZA_I9DOy4gPbeOJ62hFLrz80bsFkLiDlGx0bhDNaaI3g49lY4dqOmj8rXEMRJcxCv_bm-GypM&google_hm=7X3QYAv7RmiyA_r8CCyWToI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTKse-4czFpvOP6FiqjW1-ZA_I9DOy4gPbeOJ62hFLrz80bsFkLiDlGx0bhDNaaI3g49lY4dqOmj8rXEMRJcxCv_bm-GypM&google_hm=7X3QYAv7RmiyA_r8CCyWToI
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:51 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTKse-4czFpvOP6FiqjW1-ZA_I9DOy4gPbeOJ62hFLrz80bsFkLiDlGx0bhDNaaI3g49lY4dqOmj8rXEMRJcxCv_bm-GypM&google_hm=7X3QYAv7RmiyA_r8CCyWToI
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.srv.stackadapt.com/ Frame 50DC 		0
0
ads-user-sync
www.tumblr.com/ Frame 50DC
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJdXO9D4Q9Ar_dhFV-bODlM&google_cver=1&google_push=AXcoOmQmKkRMIXBUQta0uB9BcL9zavV4i0cBCLu1wK2RtZTjpv5aQW6t_Cc7gPxjJPIOoU4s5XIjY44OX6n3-CB1...
  • https://www.tumblr.com/ads-user-sync?partner=smaato&uid=f5057d1f2a&gdpr=0&gdpr_consent=
70 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tumblr.com/ads-user-sync?partner=smaato&uid=f5057d1f2a&gdpr=0&gdpr_consent=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-yiTWak88oLFhPPgawmhr3WC8Ak'; object-src 'none'; worker-src blob:; base-uri 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
ams 1
date
Fri, 29 Sep 2023 11:14:52 GMT
content-security-policy
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-yiTWak88oLFhPPgawmhr3WC8Ak'; object-src 'none'; worker-src blob:; base-uri 'self';
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; preload
x-frame-options
deny
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
content-type
image/png
x-rid
f48bb253a48dd4729aa9e0d3ccead7ed
content-length
70
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

date
Fri, 29 Sep 2023 11:14:51 GMT
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://www.tumblr.com/ads-user-sync?partner=smaato&uid=f5057d1f2a&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
USoFd1d7BzxYsJ8XU3Vamt_BwT--reNVNFpZLKI9qgTdxklv7Vl0Wg==
pixel
cm.g.doubleclick.net/ Frame 50DC
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEF6LIN484Ce_h645RbMK65I&google_cver=1&google_push=AXcoOmQsKCsPBkomjZbKdYYEQXQ5L4jkvThwwICLZUH8iIZIBBpdrjieF1jeIPrtBSMrKmpXfeBHSBiv9ODkfPznmbbwoV...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEF6LIN484Ce_h645RbMK65I&google_cver=1&google_push=AXcoOmQsKCsPBkomjZbKdYYEQXQ5L4jkvThwwICLZUH8iIZIBBpdrjieF1jeIPrtBSMrKmpXfeBHSBiv9ODkfPzn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=xSOl7uiDTW-MKYfNrMB_3w&google_push=AXcoOmQsKCsPBkomjZbKdYYEQXQ5L4jkvThwwICLZUH8iIZIBBpdrjieF1jeIPrtBSMrKmpXfeBHSBiv9ODkfPz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=xSOl7uiDTW-MKYfNrMB_3w&google_push=AXcoOmQsKCsPBkomjZbKdYYEQXQ5L4jkvThwwICLZUH8iIZIBBpdrjieF1jeIPrtBSMrKmpXfeBHSBiv9ODkfPznmbbwoVAoqxhp
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=xSOl7uiDTW-MKYfNrMB_3w&google_push=AXcoOmQsKCsPBkomjZbKdYYEQXQ5L4jkvThwwICLZUH8iIZIBBpdrjieF1jeIPrtBSMrKmpXfeBHSBiv9ODkfPznmbbwoVAoqxhp
access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:52 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
im.bluevoox.com/ Frame 50DC 		0
0
v1
match.sharethrough.com/E4rooAtA/ Frame 50DC 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEN2bq1OBJiodPMFeKzyozVM&google_cver=1&google_push=AXcoOmTeCp9k7rJABAvdTX9P9QiqQXeNBQStzKUpBFcFtLoZeD5IDSna0MXLQGC9Qji6d5LH0TXh4Md63veFMqmd021QQ1pqR32JIg
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.71.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-71-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
pixel
cm.g.doubleclick.net/ Frame 50DC
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGWhat9QX4sB...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzI1Y2E0NTgtYTZkOS00OWFmLThiN2QtMjA2MmFlZDE0NDMy&google_push=AXcoOmSbDWRcIRDQRIOKprriRsa_pg-2b9Btu0igQ3qdg0Iwap60RXCSUDmVBS-YJZ5sU...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 50DC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9DD4KmJwgoaSYWLH1vLKxGNiUztDHiYUHn9AzK28c7Yjm2wnP1KL_mPIbIe3fYJZd_HCbADV_
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sync.gif
links.services.disqus.com/api/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
all
csm.eu.criteo.net/ Frame EC7D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=MM-4PGnhQQHg7_W-U5627rYFCVLMSzBFGq94E4f1Q828NwnFjvRSscrxHfjSAZUSiBB5IlYOgM_YBRYcFZJ2757__Sam63XougmGHqNcKHunk2avIqiQPNGlw7RWWGqfvgtOFbyRb8dKoAU4qHk5lMOm54xYtPgtZCuMj8B1NiYqfm5O5k3ukdEOdk_wsymVqS4PcClEtu0bjx7S1jiiSabEO5AOyMYbwmaee04ng6lBK9-cDyOSTVRkuKcIXPrsDi_CPA&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EC7D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame EC7D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&u=%7CurkAnIHIT4aCnXVLKDpfsKOO7IvwlZuMnnD10CW3B4E%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRt3pt4UzBML6NV5JNvdKB29Ks8tChUnWoJ3IVhy84w3riXBWG607cylbjTFT-eGKJAeX7SqiQbbsxqFKs5xE2cTwqhg0G0DOCK9LjhiUZV0X5jArElnpg6HWmfLTQQLfnuZl35lo9Ao-P7litEuf9nsC4Gem9ViPJSUX6uTLNRH9BT7kO-bWhkUOUui5Fl0reqKbLTkkrwxdITlmi10iU2F-RQ8bxotZ5eHUIy9SoZ-PVIS7t5ghY81qYhHHQpzhkxOEGRn29bEmGDKghNwXbpz4JXdAWwvif4XuCD_v9jHgMDENXrerq3l0EieTZ3LdU1qiJ-z_-fuDOi8TXiR06i3FKL6dy9K_VbLajCWn2ss5wXuVL95i12G_LYpiWwJHiXpGZxRB9bRg-rPBaY8veQkT3BkUz_1-nV17DdiKYglod_e8vOQb68ugg9AH9HeTvzDfVnJHa9UK8HZreRSs31w2ij_oEErYkpvISTrgHE7w-uAk90T8XlOKjbUAA2vgPM1LE4OFpBokxpC3BupXlo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLSOqqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBP0CT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tONhSxJGrqCTqsS8NdBpHYQJq_zF9JNFdxCg9sg-b6riQrzL4Etl2l4eP4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tSwZ-q7C75nc08ege3getsV1Wmg%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:51 GMT
truncated
/ Frame C2E9 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55294e8a1b9e20b59ff2f01b6aa2ff7c383deb1c13a3e5c02c660c1894159e51

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AFEC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66b5d5369846734a6ab63a032e69d4654476aa3005d20dd45592c987e1c3225f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
domains
links.services.disqus.com/api/ 		58 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
990b3d25ea8194fca5f40fb7352f9622d2dae8f82dace6c369a654feb6f95c55

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:51 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://techbullion.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
Expires
Thu, 01 Jan 1970 00:00:00 GMT
134240187179576
connect.facebook.net/signals/config/ 		130 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/134240187179576?v=2.9.131&r=stable&domain=techbullion.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ca7fc746afb39a9a7979bbea3bc4d986129775455da770c59261ed70f5cf37d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 29 Sep 2023 11:14:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
SUjECJLQZi3+RDkY8EHyT5VUkY4VqnLuzeFiQmauNbQ0Q9a8E2ECASyzRftOIEae6EeFPqi/FBGfev+qN7CEWg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ Frame C80F 		205 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
572ea9d6773dcc68e5a717855c145a7d7e02305f42213c1c75266ddeae26bc8f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A2E8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2024840f268b401c4d049158d59a09d2fef114b4ac3afb501796fb032068b98

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
log
c21lg-d.media.net/ Frame C033 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3389876908454630000V10&origin=1&flt=0
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=17&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C59%2C70%2C77%2C80%2C82%2C97%2C99%2C108%2C109%2C111%2C112%2C113%2C117%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C203%2C214%2C222%2C226%2C229%2C246%2C251%2C294%2C337%2C339%2C359%2C2025%2C2026%2C2027%2C2028%2C2030%2C2031%2C2033%2C2034%2C2043%2C3007%2C3010%2C3012%2C3014%2C3016%2C3017%2C3018%2C10000&usp_status=0&usp_consent=1&gdpr=1&gdprconsent=0&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-160-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 29 Sep 2023 11:14:52 GMT
content-length
35
content-type
image/gif
truncated
/ Frame 3156 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ffddbdb0a569a6f24246ee87eb53a162d14851e8d8c01fdef0e84d1514879d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel;r=1852628648;labels=title.Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%2Ctitle.Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1852628648;labels=title.Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%2Ctitle.Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%2Cauthor.Jim%20Bevin%2Cauthor.Angela%20Scott-Briggs%20%20TechBullion;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F;uht=2;fpan=1;fpa=P0-1427167826-1695986091557;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=techbullion.com;dst=1;et=1695986092001;tzo=-120;ogl=image.https%3A%2F%2Ftechbullion%252Ecom%2Fwp-content%2Fuploads%2F2021%2F02%2F6%252Ejpg%2Ctype.article%2Cdescription.A%20cybercrime%20subpoena%20comes%20under%20the%20responsibility%20of%20the%20FBI%252E%20The%20investigati%2Clocale.en_US%2Ctype.article%2Ctitle.Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%2Cdescription.Attorney%20Nick%20Oberheiden%252C%20the%20founder%20of%20Oberheiden%20P%252EC%252C%20is%20the%20best%20person%20to%20t%2Curl.https%3A%2F%2Ftechbullion%252Ecom%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receivin%2Csite_name.TechBullion%2Cimage.https%3A%2F%2Ftechbullion%252Ecom%2Fwp-content%2Fuploads%2F2021%2F02%2F6%252Ejpg%2Cimage%3Awidth.500%2Cimage%3Aheight.333%2Cimage%3Atype.image%2Fjpeg;ses=e3e067f0-aac6-4c16-a561-0289680e6287;mdl=
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C2E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRDzqqrEWZeDWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPgCT9D8Ph4sPKnJtRNmS70s8RBImO7ddTZXp9bWAv4JF66D4R_US7Zv-dEWrMhVItKwb6-_RpTCwO57_yKMuxNkJJH0VKycTKxAP0lYhACx1cm8dB8E3ztKomVzI0wnw27JhVeq_5UYI98OC9dkNmmBKSr5g3aY_YLu0pJkuMxnM40jPJhD4JpAhWgG1kPtiilI7df4Xogm7ZlBrZ6mN-nA9bmn_N-3CmbhwKPwPBug8aLiczTd9SsXWtLoejf6CE6lhxbT6aq72dTKT_--2mebDeUkMwpOAaSnt4fAEcEG-bRUTV5FGCn23amj1J57mDIomu9uZGYm_yL7UapCy9RP_oGdr5Y-1cMbFdee3CVWrldva7-3YMlSaKa9lI3ffglphuuq6IfXdGsogtGre1ybWWaGW4H04p8KfWG414ipaQNWmr5lrfcM_BPcOcXAHD-_jqaclcqoc-icMsv5zxT2_Ccb5GRXyeIXl3eUYYApowsmDpjS47JcWuAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshcdChsSFHB1Yi05OTYxODE0ODIzOTMwOTY3GP_9lQE&sigh=Qvd1Q2IlmaI&uach_m=[UACH]&cid=CAQSPADICaaNbmViAW5Dzk54_fmP6o3KC-KNREOLGKfYePYbXxxhAKgaJH6Ozp_6h-cf1QucWpFWD-iHgdu_9hgB&cbvp=2&vis=1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C2E9 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F9PLCcoHWp2DYgICAAAAnuEgqOdxwlUQqbEWZSS1EuEHJyEx8gkAABIAAAoKQVFVQkR3RUJEdw&wp=ZRaxqgAHa2AKd5UEAC3euR5s9leY_c7cl3EZuQ&cbvp=2
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
182651
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame AFEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CR04vqrEWZeLWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPcCT9AvvYUUhOa_7GeNRmHoB1b-H25t2fkR0Tt7JSpEhopVelCir6_kKm8XzwjEElHUmo9R_vbgzPRHS-x8kbibNxyX--xZ3eamWPwK8NLKC19EQ2ht9i8CidGEovSilPtxUW-LRreYB1HE46O33CUiySfs5kSF3ixhJPdN2QmqBuI7AanGOgc0TTEQJVGPRGf4agvCoBC8ofR1Mhe16lZDW_16RgdNkmlrO8DoBZDDLa2yJZcF89JgkEC561F-yMXy-hpC4jQRQhxnsnt7ur6PTi9kN5BYRcXmZkDrolSa_iCuCWPs1WZiX6uTvFC9deeYGFDW-ArNTTIfp8gRLExjHE52Xjk9PNSZoz9FNTHmsl1x779IttItRkMdqHNtfGRXIkqs5VDopFFo5zQBb4a6-m2sezeH7NFz3zFAMiM1s017SwV5b8Xg3miyrqLXUUOOpeXh1474i0lTYvZ6y8_uWSOyhxupVP-eNpfFjFcK9IWA4jEUOMC_4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTk5NjE4MTQ4MjM5MzA5NjcY__2VAQ&sigh=syd7YIeWRoQ&uach_m=[UACH]&cid=CAQSPADICaaNbmViAW5Dzk54_fmP6o3KC-KNREOLGKfYePYbXxxhAKgaJH6Ozp_6h-cf1QucWpFWD-iHgdu_9hgB&cbvp=2&vis=1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame AFEC 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F9j_CsoH-gGdg2ICAgAAAJ7hIKjnccJVEKqxFmU0TC3oeENLMs3lAAASAAAKCkFRVUJEd0VCRHc&wp=ZRaxqgAHa2IKd5UEAC3euR0lMSf0dNmGr02B3g&cbvp=2
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
156673
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C80F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0cCaqrEWZePWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBIADT9DXaQULg066goU81cs37Vk5kiMjLwvxWQh4JldtlLKnTEkbhZ0EvBokpW_1BddeXS6O7jEPWx9IFRgXW5lDgURpW0hwcV26pcHeCO2FFtfCaj05ZIW7mO5xvye5ANzik1BjqGCLWDRJExD5d9U_ZV8DcEaPjrZEE52q3P35Bgp0vAdhlfo0iPNP-srT7oc5Gx1drzRoza238jNLyv-eCeVxPbQMmGzqpxV5tkFTWsPfvMn4nBsuxeKvoTBDj84PJnRI06NUdZe41iWYbyDzA44AZ4gu1h0mBfssI9_Cv9YGjeuDHvUlEEcTowu5UY5obH_QeTM2zhIRVZ8EeMsFSggo0dekV01Kcu-iV9nsQpl5aqZP8RoVkSXLQGPUihawcXmFgyx0rj_xnkQIw5hcs0SfUqfo-uZPvvOoLyZQ6b2KYkHTGAUxJXoOIK8kdc13n7NpiU9EpfD56cvtkyQsJYhgxLcjWzNg4gvj7my01Yzop7kPyqCFZe_dSvulHBJ_4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTk5NjE4MTQ4MjM5MzA5NjcY__2VAQ&sigh=uo02WUgCesk&uach_m=[UACH]&cid=CAQSPADICaaNbmViAW5Dzk54_fmP6o3KC-KNREOLGKfYePYbXxxhAKgaJH6Ozp_6h-cf1QucWpFWD-iHgdu_9hgB&cbvp=2&vis=1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C80F 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F9j_CsoH-gGdg2ICAgAAAJ7hIKjnccJVEKmxFmU-ccJkOVpyPR88AAASAAAKCkFRVUJEd0VCRHc&wp=ZRaxqgAHa2MKd5UEAC3euVy_lw8x6wNyMlLbtA&cbvp=2
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
117881
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame A2E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGH9jqrEWZeTWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPQCT9BzqIS2DkPxN3UtSeiuyxUdXhqK99Imiq6gkSUVT7qVofnGo1pi-cUc7AaYTfV1EgtuVF6rnCSGxTjdUsrxAW7m-WXgd8NfQW9xKSWOKQLExSrxDJPFzRwTHEXuAHkdjvyvFhRlF4RZrg1QFA4sKxF4LGZWGZ3gmRVJnumLIeHggQpcZYU_5QO_TKdBiteVu850KpRrzlfEE0LtZUN4oeBxYVpEsyImRxKF4IZ-4q1my6hS9TzOFS2gRncdvnrmNkccbydn08DCuqT6ZGJtWDmcXsaNqTvfaZGma8945ip_V6qrxMZrocUiO7608ASiUVIBwr9PAg9ysJsAxWy_r4-xDnjz9TtNDCBwZ4Whzf0Ylet93uihDRlriIAKrpTyw5SdtiQT3hV3WAt5I-RF3uM9KPQSKjHJSt2f745ZmUaec0UcSoEHu3ft2_8XqkewDFPlKQ5nwRA6EH9Y43Dg5A2R5WMg4Ccf4VwTOZs4pgudtUOY4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTk5NjE4MTQ4MjM5MzA5NjcY__2VAQ&sigh=XI-qtGqRe2U&uach_m=[UACH]&cid=CAQSPADICaaNbmViAW5Dzk54_fmP6o3KC-KNREOLGKfYePYbXxxhAKgaJH6Ozp_6h-cf1QucWpFWD-iHgdu_9hgB&cbvp=2&vis=1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame A2E8 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F4bWC9ACmAKdg2ICAgAAAJ7hIKjnccJVEKqxFmX42vkKi-Tvcz4hAAASAAAKCkFRVUJEd0VCRHc&wp=ZRaxqgAHa2QKd5UEAC3euSimOslwdtJX4Nb8Uw&cbvp=2
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
187292
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3156 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4EWrqrEWZeXWHYSq3gO5vbfxD8me0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItOTk2MTgxNDgyMzkzMDk2N8gBCakCrebOtjfAsT7gAgCoAwHIAwKqBPoCT9D-WtoH9-8Pqt6Wfr6Gelyu6u8G50azVgvS4nHg1L-FcGeGbj9IZlHVwoMYu1qmTguJPgcWskxXXX03hSgH4W5C0M4XY6DNeWDC1-8J_bHXZl3Ay4JpTjNyKqkGVfDzSpTtRjwZugFQm2pudltZSrFIKC5OQbzYU0iNtnmm37nSDWlv_H5U_FWTo5AMbNHLIwg4-pDe406QtxHH_kSyAnAyUxA3JqLkhQMX1qUw4PUX-X8nhRjMjAhMZZ3zkxZ0iz0j2U0cZWQr6_vkyfVQB5TRuTcJC8XBsc3VD6Z5dZC3ORf4omQ4FiaBZdukRNiMPs0CHXPpQ0Z2DYbzqdB7KgWs3CIS_dusnCLQTxoysnT2kcvzqgs8tC98GPxJctP5ppdB8O2hv1pNQFpDXwKy2PzoetJTrRGfR3Q0sgxuqo_oz_HEgqxY4GEU2Zysm1ua514tOJpQ5QMrO_TXF_8qrpZniKZk2DvLLv9FRpz1j6lpVaa8t6oyhvmf4AQBgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTk5NjE4MTQ4MjM5MzA5NjcY__2VAQ&sigh=TthUtKMdfQY&uach_m=[UACH]&cid=CAQSPADICaaNbmViAW5Dzk54_fmP6o3KC-KNREOLGKfYePYbXxxhAKgaJH6Ozp_6h-cf1QucWpFWD-iHgdu_9hgB&cbvp=2&vis=1
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 3156 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F-2uBKwC2ASdg2ICAgAAAJ7hIKjnccJVEKqxFmV2KfyrB6X6tDNyAAASAAAKCkFRVUJBUUVCQVE&wp=ZRaxqgAHa2UKd5UEAC3eudZAM6k_4UPGdIC5jA&cbvp=2
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:51 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
152497
server
Kestrel
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
255 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2227620224526580&correlator=2330191878948076&eid=31076480%2C31078264%2C31077231&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=15184186%2Ctechbullion_970x90_728x90_300x100_320x100_320x50_300x50_top%2Ctechbullion_300x600_right_btf%2Ctechbullion_300x250_right_2%2Ctechbullion_300x250_right_1%2Ctechbullion_970x90_728x90_300x100_320x100_320x50_300x50_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%7C728x90%2C300x250%7C300x600%2C300x250%2C300x250%2C970x90%7C728x90&ifi=9&didk=3376109168~1808791791~938757558~938757559~3526021519&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De5f1bdc766d2a017-2276bf5f69e4001f%3AT%3D1695986089%3ART%3D1695986089%3AS%3DALNI_MZ_Bhqeug1SZhgq1qM0cdvsNBsEKA&gpic=UID%3D00000c88300aee6b%3AT%3D1695986089%3ART%3D1695986089%3AS%3DALNI_MahxcgfbaYgdPXGBJ7pJ3KlNPqrAA&abxe=1&dt=1695986092042&lmt=1695874768&adxs=-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1&ucis=7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=910471404.1695986089&ga_sid=1695986090&ga_hid=884511560&ga_fc=true&dlt=1695986088788&idt=918&cust_params=user-agent%3DChrome%26optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dtechbullion%26optimize_xp%3Da&adks=688519680%2C3188513766%2C1577603227%2C774357084%2C3858110776&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b9161daed700c08caf84ea8a485a1947d2f4393c36239cfcfd1e48a4aad6839
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
226
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		192 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2227620224526580&correlator=2330191878948076&eid=31076480%2C31078264%2C31077231&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=22960212090%3A22070893282%2CTechbullion_S2S_FixedFooter_ROS%2CTechbullion_S2S_TopLeaderboard_ROS%2CTechbullion_S2S_BottomLeaderboard_ROS%2CTechbullion_S2S_Uppersidebar_ROS%2CTechbullion_S2S_Lowersidebar_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C728x90%7C970x90%7C980x90%7C990x90%7C970x250%7C1200x280%7C468x60%2C320x50%7C728x90%7C970x90%7C980x90%7C990x90%7C970x250%7C1200x280%7C468x60%2C300x250%7C336x280%2C300x250%7C336x280%7C300x600%7C120x600%7C160x600%7C240x600&fluid=0%2C0%2Cheight%2C0%2C0&ifi=14&didk=3040013836~3418936807~1675263865~2398583599~2028296888&sfv=1-0-40&rcs=1%2C1%2C1%2C1%2C1&eri=1&sc=1&cookie=ID%3De5f1bdc766d2a017-2276bf5f69e4001f%3AT%3D1695986089%3ART%3D1695986089%3AS%3DALNI_MZ_Bhqeug1SZhgq1qM0cdvsNBsEKA&gpic=UID%3D00000c88300aee6b%3AT%3D1695986089%3ART%3D1695986089%3AS%3DALNI_MahxcgfbaYgdPXGBJ7pJ3KlNPqrAA&abxe=1&dt=1695986092044&lmt=1695874768&adxs=315%2C315%2C315%2C1200%2C1200&adys=1105%2C65%2C4241%2C330%2C3626&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C3%7C0%7C4&ucis=1%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&vis=1&psz=1600x-1%7C1400x250%7C1400x250%7C300x280%7C300x600&msz=970x-1%7C1400x250%7C1400x250%7C300x280%7C300x600&fws=516%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C300%2C300&ga_vid=910471404.1695986089&ga_sid=1695986090&ga_hid=884511560&ga_fc=true&dlt=1695986088788&idt=918&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1682501841548-9_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Coptimize_ad_unit_id%3Dbsa-zone_1695648277374-6_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Coptimize_ad_unit_id%3Dbsa-zone_1695648394347-0_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Coptimize_ad_unit_id%3Dbsa-zone_1695648447858-3_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Coptimize_ad_unit_id%3Dbsa-zone_1695648499296-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&cust_params=user-agent%3DChrome%26optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dtechbullion%26optimize_xp%3Da&adks=3042646370%2C323906682%2C2646576759%2C3506699808%2C4215429855&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9d24aa41ff06c90fa4f1336454e99e599bebcf0193994db66f8a4a18aabc133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27680
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=PageView&dl=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&rl=&if=false&ts=1695986092082&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=30&fbp=fb.1.1695986092081.1168117599&it=1695986091883&coo=false&rqm=GET
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 29 Sep 2023 11:14:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=ViewContent&dl=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&rl=&if=false&ts=1695986092083&cd[freestar]=c6eea4ab-168c-484e-858c-c0abf10812b9&cd[client]=322&cd[site]=414&cd[page]=c1a0fa3870d55adcf74936416a709e94&sw=1600&sh=1200&v=2.9.131&r=stable&ec=1&o=30&fbp=fb.1.1695986092081.1168117599&it=1695986091883&coo=false&rqm=GET
Requested by
Host: techbullion.com
URL: https://techbullion.com/nick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 29 Sep 2023 11:14:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
freestar
px.adhigh.net/p/cm/ 		49 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/freestar?fsuid=c6eea4ab-168c-484e-858c-c0abf10812b9
Requested by
Host: techbullion.com
URL: https://techbullion.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.148.143 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp4.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
server
nginx
x-backend-id
f4-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/login/ Frame 8600
Redirect Chain
  • https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19315a88b5a2f4%26d...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df19315a88b5a2f4%2526domain%253Dtechbullion.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftechbullion.com%25252Ff38c7c1c29e36f8%2526relation%253Dparent.parent%26container_width%3D270%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Ftechbullion%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=562a9ff4d3dd9087974975f1ff167187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 29 Sep 2023 11:14:52 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
5dKLC8dRGDjSDQgWIZ/qWPIH1RhbP8G9GG0nMf0hZENZ9FcIf6U7R7z6jp/9AiiJ/g2k1K7tCNkOnXViOnMfmA==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:52 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df19315a88b5a2f4%2526domain%253Dtechbullion.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftechbullion.com%25252Ff38c7c1c29e36f8%2526relation%253Dparent.parent%26container_width%3D270%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Ftechbullion%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
WQVgWKRJ3xFHQhg0eNruWWc1vRHMq6rPVjQFTIReqA4H839QtkCRsuSIkEydoZwx7IBCp8w4xzFD+VEq6RypEw==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_fy2021.js?bust=31078320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4f2299b7202a1826f2ef1266c5ca4b5564a2f92d7d37badd13d3639c3656aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12417
x-xss-protection
0
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
75c62e82f74bd25345dc7a5f8e4d286a64916d81ef047b956a18b554146a8606

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://techbullion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Sep 2023 11:14:52 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 30 Sep 2023 11:14:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CAD3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4938
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 09:52:34 GMT
expires
Sat, 28 Sep 2024 09:52:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FC39 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
83c799eafba373f1838ed53cf0bb4054839898f6d78667dc7ec262270d9d9719
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wXOlu1XePR8RQt6iG8684g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wXOlu1XePR8RQt6iG8684g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:52 GMT
expires
Fri, 29 Sep 2023 11:14:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame C2E9 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame AFEC 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C80F 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A2E8 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3156 		0
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3B2C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B4A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B4A6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E82C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B41 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:50 GMT
expires
Sat, 28 Sep 2024 11:14:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
domains
links.services.disqus.com/api/ 		42 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
6a84d7054c819c126c861adb95ed6086f75ad3e3ee0152e4c751bf023948ec63

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:52 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://techbullion.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 5D64 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=techbullion.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:51 GMT
server
Kestrel
server-processing-duration-in-ticks
374535
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 30 Sep 2023 11:14:52 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8632 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3fd9ce2f2c89a736d4f61481037c5052c9a0fa8535a1631425ae55c12ef25c36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=55aQv2nhQQHg7_W-NvkkjEFowRf9nd_IBObtIz0_hqowuCzIFcSD4HXjKlCYNbd5l0397mbqwU6KWFBUIBONGXNX3fUQbcho4KGgoPMRy-MW06fpPKVPLDaMA5a0ew_tG70txuFjV-ouSYn0p2ZlJRH2T9PMKLAkL9gqpFGc7wnjay03Ua7g5ZC_H9vrq68cfowsD_e5hIb8rXb1B-E7daEfBMnqLFBgXyx4cJSLKfse1uiKPEDKWg8g4sf_Hsyvh5J6hA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2759537
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3B2C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 17C9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3B2C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame 3B2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGRAqtbs38Qse4zrav09w25D7VQ5gN1WJ67NjVWgY39M8NXUPgRHB56sl4Oi6Mr_NJ9Y6s69gE-LaK5iXKU54_-j_uAA
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3B2C 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B2C 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:52 GMT
pixel
protected-by.clarium.io/ Frame 3B2C 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bXVaMnE1ZEJsQWV3cl9MRWhERlYyUjBRLWJVLzMyMzI0MjA3NjI6OTcweDkw&v=5&s=v31hbgac2jp&id=eyJkZnAiOnsiYWQiOjUzMzc0Nzk4ODYsImMiOm51bGwsImwiOjAsIm8iOjMyMzI0MjA3NjIsIkEiOiIvMjI5NjAyMTIwOTAsMjIwNzA4OTMyODIvVGVjaGJ1bGxpb25fUzJTX0ZpeGVkRm9vdGVyX1JPUyIsInkiOjYwMTg3NCwiY28iOjAsInMiOiJic2Etem9uZV8xNjgyNTAxODQxNTQ4LTlfMTIzNDU2In0sImRzcCI6MjJ9&cb=6765663&h=techbullion.com&d=eyJ3aCI6ImJYVmFNbkUxWkVKc1FXVjNjbDlNUldoRVJsWXlVakJSTFdKVkx6TXlNekkwTWpBM05qSTZPVGN3ZURrdyIsIndkIjp7Im8iOjMyMzI0MjA3NjIsInciOiI5NzAiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.213.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9012 		52 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
931dd593eed393a3d9a2f444e0606fe082a3674f2bd15b8b9e6b83b6a3b05349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=zwegN2nhQQHg7_W-CcoKvHtGm8m3O157kLDZE04BAPRc_ea72ejS_SKeMNg94gmvgpHV-1comtE_41R8rmI6cMvaH9t0AXAyeLw-TA6qoZfU9yEFF1WWzSsbqAbsfPyPMXQtWBDv6S_nHkODq1GKCVMIZSyOZF4R4IWfXuLfuO_QGI83gJ-x_kDvdIUvsLyccUAtxbZyxWKY07-p1XBe21qE4-fLiD_-2WBHL19BkhKbpRulsQKvXk1e3DUXfrZ53srcqfE0hxZ2xiET"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2575946
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 9B4A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 13EC 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 9B4A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame 9B4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8BfRT3cl-hprWUHln2ayKhXl0rzqZI4TGAa5lE7g7LddsRrYn8lQgtcfLKVlh3OTDj2OxqaVW9jNYWVddYibEBbkVdQ
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9B4A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9B4A 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:52 GMT
pixel
protected-by.clarium.io/ Frame 9B4A 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bXVaMnE1ZEJsQWV3cl9MRWhERlYyUjBRLWJVLzMyMzI0MjA3NjI6OTcweDI1MA==&v=5&s=v31hbgac2ll&id=eyJkZnAiOnsiYWQiOjUzMzc0Nzk4ODYsImMiOm51bGwsImwiOjAsIm8iOjMyMzI0MjA3NjIsIkEiOiIvMjI5NjAyMTIwOTAsMjIwNzA4OTMyODIvVGVjaGJ1bGxpb25fUzJTX1RvcExlYWRlcmJvYXJkX1JPUyIsInkiOjYwMTg3NCwiY28iOjAsInMiOiJic2Etem9uZV8xNjk1NjQ4Mjc3Mzc0LTZfMTIzNDU2In0sImRzcCI6MjJ9&cb=9251348&h=techbullion.com&d=eyJ3aCI6ImJYVmFNbkUxWkVKc1FXVjNjbDlNUldoRVJsWXlVakJSTFdKVkx6TXlNekkwTWpBM05qSTZPVGN3ZURJMU1BPT0iLCJ3ZCI6eyJvIjozMjMyNDIwNzYyLCJ3IjoiOTcwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.213.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 194C 		51 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c818a83f204ae99d61236abde23e8c1965cd017b043b7c4227c7928b85509c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Cec1AGnhQQHg7_W-CJIfYyCYPMLZ936CzbTxtuxrcdm8DpAT1znzGGF-3RtULEEmaMwMfHtoIA7lZ4vV1BdA9jxJFNiggbkhpuUTpR4N__6A4gOI8kVPXKoYtj8YlRkzpqFSW0XftxhVDju5GQPp_0Yq6FYz0Z_9sX0Ne90kxFLJjMnUJvq1DJCp-E6L606ZDRaU0wuLUSjIdIcwd6v73CHQfIlJcZojIsViGr55tf4pNcL6sjDAhklRpiDPm1_C-kv9lA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2652967
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame B4A6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 75FD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame B4A6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame B4A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuQwXmdzowAnqmR6NfA1oGXa7v2XS3Cs0L-tpjwF7Vi0Fnx_nuip9OBfEdgv6ssJwP9l18LP0YI5n-nLSIarPPAPtFIQ
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B4A6 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4A6 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:52 GMT
pixel
protected-by.clarium.io/ Frame B4A6 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bXVaMnE1ZEJsQWV3cl9MRWhERlYyUjBRLWJVLzMyMzI0MjA3NjI6OTcweDI1MA==&v=5&s=v31hbgac2nf&id=eyJkZnAiOnsiYWQiOjUzMzc0Nzk4ODYsImMiOm51bGwsImwiOjAsIm8iOjMyMzI0MjA3NjIsIkEiOiIvMjI5NjAyMTIwOTAsMjIwNzA4OTMyODIvVGVjaGJ1bGxpb25fUzJTX0JvdHRvbUxlYWRlcmJvYXJkX1JPUyIsInkiOjYwMTg3NCwiY28iOjAsInMiOiJic2Etem9uZV8xNjk1NjQ4Mzk0MzQ3LTBfMTIzNDU2In0sImRzcCI6MjJ9&cb=5425314&h=techbullion.com&d=eyJ3aCI6ImJYVmFNbkUxWkVKc1FXVjNjbDlNUldoRVJsWXlVakJSTFdKVkx6TXlNekkwTWpBM05qSTZPVGN3ZURJMU1BPT0iLCJ3ZCI6eyJvIjozMjMyNDIwNzYyLCJ3IjoiOTcwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.213.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 782F 		52 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ec73e6d6a77b63678ed6a979518e8582ce0c613abd787cb1edabd7034e66778c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=UnonGmnhQQHg7_W-HEUq4JIENEtLgyIbJFUwh1HYPysxz9kDc8yiJSagByyvT6phRHscJkINxrXdCyV31VMNRuaA0umRVQvyNkgomfjgUaQYRbQenGNuf3neeTbQlTSrfETXZOFeaX45sXWp3qmmUHUvtAbIwM80pVpMpzRMI9BN3HCXnLut6Tqx46qBaMMqBke1b6KnC9XsSYYi-LvoYnclr2EW1Ak4X_NhjdrQpv3971aRvA4jO-MNEy9te3WzA7Jg1A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2748543
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame E82C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3855 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame E82C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame E82C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkL8b41Rnw1qZSmulvq52JsodAtsQVadL0OgIoAQmsr5cn7UvJhnyyxBO0GtAFHomylI1b5Onm1Auddbw6VIpH_Tmd2g
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E82C 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E82C 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:52 GMT
pixel
protected-by.clarium.io/ Frame E82C 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bXVaMnE1ZEJsQWV3cl9MRWhERlYyUjBRLWJVLzMyMzI0MjA3NjI6MzM2eDI4MA==&v=5&s=v31hbgac2p9&id=eyJkZnAiOnsiYWQiOjUzMzc0Nzk4ODYsImMiOm51bGwsImwiOjAsIm8iOjMyMzI0MjA3NjIsIkEiOiIvMjI5NjAyMTIwOTAsMjIwNzA4OTMyODIvVGVjaGJ1bGxpb25fUzJTX1VwcGVyc2lkZWJhcl9ST1MiLCJ5Ijo2MDE4NzQsImNvIjowLCJzIjoiYnNhLXpvbmVfMTY5NTY0ODQ0Nzg1OC0zXzEyMzQ1NiJ9LCJkc3AiOjIyfQ%3D%3D&cb=9843011&h=techbullion.com&d=eyJ3aCI6ImJYVmFNbkUxWkVKc1FXVjNjbDlNUldoRVJsWXlVakJSTFdKVkx6TXlNekkwTWpBM05qSTZNek0yZURJNE1BPT0iLCJ3ZCI6eyJvIjozMjMyNDIwNzYyLCJ3IjoiMzM2IiwiaCI6IjI4MCJ9LCJ3ciI6Mn0=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.213.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 83F7 		55 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
57afe1506ced39a9a79049d7c9758d24dcde144e9d09f647f9d521cc4e183746
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 11:14:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=MC4WyGnhQQHg7_W-TaGzE7xxmG75AO_QHmG0wbne931cwE9U8tW9gT58K2dzoc22iZojzdSAWUe93aRRw2Y4PbOB7dCzhhNdjh7TkrhNbLLnvAJFDcPY_AIcQG8mjaL8teYNkikxwnXN6yYqQBLN1IyKMfeZhNUtTaW89bS8kRc_ZCgNb8L1b4zFKeI_CnTFNPeQSZyJpP0pobaEjprB0UlkxZV1nyjtHYtc0hq1FFx-fTBDcBk0oi64-crHUIudLqrvQQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2619558
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 5B41 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
7762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 09:05:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AB3E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 30 Sep 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 5B41 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame 5B41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-sTGX4sAbcagDh8Io-tauXgu_hLta0TRqqkGj_hoJ_k1oWVMjg_n7rA2f5nyT8vH8ZOGmlK09quiIYS7q_LYYxXj9EQ
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5B41 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Sep 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5B41 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 11:14:52 GMT
pixel
protected-by.clarium.io/ Frame 5B41 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bXVaMnE1ZEJsQWV3cl9MRWhERlYyUjBRLWJVLzMyMzI0MjA3NjI6MzAweDYwMA==&v=5&s=v31hbgac2r2&id=eyJkZnAiOnsiYWQiOjUzMzc0Nzk4ODYsImMiOm51bGwsImwiOjAsIm8iOjMyMzI0MjA3NjIsIkEiOiIvMjI5NjAyMTIwOTAsMjIwNzA4OTMyODIvVGVjaGJ1bGxpb25fUzJTX0xvd2Vyc2lkZWJhcl9ST1MiLCJ5Ijo2MDE4NzQsImNvIjowLCJzIjoiYnNhLXpvbmVfMTY5NTY0ODQ5OTI5Ni03XzEyMzQ1NiJ9LCJkc3AiOjIyfQ%3D%3D&cb=2754071&h=techbullion.com&d=eyJ3aCI6ImJYVmFNbkUxWkVKc1FXVjNjbDlNUldoRVJsWXlVakJSTFdKVkx6TXlNekkwTWpBM05qSTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjozMjMyNDIwNzYyLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.213.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-213-154.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8632 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8632 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8632 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8632 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:52 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 8632 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=sXRgLGuWM48oJQBk_UEoVyipImrBHjCt4qDT4kMJa7mBU6ypxahE4QWlxYlvU9YZAQdnN3m-5hVR6_Io_MALKmC7kH9YlTKpH8_2ruIsUvQ7aoCN8BQsIiCgEf4aKyPZ4y0RplxHGjs31vVqSINPFx4OY9q-9FC5fv8JmPKHjPHzBoGQaBivpLW2wxd9Nu-74ZV-XL9AxvsDrZBdj9Zs6gP4hqBSNWEC_W112_Yzs7vBGiDzlF-ojeFQo6TL2OgYl_4zuBISe5tCifneiS5UmXytz2nXNUr-lEbNuF9_S9hKC0lqPVvKmJ8QnMPi7m2cMaBAKhmPSL8vOzRrEeBgVOdAvjgz_JX4eKg-8g3u-ZsGgqwLUCAO78GOy2o9ehpVo4sgb-ChqhgkiTUQQbTGv-wfGCd9K3ch0czV28uNvLs5IiLyGvs6pbBpq4UOjK3f7ikv6g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2732913
expires
Mon, 26 Jul 1997 05:00:00 GMT
e2e899b75a834fbab06a126224102313_image_ad_970x90.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame 8632 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/e2e899b75a834fbab06a126224102313_image_ad_970x90.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
84668247ec45d9e497720cf6a3c7a8ae586cdecc4e1f6802540dbce06728c349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f7-cebf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
52927
expires
Mon, 23 Sep 2024 11:14:52 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
75c62e82f74bd25345dc7a5f8e4d286a64916d81ef047b956a18b554146a8606

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://techbullion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9012 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9012 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9012 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9012 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:52 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 9012 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=yMwjc0N-lqGZJlJdy2CTm2J1Adoz-3Zv0is6K_vcexSlTuKo9T-TD0oy_OwhVVinvd9UDBYvk5bszwXMcMWHxbcahoL1zAffOxoGPu3PYIyJeM1vQwGL5eDnmaVkMgflezB2zfVoqTserFttCBF52F3o6gbTJWC3URGltnNz_Jo2KYzyLOeRtwoGwfSG329o5l4M_4ZqzZmrR47GvlyHGQseN5EQyssimvr0px1MZpGQalIhnLPymyTLGRqBButTAVjD0VXIU1VQmtNfJgdM0VUoG7Grkkr5gcM3P2GvyEgooK7xM7IJfOLvP68Fgqd6jJwVoxlzraRhOaeevANFxkTUDbZCgVPLgiHvIeg6XDXProKh6LVQ4jXabbVc0OyHCVMbwL8IZ_5iwCeGGsdLmB230qq8q4L3zC7n0f93doJSRvYCuA7jYako_m5mcpCk2d2ddA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2224433
expires
Mon, 26 Jul 1997 05:00:00 GMT
2a9f70062f4a4ed6901a5ae42c8805a2_image_ad_970x250.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame 9012 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/2a9f70062f4a4ed6901a5ae42c8805a2_image_ad_970x250.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0276a27e67bdbc6bb0c57fe00eb45ddf79382623d4218e3f246b89ba9116b5c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f7-17efb"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
98043
expires
Mon, 23 Sep 2024 11:14:52 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 194C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 194C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 194C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 194C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:52 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 194C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=uOjBEkN-lqGZJlJdy2CTm2J1AdpV5BRua07bHtqvjZ3bMo9dzywyYhS8IZzBXQ3Z9dKQDIO5bN09pGVAdPKXJD0yFZM_sO2xVvyJka6C9UV0D4K6bhYWRulRKYtXdixNaaK4oY5cjF928K8mYo_jnnGKpssh4sc3aEFnzydjPKQxVq9VhgMll2bALmozbjzxyfB1ix8jyqVEaWbkf8cjvgFv5Z4A0HGB9eF9I9jFK5o1LFFaNclfvOZGg1A9-rKSvIBZ9rnz7ZyZPgnvnkac5quKTzZQQLCSNPwxuqOo5beuuypsYkMe2oPl2F-zjf5_HhrB8xr5Z2lEZhhPnos7kwK2YVN51W01ASuTAgaEHT6GLIHeVSpvGO_Bv8M1lcOYU94dk97QSQhg5Ko1uVi25PDdKoU7G9WGT6hzvCWkP-N2dZevOx_O-Hr8utVa701kZGAzSg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2295690
expires
Mon, 26 Jul 1997 05:00:00 GMT
2a9f70062f4a4ed6901a5ae42c8805a2_image_ad_970x250.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame 194C 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/2a9f70062f4a4ed6901a5ae42c8805a2_image_ad_970x250.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0276a27e67bdbc6bb0c57fe00eb45ddf79382623d4218e3f246b89ba9116b5c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f7-17efb"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
98043
expires
Mon, 23 Sep 2024 11:14:52 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 782F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 782F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 782F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:53 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 782F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:53 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 782F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0_1QGf6Ti2WFjV803WoWkZUmQL7i7x-YmTVq8CpHFnvd9U5MrAgmSTx_WhvMGOhQ49J15Jxax84unGKbzK5ZENtCExGV7-7u_pKmPzzGUa-5pZJZ6QaFmsNj45-v_kMvZxyRpkhgJEqaHhmavMVcb-lyoCEeeFeoT1U-GANnSyOuk29tx3kkRI3dbqPJV3gB3RlelAWeITt9WUDCaAV89cHfzmOd_j8C7UtB-9NRdO2kh7BxPIxHbENtg7vIYYAeVBsmrzM9Hk8d66z6Bns_JHRw8KX19vI4zYgoxZvqXZ9sKn7t4BmbkIuSy2BoqNvXw5HHMY3Jc8gjdodMFD_820zd5QG-aHQhfL3XxJICpdMZZFxTXEKO1qkCERQ5V8P_DGmW4rnlUcpTSjv4l5t9s_cu2ewEsof7t-ZkXg_HojFlwVV1HeRAV-7uztYhScYnfTY4qQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2275945
expires
Mon, 26 Jul 1997 05:00:00 GMT
4de9845dbc3b4002b9397b4dc38aeeb9_image_ad_336x280.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame 782F 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/4de9845dbc3b4002b9397b4dc38aeeb9_image_ad_336x280.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
bfe9b0c81b360f6235931630ab559b1a9912fbd8874e5df4e16866ecf5557d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f5-11725"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
71461
expires
Mon, 23 Sep 2024 11:14:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FC39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=2227620224526580&rc=05AFIN4vcskJmVrGmxGTkDNn_O0Um7nTcowKL9lhQ5g27lkQoxQDN8DtYxrbeQKVW3sTChxYLrmkvfJ95NP8y_AaLXLUar1-xDSZZXycdfdw-jgfJU5ttCk2GcXQ5AQqwMG5_E8XgVUHCJSH0QjaAgsiWT-PcrMtgUpDqKP9CQxt23XmIrV8T0lhxy4ln18ZdeUsHTGjVk0E-9WYZo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 5D64
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=techbullion.com&sn=ChromeSyncframe&so=0&topUrl=techbullion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=IrUxHHxDcC92L3luNU93b3AwOTdjUTFWWEpqVnJmc1FieFlaK0xuVGRPelBReUdRZkFwWUxTWEI1OW53UnlxVFNZa0x5eXZFVHZXL1orU2ZDQzBpSmJpQ3Mrc09FKzVlbEl0MERUTTAxenhpRFdiWFVlbytlVmVodDN3am...
438 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IrUxHHxDcC92L3luNU93b3AwOTdjUTFWWEpqVnJmc1FieFlaK0xuVGRPelBReUdRZkFwWUxTWEI1OW53UnlxVFNZa0x5eXZFVHZXL1orU2ZDQzBpSmJpQ3Mrc09FKzVlbEl0MERUTTAxenhpRFdiWFVlbytlVmVodDN3amc1UXRwUFdxcnE5dm1FZi83VDNUTmRhNFlUdmNvS0ZReWhnbmh3bmttR2d6UHdzaHNFT2lEMVFtMnpqSkkvTGJhd2U0ZkxXdEppNHhQK3VtV2ZDdU1FYURmaytJelBwK0tCYjNwSjVJdFZxM3dmb2xxSEF0VU5qTHhCejV2VGZRWlRnQmRDTXJIL2I2SmNack8wUWE1QUpTWUlpUzVORURjQlpqMWxSWUtyTEdqY0pmUU9NOD18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f4beaaff0b17616867738a381039ce7aa505fde1567d5755ec61c3786ebfd51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1091980
expires
0

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=IrUxHHxDcC92L3luNU93b3AwOTdjUTFWWEpqVnJmc1FieFlaK0xuVGRPelBReUdRZkFwWUxTWEI1OW53UnlxVFNZa0x5eXZFVHZXL1orU2ZDQzBpSmJpQ3Mrc09FKzVlbEl0MERUTTAxenhpRFdiWFVlbytlVmVodDN3amc1UXRwUFdxcnE5dm1FZi83VDNUTmRhNFlUdmNvS0ZReWhnbmh3bmttR2d6UHdzaHNFT2lEMVFtMnpqSkkvTGJhd2U0ZkxXdEppNHhQK3VtV2ZDdU1FYURmaytJelBwK0tCYjNwSjVJdFZxM3dmb2xxSEF0VU5qTHhCejV2VGZRWlRnQmRDTXJIL2I2SmNack8wUWE1QUpTWUlpUzVORURjQlpqMWxSWUtyTEdqY0pmUU9NOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
275316
content-length
0
expires
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 83F7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 83F7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 83F7 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 23 Sep 2024 11:14:53 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 83F7 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 23 Sep 2024 11:14:53 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 83F7 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zdn9J8Y05qag_bTTP79udlk-QxxbSOOuCHBG7JMRgYFgjbvc0db0hHhPSc0ZP19Ijk2NDIansfHVg1fuUeSuT1Vl_poaKA7UEIQ7D3btwZH_txba45AVYxwUHMn6h1mQE-UTwbGyZInxuw1fsFQz7wtfrin3Hy45bCcsFrRXSF1nPYafrnQF46mXuCa9GoiOHxq98xS4VnUxopLAZBDh5F7TKe1ghCWiFIeumdBNK-SRD3AJAR3oY1ydwC6CwLN-S434zv16litVZvp-KDqzTlHs79GcQ1XfKHLZEbvwxyCEhpZiycW4jtl401osofIcGhNgfJq6Tgqw3vVPyCOyvWA1ViGc4XbAw_MSvEg45luvbNLZt4rLb_paO2WBODHK4kHTyUImnkaqz_FqD88DbjVgV72fydbBWgpLEACj-xB5ppASFwiNHOBRqM6Z1GA39TnzAA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2137379
expires
Mon, 26 Jul 1997 05:00:00 GMT
cf7bd23d305241dd94a45ac5515c87d0_image_ad_300x600.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame 83F7 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/cf7bd23d305241dd94a45ac5515c87d0_image_ad_300x600.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8899aad3ca8863fd7d1a05a6d202e17053ad6f7ffe21a3d51d8f74150a9ff4b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f3-16ecc"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
93900
expires
Mon, 23 Sep 2024 11:14:53 GMT
i.match
a.tribalfusion.com/ Frame 17C9 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEJ_Uyy2lIKu1xPFrQ7OjOu4&google_cver=1&google_push=AXcoOmQC-qivGDNB_Jg0I2j_GGz9g7tV8NIBoATroP00YhMsTxwz1NryLW8fWuevtLNfh5Bv-ofLiMlFbjf9sZJYwDGucwuOBL0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQC-qivGDNB_Jg0I2j_GGz9g7tV8NIBoATroP00YhMsTxwz1NryLW8fWuevtLNfh5Bv-ofLiMlFbjf9sZJYwDGucwuOBL0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
80e3ce195d2c2c4e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 17C9
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHxWEHIpuPtTKlIdEtgEMBo&google_cver=1&google_push=AXcoOmRUTIN179DFp3swcF8QXuU3aLKkuz4tikAzoQMVwgSSdMQAwzSgVcNEgc9CXbK0GPg329k9G-YWKBrvQKsm...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zfH4raHVSJ8me9DJzrovfg&google_push=AXcoOmRUTIN179DFp3swcF8QXuU3aLKkuz4tikAzoQMVwgSSdMQAwzSgVcNEgc9CXbK0GPg329k9G-YWKBrvQKsmtoyhcHo7c7-C
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zfH4raHVSJ8me9DJzrovfg&google_push=AXcoOmRUTIN179DFp3swcF8QXuU3aLKkuz4tikAzoQMVwgSSdMQAwzSgVcNEgc9CXbK0GPg329k9G-YWKBrvQKsmtoyhcHo7c7-C
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 29 Sep 2023 11:14:53 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zfH4raHVSJ8me9DJzrovfg&google_push=AXcoOmRUTIN179DFp3swcF8QXuU3aLKkuz4tikAzoQMVwgSSdMQAwzSgVcNEgc9CXbK0GPg329k9G-YWKBrvQKsmtoyhcHo7c7-C
x-host
tde-deliveryengine-production-8b9d7bc7f-66jzb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 17C9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7uPldrInTGWNaETL-ajDrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7uPldrInTGWNaETL-ajDrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQAJmon1slDYX27wpw7ZKXHA3uHluMl22i_RLnKqSHEZFSoFsSrsfpNaR_UMgzcKV6xA4kaGugtQXoyL_Rv1ePPa48OyDQz
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7uPldrInTGWNaETL-ajDrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQAJmon1slDYX27wpw7ZKXHA3uHluMl22i_RLnKqSHEZFSoFsSrsfpNaR_UMgzcKV6xA4kaGugtQXoyL_Rv1ePPa48OyDQz
date
Fri, 29 Sep 2023 11:14:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 17C9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF_NYE8LqUUKprlMaVf4Yco&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEF_NYE8LqUUKprlMaVf4Yco&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEF_NYE8LqUUKprlMaVf4Yco&google_hm=ZRaxrWMr-2kMIn5w9Z6S6AAADToAAAAB&google_nid=index&google_push=AXcoOmRQIP4rPvjcdyVdwaGv0xQN-IQ9M6qfj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEF_NYE8LqUUKprlMaVf4Yco&google_hm=ZRaxrWMr-2kMIn5w9Z6S6AAADToAAAAB&google_nid=index&google_push=AXcoOmRQIP4rPvjcdyVdwaGv0xQN-IQ9M6qfjqs1R78PUD-dROO0sa9wSgzTodYLZrsD2TU81NEhzTzlkXOWjr5U-NmJGtxJ494_
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCYJewpnnjUuifUz96XP4Vv0Iqlj9czQhvZF%2Fktlki4rR4Ow9R1TH%2FbnVBF6IxjsZW5KdEM0CmoQayQ25cV5s59qrML%2FYStFhn3MxAAEbIUy6tWTrZtSkuxpF%2F%2FGvpLP9qMwbXyCQ%2FELJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEF_NYE8LqUUKprlMaVf4Yco&google_hm=ZRaxrWMr-2kMIn5w9Z6S6AAADToAAAAB&google_nid=index&google_push=AXcoOmRQIP4rPvjcdyVdwaGv0xQN-IQ9M6qfjqs1R78PUD-dROO0sa9wSgzTodYLZrsD2TU81NEhzTzlkXOWjr5U-NmJGtxJ494_
cache-control
no-cache
cf-ray
80e3ce1aec032c16-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
ads-user-sync
www.tumblr.com/ Frame 17C9
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJdXO9D4Q9Ar_dhFV-bODlM&google_cver=1&google_push=AXcoOmSd5S-HzsuMItbZ2mWyE2ipTzdK_wxSu-_EkwH_hP6HD8SIFowCxM-3smFdf_P8Sxffa6qOAAJy5-si7ct9...
  • https://www.tumblr.com/ads-user-sync?partner=smaato&uid=19ef7b318a&gdpr=0&gdpr_consent=
70 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tumblr.com/ads-user-sync?partner=smaato&uid=19ef7b318a&gdpr=0&gdpr_consent=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-wxWdMSICechVaWBmnMH7mjITwI'; object-src 'none'; worker-src blob:; base-uri 'self';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
ams 1
date
Fri, 29 Sep 2023 11:14:53 GMT
content-security-policy
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-wxWdMSICechVaWBmnMH7mjITwI'; object-src 'none'; worker-src blob:; base-uri 'self';
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; preload
x-frame-options
deny
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
content-type
image/png
x-rid
e9ba9f32968273df411f721ee95a8b51
content-length
70
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

date
Fri, 29 Sep 2023 11:14:53 GMT
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://www.tumblr.com/ads-user-sync?partner=smaato&uid=19ef7b318a&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
y9JOtdh5cv1bpi5JMDeQEFMEmczHsCwurFKzqvp31pL4EowI6DpIYA==
pixel
cm.g.doubleclick.net/ Frame 17C9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEGUj8tl40eLu5FGTjP_Po6k&google_cver=1&google_push=AXcoOmT4Sf0WHiGVuZJGB_ydkPBkTRsKXv_839pddNVNDxjHhbsxOomPj5dAdu9Wm-6afhnEJ_pLg...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEGUj8tl40eLu5FGTjP_Po6k&google_push=AXcoOmT4Sf0WHiGVuZJGB_ydkPBkTRsKXv_839pddNVNDxjHhbsxOomPj5dAdu9Wm-6afhnEJ_pLg...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT4Sf0WHiGVuZJGB_ydkPBkTRsKXv_839pddNVNDxjHhbsxOomPj5dAdu9Wm-6afhnEJ_pLgrGdLMnnPHpJ5G6HI-SMRX9nvg&google_hm=cHZGQlVDblFUOW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT4Sf0WHiGVuZJGB_ydkPBkTRsKXv_839pddNVNDxjHhbsxOomPj5dAdu9Wm-6afhnEJ_pLgrGdLMnnPHpJ5G6HI-SMRX9nvg&google_hm=cHZGQlVDblFUOWRpNEJ0WGpOc2Y=
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT4Sf0WHiGVuZJGB_ydkPBkTRsKXv_839pddNVNDxjHhbsxOomPj5dAdu9Wm-6afhnEJ_pLgrGdLMnnPHpJ5G6HI-SMRX9nvg&google_hm=cHZGQlVDblFUOWRpNEJ0WGpOc2Y=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
242
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 17C9
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED_s85JaP...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
date
Fri, 29 Sep 2023 11:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 17C9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JuvizCmN5Z4K5e29_45dgsmTaX_XzBqQ2I2FchIswKSFTbwO_uf7QzsSVuiGXK6Tx8N0fKzfk
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.eu.criteo.net/ Frame 8632 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=55aQv2nhQQHg7_W-NvkkjEFowRf9nd_IBObtIz0_hqowuCzIFcSD4HXjKlCYNbd5l0397mbqwU6KWFBUIBONGXNX3fUQbcho4KGgoPMRy-MW06fpPKVPLDaMA5a0ew_tG70txuFjV-ouSYn0p2ZlJRH2T9PMKLAkL9gqpFGc7wnjay03Ua7g5ZC_H9vrq68cfowsD_e5hIb8rXb1B-E7daEfBMnqLFBgXyx4cJSLKfse1uiKPEDKWg8g4sf_Hsyvh5J6hA&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8632 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8632 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
pixel
cm.g.doubleclick.net/ Frame 13EC
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEIFm5QwNT5LZJ1qfS_c9bgA&google_cver=1&google_push=AXcoOmSEnxvTGS5dEAZ6ZoGxKheu1fC9VaoEjkJ8J88jzyGVgpE1Ukky-L6zqI6SsWKAZJw7CIXKiOIOM3tuIpyCbHKp6dQz324y
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WmVJeHl2NUpDZkNOSjZjRXJiRVdaUQ%3D%3D&google_push=AXcoOmSEnxvTGS5dEAZ6ZoGxKheu1fC9VaoEjkJ8J88jzyGVgpE1Ukky-L6zqI6SsWKAZJw7CIXKiOIOM3tuI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WmVJeHl2NUpDZkNOSjZjRXJiRVdaUQ%3D%3D&google_push=AXcoOmSEnxvTGS5dEAZ6ZoGxKheu1fC9VaoEjkJ8J88jzyGVgpE1Ukky-L6zqI6SsWKAZJw7CIXKiOIOM3tuIpyCbHKp6dQz324y
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 29 Sep 2023 11:14:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WmVJeHl2NUpDZkNOSjZjRXJiRVdaUQ%3D%3D&google_push=AXcoOmSEnxvTGS5dEAZ6ZoGxKheu1fC9VaoEjkJ8J88jzyGVgpE1Ukky-L6zqI6SsWKAZJw7CIXKiOIOM3tuIpyCbHKp6dQz324y
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
243
pixel
cm.g.doubleclick.net/ Frame 13EC
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRUOmFjnNzPFNbV79UkxW5VvDJPiltC5UZwIPdWk5rRyRhBtF6ofz2SHP5FrGAtN1y4Nu4KH0DnC6...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRUOmFjnNzPFNbV79UkxW5VvDJPiltC5UZwIPdWk5rRyRhBtF6ofz2SHP5FrGAtN1y4Nu4KH0DnC6vW6KMGaInIWWJ44wE&google_hm=eead468c-f96a-4fd1-8bc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRUOmFjnNzPFNbV79UkxW5VvDJPiltC5UZwIPdWk5rRyRhBtF6ofz2SHP5FrGAtN1y4Nu4KH0DnC6vW6KMGaInIWWJ44wE&google_hm=eead468c-f96a-4fd1-8bc5-e3d78d798a1a
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-56
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRUOmFjnNzPFNbV79UkxW5VvDJPiltC5UZwIPdWk5rRyRhBtF6ofz2SHP5FrGAtN1y4Nu4KH0DnC6vW6KMGaInIWWJ44wE&google_hm=eead468c-f96a-4fd1-8bc5-e3d78d798a1a
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 13EC
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM6StkY6Tz6zEhvEwmcagCo&google_cver=1&google_push=AXcoOmQF1VkNzFfPUHb-yxhtQqy8c3wCtbcVEgpCGgA98bpAcLu6_y8HwepESsR58rUJ_IiATds5LFmwM2P_hyiDWCL93Qdht95p
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmQF1VkNzFfPUHb-yxhtQqy8c3wCtbcVEgpCGgA98bpAcLu6_y8H...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmQF1VkNzFfPUHb-yxhtQqy8c3wCtbcVEgpCGgA98bpAcLu6_y8HwepESsR58rUJ_IiATds5LFmwM2P_hyiDWCL93Qdht95p
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE4NDEzMTg0NzM3NTMxODQ0NTkyMQ%3D%3D&google_push=AXcoOmQF1VkNzFfPUHb-yxhtQqy8c3wCtbcVEgpCGgA98bpAcLu6_y8HwepESsR58rUJ_IiATds5LFmwM2P_hyiDWCL93Qdht95p
date
Fri, 29 Sep 2023 11:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
0.gif
id5-sync.com/i/495/ Frame 13EC
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEI1VMYloraih76B-J_Zzlwc&google_cver=1&google_push=AXcoOmStlCSKK9lgvbH_dR2yZqXv8Sj-wLgx5oTZ8haWlnKeq_jh8qgEbaUWK5VacR61MVjTN0iM0mf7FHhzpUvB4Z8KUfPl2-Qoyg
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmStlCSKK9lgvbH_dR2yZqXv8Sj-wLgx5oTZ8haWlnKe...
43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmStlCSKK9lgvbH_dR2yZqXv8Sj-wLgx5oTZ8haWlnKeq_jh8qgEbaUWK5VacR61MVjTN0iM0mf7FHhzpUvB4Z8KUfPl2-Qoyg
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmStlCSKK9lgvbH_dR2yZqXv8Sj-wLgx5oTZ8haWlnKeq_jh8qgEbaUWK5VacR61MVjTN0iM0mf7FHhzpUvB4Z8KUfPl2-Qoyg
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
report
sync.teads.tv/um/ Frame 13EC
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGWhat9QX4sB...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzI1Y2E0NTgtYTZkOS00OWFmLThiN2QtMjA2MmFlZDE0NDMy&google_push=AXcoOmQ3tlYVFYGSYc0ttMh7myc0vwymLY5s8cofVT5XNIXu--AEffKsXJN2jJcEtcS2B...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 29 Sep 2023 11:14:53 GMT
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 13EC
Redirect Chain
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEHzjvEnTjtKP9GJ4xHSHW0E&google_cver=1&google_push=AXcoOmR80EBBEf9MuNjCTKJ0aJbKPP0YQVUH4CaogiyUMTgV15LRQoGCicVUNp_wUVeoV0TrLq6Fz2AAEl6Ao-T-XBRn...
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEHzjvEnTjtKP9GJ4xHSHW0E&google_cver=1&google_push=AXcoOmR80EBBEf9MuNjCTKJ0aJbKPP0YQVUH4CaogiyUMTgV15LRQoGCicVUNp_wUVeoV0TrLq6Fz2AAEl6Ao-T-XBRn...
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=N2FjNWU0NDc0YzA1OTJiZA&google_push=AXcoOmR80EBBEf9MuNjCTKJ0aJbKPP0YQVUH4CaogiyUMTgV15LRQoGCicVUNp_wUVeoV0TrLq6Fz2AAEl6Ao-T-XBRnm81...
  • https://sync.gonet-ads.com/match/google
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=N2FjNWU0NDc0YzA1OTJiZA&google_push=
  • https://s0.2mdn.net/dot.gif?google_error=5
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_error=5
Protocol
H2
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:32:04 GMT
x-content-type-options
nosniff
age
49369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Sep 2023 21:32:04 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 13EC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmTEag7zcUlvk...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE3MDM3MjUyOTgyNjQ1MTkxNQ%3D%3D&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmTEag7zcUlvknWiqPunsytJxzasIb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE3MDM3MjUyOTgyNjQ1MTkxNQ%3D%3D&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmTEag7zcUlvknWiqPunsytJxzasIbonrsp_BgJ1_XXuFHv54Erg16tV-pUIKWl7xQvf9LOHECHcnbMqVxKGnUGAmUWqgfS-Zw
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
an-x-request-uuid
0a2ff99b-1e86-4a39-8ced-d40397c60db1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE3MDM3MjUyOTgyNjQ1MTkxNQ%3D%3D&google_gid=CAESECgG6k5Aw-FSDQqlgR9UjWg&google_cver=1&google_push=AXcoOmTEag7zcUlvknWiqPunsytJxzasIbonrsp_BgJ1_XXuFHv54Erg16tV-pUIKWl7xQvf9LOHECHcnbMqVxKGnUGAmUWqgfS-Zw
x-proxy-origin
195.206.105.130; 195.206.105.130; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 13EC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IodvbyVTr2-trEpvk7-HwlAML5hNLuhPuc18hd8ibav-cpBYf_6Zv9T-yZ5N18hjZFRPpNrSKL7w
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.eu.criteo.net/ Frame 9012 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=zwegN2nhQQHg7_W-CcoKvHtGm8m3O157kLDZE04BAPRc_ea72ejS_SKeMNg94gmvgpHV-1comtE_41R8rmI6cMvaH9t0AXAyeLw-TA6qoZfU9yEFF1WWzSsbqAbsfPyPMXQtWBDv6S_nHkODq1GKCVMIZSyOZF4R4IWfXuLfuO_QGI83gJ-x_kDvdIUvsLyccUAtxbZyxWKY07-p1XBe21qE4-fLiD_-2WBHL19BkhKbpRulsQKvXk1e3DUXfrZ53srcqfE0hxZ2xiET&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9012 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9012 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
pixel
cm.g.doubleclick.net/ Frame 75FD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlJheHF3QVQ3MlQ3NHdBTg==&google_gid=CAESEOd6rldHWNiftU5LrbZOV_0&google_cver=1&google_push=AXcoOmRSpkrqyq9yKDt2di-P7BOXa6KfMn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlJheHF3QVQ3MlQ3NHdBTg==&google_gid=CAESEOd6rldHWNiftU5LrbZOV_0&google_cver=1&google_push=AXcoOmRSpkrqyq9yKDt2di-P7BOXa6KfMn3Chcl-LgNCtL02EhwzfnbLQBCMYWSMcNdG7yuFyL66jrRY4QQpRoXtKu7yySQXv4GS
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230083-FRA
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1695986093.049225,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlJheHF3QVQ3MlQ3NHdBTg==&google_gid=CAESEOd6rldHWNiftU5LrbZOV_0&google_cver=1&google_push=AXcoOmRSpkrqyq9yKDt2di-P7BOXa6KfMn3Chcl-LgNCtL02EhwzfnbLQBCMYWSMcNdG7yuFyL66jrRY4QQpRoXtKu7yySQXv4GS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 75FD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDGgFuFgRVhPJANumbvagB0&google_cver=1&google_push=AXcoOmRC6HHCldhjIoLyL6HBPQ23dSZATKQhcAuOcuzHEZzpDyi0f8la_slaE024dgucH_di9Oe1SlppizrZY4...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NDIwNDgwMzkwOTQ4MjY1MA%3D%3D&google_push=AXcoOmRC6HHCldhjIoLyL6HBPQ23dSZATKQhcAuOcuzHEZzpDyi0f8la_slaE024dgucH_di9Oe1SlppizrZY4HIkm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NDIwNDgwMzkwOTQ4MjY1MA%3D%3D&google_push=AXcoOmRC6HHCldhjIoLyL6HBPQ23dSZATKQhcAuOcuzHEZzpDyi0f8la_slaE024dgucH_di9Oe1SlppizrZY4HIkmdforaWkFyF
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NDIwNDgwMzkwOTQ4MjY1MA%3D%3D&google_push=AXcoOmRC6HHCldhjIoLyL6HBPQ23dSZATKQhcAuOcuzHEZzpDyi0f8la_slaE024dgucH_di9Oe1SlppizrZY4HIkmdforaWkFyF
Date
Fri, 29 Sep 2023 11:14:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 75FD
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEAhMpj8yce3sHYwDnbTcETQ&google_cver=1&google_push=AXcoOmSOy5ImsSEMxNel51kjMEJ7s98U8oZCYlOvvjOlx_mJCVG7Oz0f9y_aiBUnF-h6L9j645a1-eBXQvy9o5dxF_-rrmeVC_W7
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=833851377664&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=833851377664&us_privacy=1---
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=833851377664&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 75FD
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJ3EQV4Re5FR4KW-GJQIrcU&c_param1=AXcoOmSqIeYDJjlJXF4LaaLtcIxSon9yo8-d4uvhdEc1DHW8llWTuco5U4kxP3y6wMXkwQLOvCSIP12JFZLkhZWKU7ls29y19wbH&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSqIeYDJjlJXF4LaaLtcIxSon9yo8-d4uvhdEc1DHW8llWTuco5U4kxP3y6wMXkwQLOvCSIP12JFZLkhZWKU7ls29y19wbH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSqIeYDJjlJXF4LaaLtcIxSon9yo8-d4uvhdEc1DHW8llWTuco5U4kxP3y6wMXkwQLOvCSIP12JFZLkhZWKU7ls29y19wbH
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSqIeYDJjlJXF4LaaLtcIxSon9yo8-d4uvhdEc1DHW8llWTuco5U4kxP3y6wMXkwQLOvCSIP12JFZLkhZWKU7ls29y19wbH
date
Fri, 29 Sep 2023 11:14:53 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 75FD
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELZyexuVpUPLVlbG-zPvuhw&google_cver=1&google_push=AXcoOmTzknu9eYBxsyYa5PIqofpQzTpKY5z2v9Bnaob9DMqWo3oFn4rVfu-RG7aBbSEeVrh4LY9hO...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTzknu9eYBxsyYa5PIqofpQzTpKY5z2v9Bnaob9DMqWo3oFn4rVfu-RG7aBbSEeVrh4LY9hOvfPifBmrINe3TnyzjCFQKGt&google_hm=WlJheHJjQ28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTzknu9eYBxsyYa5PIqofpQzTpKY5z2v9Bnaob9DMqWo3oFn4rVfu-RG7aBbSEeVrh4LY9hOvfPifBmrINe3TnyzjCFQKGt&google_hm=WlJheHJjQ284WG9BQU9yS1hWOEFBQUFB
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 29 Sep 2023 11:14:53 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESELZyexuVpUPLVlbG-zPvuhw&google_cver=1&google_push=AXcoOmTzknu9eYBxsyYa5PIqofpQzTpKY5z2v9Bnaob9DMqWo3oFn4rVfu-RG7aBbSEeVrh4LY9hOvfPifBmrINe3TnyzjCFQKGt","cluster_id":0,"gdpr":false,"ipv4":"195.206.105.130","key":"ZRaxrcCo8XoAAOrKXV8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40004"}
X-SO-Key
ZRaxrcCo8XoAAOrKXV8AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40004
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTzknu9eYBxsyYa5PIqofpQzTpKY5z2v9Bnaob9DMqWo3oFn4rVfu-RG7aBbSEeVrh4LY9hOvfPifBmrINe3TnyzjCFQKGt&google_hm=WlJheHJjQ284WG9BQU9yS1hWOEFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40004.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-IP
195.206.105.130
pixel
cm.g.doubleclick.net/ Frame 75FD
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEBJVUvGHDxnZVt94d-uJWw0&google_cver=1&google_push=AXcoOmQ8m6R-f0MptvB7wUWZ6NVvN94a2Pqtx_yLFJqRWBPwsWx2akql4...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ8m6R-f0MptvB7wUWZ6NVvN94a2Pqtx_yLFJqRWBPwsWx2akql42iFDn1j5YGofktcj47YzeMHbSKgWqv7KRXUH7euVrOk&google_hm=QlMuYmRkOC1jMmEwLT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ8m6R-f0MptvB7wUWZ6NVvN94a2Pqtx_yLFJqRWBPwsWx2akql42iFDn1j5YGofktcj47YzeMHbSKgWqv7KRXUH7euVrOk&google_hm=QlMuYmRkOC1jMmEwLTQ2ODctOWE2Yw==
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ8m6R-f0MptvB7wUWZ6NVvN94a2Pqtx_yLFJqRWBPwsWx2akql42iFDn1j5YGofktcj47YzeMHbSKgWqv7KRXUH7euVrOk&google_hm=QlMuYmRkOC1jMmEwLTQ2ODctOWE2Yw==
Date
Fri, 29 Sep 2023 11:14:53 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
report
sync.teads.tv/um/ Frame 75FD
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGWhat9QX4sB...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzI1Y2E0NTgtYTZkOS00OWFmLThiN2QtMjA2MmFlZDE0NDMy&google_push=AXcoOmS-xhLjb0xVlYUcG_HxuvQnPaJgQJTZ9Zf58byQ-8sP53wf54Qkg9SgpdkZDcDKg...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 29 Sep 2023 11:14:53 GMT
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 75FD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfM-TN8q0SfnvASIvBvfEhfh6W2Uf6Qq7n8Lr5h2dYLR3gMKFDi40EtNd96mVunaImFeqNT0o
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.eu.criteo.net/ Frame 194C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Cec1AGnhQQHg7_W-CJIfYyCYPMLZ936CzbTxtuxrcdm8DpAT1znzGGF-3RtULEEmaMwMfHtoIA7lZ4vV1BdA9jxJFNiggbkhpuUTpR4N__6A4gOI8kVPXKoYtj8YlRkzpqFSW0XftxhVDju5GQPp_0Yq6FYz0Z_9sX0Ne90kxFLJjMnUJvq1DJCp-E6L606ZDRaU0wuLUSjIdIcwd6v73CHQfIlJcZojIsViGr55tf4pNcL6sjDAhklRpiDPm1_C-kv9lA&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 194C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 194C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&u=%7Cvx7rpq5y2m9r9cLIJ6IAT3Lk6d7I%2F6T8ySEpq2s81zU%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVIuviO9wemny5Xk_TVkcMxfwNro2o_rbid4YQX5ZgDvzpKt-rhwlHjlTNmYDmqKC8S4KyEqaTS29OvmjskYqoS_vCdkLz4Mhy39mwWv-2HcxPhVpk-8AavkksT7reWGu25aR-IWEUs84_84afpt8A-hlGA30__7ckRkTNyrL4rFXUsm7HqyWiQOVZ-JAFyxca5j8e2-dRxqSPdCucmm1ixUz5k6UVLXrVPag8u4EpeYOVbMtf4jSscESMzALFht8T_nz2ofo2cMczC3hrkLcIGc8lni1yNxca5_zZ5r-xBbka_aYV4KvSTgXwO6KAjxnvaM-YX8wdlS8iy8FIjG8DKyvfEvVXy4aPeLPdxwdPHsvanIN75pEph0PgyBB3EjWxbh0xwkkp3WDs28BlY2LFs8PQy7vGY4PoDjIFQflT06vpeIv6T8pzO8WgluEXF125LekPUsw30D-NF4yrFKo2MtrqNomVagJA833kPpr9KjLCpNnY_3MgVMFSGtPyStfr3WMPAk7B3e4D-xrr5EU3U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcwhgrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSDA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kadoCOcq9tT1fqO4cKbfz2VCnS6qIfV07lalXFXxclwiBBtXwVMkXz-NqeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2THZ3gGxjhsNavVEiim9jr1DXjiA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame CAD3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Sep 2024 10:19:24 GMT
pixel
cm.g.doubleclick.net/ Frame 3855
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmTUv0shj6lB4Owsf8MnhTahnDIg3j7pX8FgM6Qm1cy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmTUv0shj6lB4Owsf8MnhTahnDIg3j7pX8FgM6Qm1cym0wAE31W1oaToQU6QZ4Xa6UZneMbMrtGt_QU0tHs_zt3xyo25fl5H
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-0848f2daa11a85918@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmTUv0shj6lB4Owsf8MnhTahnDIg3j7pX8FgM6Qm1cym0wAE31W1oaToQU6QZ4Xa6UZneMbMrtGt_QU0tHs_zt3xyo25fl5H
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3855
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEE1H9Lv8tmnYoJC-5EZSuYg&google_cver=1&google_push=AXcoOmSESMIb7yDLS17hIj8o9JIwoaji5aTKCjjr1D7MmN38IbazMevJJ0r7pYuejA2gVkH8S_VGMzknJkCCNk2crf_lTrF4s_gGZA
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Nzk2OEJBMjIyNERFODUwQg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Nzk2OEJBMjIyNERFODUwQg==
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Nzk2OEJBMjIyNERFODUwQg==
date
Fri, 29 Sep 2023 11:14:53 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 3855
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBsjq4ywKph3I9SyGQrqMXU&google_cver=1&google_push=AXcoOmSksEzDf39OIfVLUsZg344QoafKDi32RvmxRhgAXRaZmNhIXs92dgCn5b_kqj5yqt3YU_aJqjtqySJD4BJQ69l0TMI...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBsjq4ywKph3I9SyGQrqMXU&google_cver=1&google_push=AXcoOmSksEzDf39OIfVLUsZg344QoafKDi32RvmxRhgAXRaZmNhIXs92dgCn5b_kqj5yqt3YU_aJqjtqySJD4BJQ69l0T...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSksEzDf39OIfVLUsZg344QoafKDi32RvmxRhgAXRaZmNhIXs92dgCn5b_kqj5yqt3YU_aJqjtqySJD4BJQ69l0TMIR-qRxpA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSksEzDf39OIfVLUsZg344QoafKDi32RvmxRhgAXRaZmNhIXs92dgCn5b_kqj5yqt3YU_aJqjtqySJD4BJQ69l0TMIR-qRxpA
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSksEzDf39OIfVLUsZg344QoafKDi32RvmxRhgAXRaZmNhIXs92dgCn5b_kqj5yqt3YU_aJqjtqySJD4BJQ69l0TMIR-qRxpA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 3855
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmScdT...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xzo0UZqCj0lgdHdCYHYfQcm8SDw-A_esuzO5fA&google_push=AXcoOmScdTDYVnBWOWkBDc81dBwOoHQ_sALsOAbyMEQpW8LZ4a0PrHlbv19q9D6Nla5U7Fd3-5e1L7lpmQct...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xzo0UZqCj0lgdHdCYHYfQcm8SDw-A_esuzO5fA&google_push=AXcoOmScdTDYVnBWOWkBDc81dBwOoHQ_sALsOAbyMEQpW8LZ4a0PrHlbv19q9D6Nla5U7Fd3-5e1L7lpmQcttlZSqrd6Rr4RcvhFuw
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xzo0UZqCj0lgdHdCYHYfQcm8SDw-A_esuzO5fA&google_push=AXcoOmScdTDYVnBWOWkBDc81dBwOoHQ_sALsOAbyMEQpW8LZ4a0PrHlbv19q9D6Nla5U7Fd3-5e1L7lpmQcttlZSqrd6Rr4RcvhFuw
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1593288
content-length
0
expires
Fri, 29 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3855
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB27STdVRjUib1ys0i4rec4&google_cver=1&google_push=AXcoOmTYDYXkOigvximSUS3v06UY1O-znk3aCDgFfSp4jL7fqZjhWn0NK9uRmL_uTTYTQ9BHCfd-Dy2k-YUlZnr...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=knAKLyoyX0tzy3brmzysSMPOaYI&google_push=AXcoOmTYDYXkOigvximSUS3v06UY1O-znk3aCDgFfSp4jL7fqZjhWn0NK9uRmL_uTTYTQ9BHCfd-Dy2k-YUlZn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=knAKLyoyX0tzy3brmzysSMPOaYI&google_push=AXcoOmTYDYXkOigvximSUS3v06UY1O-znk3aCDgFfSp4jL7fqZjhWn0NK9uRmL_uTTYTQ9BHCfd-Dy2k-YUlZnr3uO_lpUIHwzvi3g
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=knAKLyoyX0tzy3brmzysSMPOaYI&google_push=AXcoOmTYDYXkOigvximSUS3v06UY1O-znk3aCDgFfSp4jL7fqZjhWn0NK9uRmL_uTTYTQ9BHCfd-Dy2k-YUlZnr3uO_lpUIHwzvi3g
Date
Fri, 29 Sep 2023 11:14:53 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 3855
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDUA6UT0CID6wTZkGktkMyg&google_cver=1&google_push=AXcoOmTY1G49Fj652b8-TwrwhqujJtsipATKF6KSTu7vEZE1PIR_JrU1140jxL2w_tWcsNWGYuVstwmGMUkT1II4HduLf00G2...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM4OTg3NjkzODQ1NDYzOTAwMFYxMA%3d%3d&mn_hm=MzM4OTg3NjkzODQ1NDYzOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTY1G49Fj652b8-TwrwhqujJts...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM4OTg3NjkzODQ1NDYzOTAwMFYxMA%3d%3d&mn_hm=MzM4OTg3NjkzODQ1NDYzOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTY1G49Fj652b8-TwrwhqujJtsipATKF6KSTu7vEZE1PIR_JrU1140jxL2w_tWcsNWGYuVstwmGMUkT1II4HduLf00G2zvHtw&gdpr=&gdpr_consent=
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:53 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM4OTg3NjkzODQ1NDYzOTAwMFYxMA%3d%3d&mn_hm=MzM4OTg3NjkzODQ1NDYzOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTY1G49Fj652b8-TwrwhqujJtsipATKF6KSTu7vEZE1PIR_JrU1140jxL2w_tWcsNWGYuVstwmGMUkT1II4HduLf00G2zvHtw&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 29 Sep 2023 11:14:53 GMT
pub
cs.chocolateplatform.com/ Frame 3855 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 3855 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGeqDZ6LzNg6vuCe7OfggafaozrzazqEQVjRrxscn2UCQaEu9I7ImBDXxtr_ATD6fXSBxt
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.eu.criteo.net/ Frame 782F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=UnonGmnhQQHg7_W-HEUq4JIENEtLgyIbJFUwh1HYPysxz9kDc8yiJSagByyvT6phRHscJkINxrXdCyV31VMNRuaA0umRVQvyNkgomfjgUaQYRbQenGNuf3neeTbQlTSrfETXZOFeaX45sXWp3qmmUHUvtAbIwM80pVpMpzRMI9BN3HCXnLut6Tqx46qBaMMqBke1b6KnC9XsSYYi-LvoYnclr2EW1Ak4X_NhjdrQpv3971aRvA4jO-MNEy9te3WzA7Jg1A&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 782F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 782F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
pixel
cm.g.doubleclick.net/ Frame AB3E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmRcRGmn-JZuCndVmrl1zbQHiwWULGOu4EIAQCYz7jE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmRcRGmn-JZuCndVmrl1zbQHiwWULGOu4EIAQCYz7jErjxu8Bp_C_BYKin-qoDu58EfCMEbRDcpqNVEyWUloxwimGeg8kJJs7A
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-0f37db6ac3f837baf@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVRCN1lhU08xUU1ic241&google_gid=CAESEFSp_s9xxJgu50SUA2MBE84&google_cver=1&google_push=AXcoOmRcRGmn-JZuCndVmrl1zbQHiwWULGOu4EIAQCYz7jErjxu8Bp_C_BYKin-qoDu58EfCMEbRDcpqNVEyWUloxwimGeg8kJJs7A
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB3E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR_Q7...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xzo0UZqCj0lgdHdCYHYfQcm8SDw-A_esuzO5fA&google_push=AXcoOmR_Q7KKKitX07X1YKXjLQ12f8T7Y195fJm5laQhttimwojbnu1Lqtp6M3m2X9-AGXZ7uAyj1bNDXITr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xzo0UZqCj0lgdHdCYHYfQcm8SDw-A_esuzO5fA&google_push=AXcoOmR_Q7KKKitX07X1YKXjLQ12f8T7Y195fJm5laQhttimwojbnu1Lqtp6M3m2X9-AGXZ7uAyj1bNDXITrHqfTum4x9rM8DZ3Erg
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xzo0UZqCj0lgdHdCYHYfQcm8SDw-A_esuzO5fA&google_push=AXcoOmR_Q7KKKitX07X1YKXjLQ12f8T7Y195fJm5laQhttimwojbnu1Lqtp6M3m2X9-AGXZ7uAyj1bNDXITrHqfTum4x9rM8DZ3Erg
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
597829
content-length
0
expires
Fri, 29 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB3E
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEKgRDwUPfaASfvKHYo5_BsY&google_cver=1&google_push=AXcoOmQjgObyKFaEfOk41VjFc2-WGI85Ojw3vSnU5_wl05988_pbvwOiUjkF3arYoeGms0gqe0LA7G-nXf_9X7lryVcs8Ak...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQjgObyKFaEfOk41VjFc2-WGI85Ojw3vSnU5_wl05988_pbvwOiUjkF3arYoeGms0gqe0LA7G-nXf_9X7lryVcs8AkVaImSpOo&google_hm=OTEzMTU4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQjgObyKFaEfOk41VjFc2-WGI85Ojw3vSnU5_wl05988_pbvwOiUjkF3arYoeGms0gqe0LA7G-nXf_9X7lryVcs8AkVaImSpOo&google_hm=OTEzMTU4MjAyNzY5NzAxMzU0MA==
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQjgObyKFaEfOk41VjFc2-WGI85Ojw3vSnU5_wl05988_pbvwOiUjkF3arYoeGms0gqe0LA7G-nXf_9X7lryVcs8AkVaImSpOo&google_hm=OTEzMTU4MjAyNzY5NzAxMzU0MA==
Date
Fri, 29 Sep 2023 11:14:53 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame AB3E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQceG1F5S8pv2RCwMdHZbQqSJxKGKWoPED_KFnOBQ87Yn_g_96qq5l7X0XUI3zDZEwVcnZrvAsPmtnggvj1fm1RJO5OoYugDQ&google_gid=CAESEAPqRW2vUX7...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAPqRW2vUX7z8lxiSwDfeVg&google_hm=T1BVZWJjODgxYjk3ZDQwNGYxZmJkYTM2NDg2NjZlOGUyMjA&google_nid=opera_norway_as&google_push=AXcoOmQceG1F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAPqRW2vUX7z8lxiSwDfeVg&google_hm=T1BVZWJjODgxYjk3ZDQwNGYxZmJkYTM2NDg2NjZlOGUyMjA&google_nid=opera_norway_as&google_push=AXcoOmQceG1F5S8pv2RCwMdHZbQqSJxKGKWoPED_KFnOBQ87Yn_g_96qq5l7X0XUI3zDZEwVcnZrvAsPmtnggvj1fm1RJO5OoYugDQ
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAPqRW2vUX7z8lxiSwDfeVg&google_hm=T1BVZWJjODgxYjk3ZDQwNGYxZmJkYTM2NDg2NjZlOGUyMjA&google_nid=opera_norway_as&google_push=AXcoOmQceG1F5S8pv2RCwMdHZbQqSJxKGKWoPED_KFnOBQ87Yn_g_96qq5l7X0XUI3zDZEwVcnZrvAsPmtnggvj1fm1RJO5OoYugDQ
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
326
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB3E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEGUj8tl40eLu5FGTjP_Po6k&google_cver=1&google_push=AXcoOmTHDMRSCFdPdIl0CMx3kjdYM0H_-ePV2IRD1zX3JROAioBuT6igzwNayfpHw6Njlf7lqifwj...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEGUj8tl40eLu5FGTjP_Po6k&google_push=AXcoOmTHDMRSCFdPdIl0CMx3kjdYM0H_-ePV2IRD1zX3JROAioBuT6igzwNayfpHw6Njlf7lqifwj...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTHDMRSCFdPdIl0CMx3kjdYM0H_-ePV2IRD1zX3JROAioBuT6igzwNayfpHw6Njlf7lqifwjuMIoGQCU__KQ3RR5ug1AoL3Fg&google_hm=MzF0dDJaZ29QSk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTHDMRSCFdPdIl0CMx3kjdYM0H_-ePV2IRD1zX3JROAioBuT6igzwNayfpHw6Njlf7lqifwjuMIoGQCU__KQ3RR5ug1AoL3Fg&google_hm=MzF0dDJaZ29QSkxKT2Y2WlNTVEE=
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 11:14:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTHDMRSCFdPdIl0CMx3kjdYM0H_-ePV2IRD1zX3JROAioBuT6igzwNayfpHw6Njlf7lqifwjuMIoGQCU__KQ3RR5ug1AoL3Fg&google_hm=MzF0dDJaZ29QSkxKT2Y2WlNTVEE=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
242
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame AB3E
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEBQc0Tmr_g-9RNaT-lJE9Gk?ext-param=AXcoOmQ8Nf_yxlEGSh3q5DBYoE7j_rOPpkcRePtz8IokWuX_EcA6daDTGbbeFTWh5ay54CS2F8hSDUhxReUAUpkUwDlOHVp07bgHcPg&partner-tag=yandex_a...
  • https://an.yandex.ru/mapuid/google/CAESEBQc0Tmr_g-9RNaT-lJE9Gk?redir-setuniq=1&ext-param=AXcoOmQ8Nf_yxlEGSh3q5DBYoE7j_rOPpkcRePtz8IokWuX_EcA6daDTGbbeFTWh5ay54CS2F8hSDUhxReUAUpkUwDlOHVp07bgHcPg&part...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBQc0Tmr_g-9RNaT-lJE9Gk&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 13 Sep 2024 11:14:53 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB3E
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESED_s85JaP...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d21dcab5-3fcf-43fb-a271-3a879c2e129e&%%GOOGLE_PUSH_PAIR%%
date
Fri, 29 Sep 2023 11:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame AB3E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkfCaQlBSUKKS2fNnvF-JkalsSoUJpAXuJOBrz9yJ7Kud_LcU3rZtr96x7lzzo6F2B70ph99w3wKY
Requested by
Host: a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 3B2C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55c016b568b4d5a6076e0549abf5012b4e0531fef41002405732ac4a1960e690

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
all
csm.eu.criteo.net/ Frame 83F7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=MC4WyGnhQQHg7_W-TaGzE7xxmG75AO_QHmG0wbne931cwE9U8tW9gT58K2dzoc22iZojzdSAWUe93aRRw2Y4PbOB7dCzhhNdjh7TkrhNbLLnvAJFDcPY_AIcQG8mjaL8teYNkikxwnXN6yYqQBLN1IyKMfeZhNUtTaW89bS8kRc_ZCgNb8L1b4zFKeI_CnTFNPeQSZyJpP0pobaEjprB0UlkxZV1nyjtHYtc0hq1FFx-fTBDcBk0oi64-crHUIudLqrvQQ&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 83F7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 83F7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Sep 2024 11:14:53 GMT
truncated
/ Frame 9B4A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
277a4473389decdb1fd907cf9acec8a67f2cf440efaf1729646aacf574f66367

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4A6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a48e41cfe564edd7c83c30254191c62c55acb252b7018d2f9f6e8fb57920cae

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E82C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9c071e4cf91a79908dfd3c18f09795b8aaa9a890635296b4a9fb5962da9f620

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5B41 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0465797cbea8fd257a30b2de085b4a7a5760590a75a23b224d690c1b2b5e3790

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 3B2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9ESmrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgTyAk_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNNp3oZRcSHWQkM9F0K7DziadPj0y4RTY1K9EQHaNFTj4anSeK7v-PgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHQobEhRwdWItOTk2MTgxNDgyMzkzMDk2Nxj__ZUB&sigh=inCnaK183pM&uach_m=[UACH]&cid=CAQSPADICaaNedt2KrKSuw8YcakHHhF7TlqsdhIYOk_5SnCOpZzkoFkgixt9A65040qBiZrIuoevifAIlWbh_hgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 3B2C 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F9PLCcoHWp2DYgICAAAAnuEgqOdxwlUQq7EWZU5TAPFBfGsfKz0AABIAAAoKQVFVREFRRUJBUQ&wp=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
213181
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 9B4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7FhXrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqosjBQtVLdCtjHNYJX9BcS6zLI7VHaEMTmJa0WpKP7TBtSqyO4LzJ-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshcdChsSFHB1Yi05OTYxODE0ODIzOTMwOTY3GP_9lQE&sigh=vOQM7fVMQqY&uach_m=[UACH]&cid=CAQSPADICaaNedt2KrKSuw8YcakHHhF7TlqsdhIYOk_5SnCOpZzkoFkgixt9A65040qBiZrIuoevifAIlWbh_hgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 9B4A 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F9j_CsoH-gGdg2ICAgAAAJ7hIKjnccJVEKuxFmWIrJ0CBkLJn1zkAAASAAAKCkFRVUJBUUVCQVE&wp=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
184447
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame B4A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdXGFrLEWZYCrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgSAA0_QcFtaRcP_Zij24NJZg8CJjIbFAE8EFHJZNsuY6clGJSYZcNT9SXUdM7BYg0oHKBC_VjeaM3WqN525s8ZF6VWhGStQNIzxs82oGwHLt383HFQc0glpkg9ODkaLR2ZHNGlmjvyW5B4HZwlNGpmH1T7sACbrjmrxKJrl5rQUIhTbFJetwy92QhXO9RhaVtMNar0uMpMPLSC2eh4ag2slYIOA070tfVURKEj8KhjtYLPeFFVylVJYG9N1oU42Ghqd8Dhgwb_P4OcH6WGwb7e0xH2YZ5F-QMn1dtX8p7IcHXcvDTL5_O9n2aQybZVCqU2Zuhie2XliGt0-SyJdekFhq27lErOALbMPNY0NyYuXV2Oe1zuSfsSmJrhjkQ_GvPw2ZiJq204wwjT_dy0xn0lG5qePCR0aq7NYVhd6_7wZ6PtysfFLDnarhePbeWFFol-VaEuXUv3I_6B-kacqCsa4dkclQwVoV3xT74zmkwmgl_9a9tQRlGhXgOM8KAPPC8cEtuAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshcdChsSFHB1Yi05OTYxODE0ODIzOTMwOTY3GP_9lQE&sigh=CcFhzkTdQ1w&uach_m=[UACH]&cid=CAQSPADICaaNedt2KrKSuw8YcakHHhF7TlqsdhIYOk_5SnCOpZzkoFkgixt9A65040qBiZrIuoevifAIlWbh_hgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame B4A6 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F9j_CsoH-gGdg2ICAgAAAJ7hIKjnccJVEKuxFmVvPFqoSIm_BOObAAASAAAKCkFRVUJEd0VCRHc&wp=ZRaxrAABlYAHg4uRAAbnJ3NdjVbX-SR7IerdzQ&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
189164
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame E82C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBg2yrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT0Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvensBFbXWwsSOv1bmWLSilmxGcsmj-MthmJ6T-3CBZkbGzU8kUR5OAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshcdChsSFHB1Yi05OTYxODE0ODIzOTMwOTY3GP_9lQE&sigh=BpKyMndOevk&uach_m=[UACH]&cid=CAQSPADICaaNedt2KrKSuw8YcakHHhF7TlqsdhIYOk_5SnCOpZzkoFkgixt9A65040qBiZrIuoevifAIlWbh_hgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame E82C 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F4bWC9ACmAKdg2ICAgAAAJ7hIKjnccJVEKuxFmXUzLft9HmL5Y8oAAASAAAKCkFRVUJEd0VCRHc&wp=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:52 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
167425
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 5B41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLrdfrLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyyaxhotP9FYXM8ZXXAH6abrkZiUgV3TC346F__8DoHOAejIbJLRmeAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshcdChsSFHB1Yi05OTYxODE0ODIzOTMwOTY3GP_9lQE&sigh=OmXOAcxnTnE&uach_m=[UACH]&cid=CAQSPADICaaNedt2KrKSuw8YcakHHhF7TlqsdhIYOk_5SnCOpZzkoFkgixt9A65040qBiZrIuoevifAIlWbh_hgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 5B41 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F-2uBKwC2ASdg2ICAgAAAJ7hIKjnccJVEKuxFmUFVCHwGoY2ZwA9AAASAAAKCkFRVUJEd0VCRHc&wp=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
145062
server
Kestrel
content-length
0
generate_204
tpc.googlesyndication.com/ Frame CAD3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?F4GIvA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usync.html
eus.rubiconproject.com/ Frame A19A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 29 Sep 2023 11:14:53 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0ABB 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1695986089920
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame FAFC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
4781
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 29 Sep 2023 11:14:53 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 22 Sep 2023 09:54:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
15, 39549
X-Served-By
cache-lga21982-LGA, cache-fra-eddf8230080-FRA
X-Timer
S1695986093.475271,VS0,VE0
checksync.php
contextual.media.net/ Frame 1F4F 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/techbullion.js?1695985800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
554b9eaf0e6479e64f2fc97ed935c8cc28af0c19c579aedaeb450027c6e56ca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://techbullion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8516
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 11:14:53 GMT
expires
Sun, 01 Oct 2023 11:14:53 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=EEE3E576-B227-4C65-8D68-44CBF9A8C3AC&gdpr=0&gdpr_consent=
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=EEE3E576-B227-4C65-8D68-44CBF9A8C3AC&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=EEE3E576-B227-4C65-8D68-44CBF9A8C3AC&gdpr=0&gdpr_consent=
date
Fri, 29 Sep 2023 11:14:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=099e220400ce3b120b4f3ba3&gdpr=0&gdpr_consent=
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=099e220400ce3b120b4f3ba3&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=099e220400ce3b120b4f3ba3&gdpr=0&gdpr_consent=
date
Fri, 29 Sep 2023 11:14:53 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
generic
match.adsrvr.org/track/cmf/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZRaxqwAT72T74wAN&gdpr=0&gdpr_consent=
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZRaxqwAT72T74wAN&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-fra-eddf8230083-FRA
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1695986093.419522,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZRaxqwAT72T74wAN&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjE3NDIwOTYxMDc4NDQ0MDk3OQ==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJH-T4Oa_ucG7K1Hy5oP7GU&gdpr=0&gdpr_consent=&google_cver=1
43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJH-T4Oa_ucG7K1Hy5oP7GU&gdpr=0&gdpr_consent=&google_cver=1
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:52 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJH-T4Oa_ucG7K1Hy5oP7GU&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A19A 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b0cb7d4b3cef95429a64326761eecf513b476adfb30ee40b0ee7712497e4e65a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 11:14:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Sep 2023 17:10:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21336
Connection
keep-alive
Content-Length
10472
Expires
Fri, 29 Sep 2023 17:10:29 GMT
async_usersync
ib.adnxs.com/ Frame FAFC 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
an-x-request-uuid
ad34cff8-513d-4fee-a6c8-945d08f00118
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.130; 195.206.105.130; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
log
c21lg-d.media.net/ Frame 1F4F 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3389876938454639000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-160-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 29 Sep 2023 11:14:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 29 Sep 2023 11:14:53 GMT
content-length
35
content-type
image/gif
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/techbullion-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
75c62e82f74bd25345dc7a5f8e4d286a64916d81ef047b956a18b554146a8606

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 29 Sep 2023 11:14:53 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://techbullion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=2227620224526580&bg=!DQ6lDkHNAAYEJRtnJCU7ADQBe5WfOCBDQu_3MWwO1L8js-L-AbJqpk51q7W6vjFabfo39EG3AgL2TYg7T3Ot22-6OA7TAgAAAGlSAAAAB2gBBwoAnqY74czBM84gjxRNfP6drxkIKW-58lsQeOk2_lBBgAlQlqIoV9fpAbitvTm-1-jp6VaRMNFm5ocaotWrBpyS9bcMGUkxME9PTY8lMGiOQvizkIcwbqvsm01ngxOx-OSH2KO2yQNxlCmtatSWp7jEbSfvo6VPOt3WomPKgn_SxmTXC0Rv9QM9srljg69uovZv8htx68wVVjVL0XD3nGSemQKqxylql9y-JZKYCwa_r9-TrpzDfhO2q6s57EFKr-ePEifbKanRqcGLtNliE15drzi_YtXAgVj67sNvwqXGBb1UZibAwRz_cZ3aDvNfYNDWR7yJsgbLNKjTEd9h1BVTQ89m2CCfUpsF8zs4gGY3of6XZ84VkVUilcpmrGimVgraChDe17B2Sd2ReJOS6ppF1awdFN15SETpl9dPoSFAHpMpKVDC8Yx4S3tsGKjlMCDBAiHtVe78Q1tTexJXrC37VXhaXhQ-MhWpM8Og1jOoJf6PuiqfqW_SlT9aX0JxUAdfnnaMzF7lsamVjX2iZueF9pck89TJT8_2ihAfFAgBzzygmNp8CzSe4Bh_nqZiekBnv2_L_cVwn_d8mm5ue13R1peSZi8iywn3yp2ebs_ahY2SuWWvIVlnvyo8pPxci7b-HL64eIskeGPbUP676JeqP2CvjiL0h4LJKoNDBVSHTdke-ePkyQSs6BD28QFD2T-uAlxtfSXgU7X9ZHH-Yx8EUqHLNy9jz2YhkjVR2jJGiMlvfoEW1J50QOgMnoGwvFvYgJl0To0iFFD6KaV1Rh9IHzRfCOa4Gaq5MMYq0Dd5gSMC-xZuEzwvo2veSKx2mGiBYJqDvlp5wSvKBfBY5n83IXeB0kpGIdlZDPvARVLX6imIZ9_xgiTnpMDaaz5e-GJLh_XTLtTZX8FHpBbvMBF91t5Bk9bPy-irc2M705kVI4vnr-lBrrCHA4TC1Tu2yUWkkIVXbsE46lYaPpSCvbf8m1EPqsM7WCmWL8OHM4O1ffyLqkB9xVnKwm-BirNPqdu68ufzm_vtMPMZBL_bZwWF5cQHGhy7F2Jg8KB5jEs8DHxTrk8-BD0O3gADitdodFZfOE1urp0PZHdaYoZOyISY7JxSuIobaVfDz0LULQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
all
csm.eu.criteo.net/ Frame 8632 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=55aQv2nhQQHg7_W-NvkkjEFowRf9nd_IBObtIz0_hqowuCzIFcSD4HXjKlCYNbd5l0397mbqwU6KWFBUIBONGXNX3fUQbcho4KGgoPMRy-MW06fpPKVPLDaMA5a0ew_tG70txuFjV-ouSYn0p2ZlJRH2T9PMKLAkL9gqpFGc7wnjay03Ua7g5ZC_H9vrq68cfowsD_e5hIb8rXb1B-E7daEfBMnqLFBgXyx4cJSLKfse1uiKPEDKWg8g4sf_Hsyvh5J6hA&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX4Hg4uRAAbnJ5coQR1t4ha3MDI9Bw&u=%7Cvx7rpq5y2m97pxdCqukZDawGMiLK0ZZsrp16padDgYs%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcoubwAtGAUFL8vtRYiskqAjx3LIdsTANZ-fKhvnADbhZ1Bto4S18LCYuHV6Te_j6zErXeOMbETbR27EMb7AEv57Damn38fTkE1AQSH36vY4qjhaMvJjs9lZYIHI4xEqXDMafTCxzuUtMbtvMEZ71D4gM1fROtgttGhctOXfAaKvIu9mMI_WK1DZ16bZYoq9JvJsyIVjBEPXpvHDRqJbwfs42hNPpTT7A8sSfcrgoCpOdoe8HWFB5SW7X4H4WZyIqKHkkhRb1Uqez1MsZgxkr4dkuXdZ6J17GtNNFZht-BUVrYSDcxgStEPRIh3-mR0-7G1YMnUiS8Ibo77gN2LKlETfMcfGm41wHinW6yokGJDnivLSbuofoCZYqV1kVWb-z1WYCyzpO6p3o2DzXdw0YcK5dcyfR1TXHNVvLaDA3x7bKkUGfNskh-P4Fh6v9fzKlLYhl95j5hTnUWqFb92Id9FElCJumfrvWrhpeP7YD2VbBzq9cpJKdFfAe1_Zht2G4et2WgqtJMKMa_befPwFllK3AFn8nWFy97oK3eyPTGY1qhK_eqN0JzN5jyp-ana8_i70M4u9xV7JMBID3ucQk-JI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYhwkrLEWZf6qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT1Ak_QavqLbWpOmSyjLPSHsxgYSNjNX-Q4T4LyOiMe_xWgXBTyilT3VnP-wsz32m1FXAPHGWp_0EA2B81F4mWOp3vUXFI_AorO3vEcPP4YoR6DnrfeN38RrPRS2M1fiweN70_IjewA_nakilWzwEOBm5LwqMp2gvLcnivVWa0fLuvZm1csXv5WK9AsO1K259aYIsggcDrQoaYeoQFGfOxOLRzfLJewsiXo4_Wcx45QTGvfgOR5Cwngbzq29dA6UMPiW1wOYtmM4W1qngz5Rylaf5hxKky4nMK6YmCKMDwnfP_KvMeTJ1qbPtsttcYH-U4e75jQnmjrn_jFUyWS9WU9pa9Kz068Cb5Snz1O9tBe17SROmGJS74jxOBT9RlMX17z_DePoy6XDmuG2X7UXYPeRKZIqPLG6Dpr7zYv3sFvTiwOw9ZNssxdzGjuTqNN5Xg410QUiTSqJHrQYBwLzd3E2ZgbY5XIQIw6ziPskaq_0SgvnwoITDTgBAGABsvfv_uXzKL1F6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36TN7T_m9ylcmyU0TNMxDZ7YSkdQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 9012 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=zwegN2nhQQHg7_W-CcoKvHtGm8m3O157kLDZE04BAPRc_ea72ejS_SKeMNg94gmvgpHV-1comtE_41R8rmI6cMvaH9t0AXAyeLw-TA6qoZfU9yEFF1WWzSsbqAbsfPyPMXQtWBDv6S_nHkODq1GKCVMIZSyOZF4R4IWfXuLfuO_QGI83gJ-x_kDvdIUvsLyccUAtxbZyxWKY07-p1XBe21qE4-fLiD_-2WBHL19BkhKbpRulsQKvXk1e3DUXfrZ53srcqfE0hxZ2xiET&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlX8Hg4uRAAbnJ0EvIlwQBjgkyuSBwA&u=%7Cvx7rpq5y2m%2FMgbCOZsw%2BtdYwLpuXuEWeI17MabFnaoY%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwm5iVz0SalJ_IzKR3Q34IgBVYK3cq7hyTxdVVID-8B4jkZnr5FfgsM3dCsFal-Lk8jkS-8RFYwflIWwpic7lS0bBkN95aB_xqSEJQFOefi9zuChN6eQmoUQ0NvAgeM0TVCFjxNB5Aig_8IXo76PKvNdohha8BmZfylGSYTBFKZ-tyjCCvdIuTHw_bE4pV7KQM5v57CbTSvXD-LcAej89M7jt5o0MQC_miUNOjpYcFkOABtJdu2G7KRwu5-GIEwR7_CsbeHdWASRtp7ouUld9RX8GORGEpVxJNoZFAKBeUru9YTgnpkKSCFYy1rZgQFYOhc2F6XJG1UWjAevYilRhly-_WBWS9NYV0Uiz6Sw5TI_Q9mIcGcHKyImbkuZ917vGmCZaSixeNXdULmRXfucmAy7zxfuq9A2PAstcH8cUuLbUShEUpzf-NS7-FYmH_PUNnOUu0VWb9jG43E88bCh65OZ7f3bxHXbH4AhlVBe9fNDxPqxXtfm6mKnTdp5jteYkXgWl1pSEGldeT5Wwaog4N0f74NVEesQ4R_u5FZNFl06Eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIngRrLEWZf-qBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT6Ak_QXzOgbwlq1b29Ce9UKUwIPYFeur6lTE_SpJwcs7um-zro8lpuPm-w7hkxzxRMx2UDfsSXLbfdi04XELoI933EKGpaVhOsHktKqiVsgYrXwd3lHo4aPaYoNtwsXzpWRPZ7mJoiAe5R4JiRyCha4wUdnyf1wzdLebcqZQbe3PNEtLIMNS-3ZKqCvNqI31sfAPjaWgfwscpkmZWLDX5mMWRItV8kDuUDJvlWkUbQ407sVOIBwvkun6DhopLQTlV71tRL7cj9kMusBDqiRBNaJq8Mc_wPp5Ze3DcCDy17OV3HvRsOgL60NpIqJ1h1R6KO8inhb57_Zzih5o0K-DhO2ge-o561meh9BIT3JSGkY2xCkgqbDkk8ZCMJ91Ji50W8WIBGWXfbjR8lo7R3MTJ7-J5tuszYk-O0LXkCcmffS0mswv2p22Be6m60mn-OlqVRqothByrHrUN9sdWIAqXNUccXIqnfq6siVuDuGVfszQvfmTIq8RbTzkHT6uAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26yvsmUNrHmMYPsufs1tQOjIeKEQ%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3B2C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8lT8Ju2P88gMGCKLq64iX83rfymqIgvszCiLTP4GroPVoj3BzFzB59rClZNpl_8YvDN4AEpHfhesyAfk6qQx32X_PuRUjY7t4qI0&sig=Cg0ArKJSzGhdlN9xFgfoEAE&id=lidar2&mcvt=1000&p=1105,315,1195,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3042646370&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695986092396&rpt=723&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B4A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT8Qh97nLSVI539BvDDM8paEJDttqe4hb9scuOX2S2rXYBYGu6tBqEMEbNhRT6bmERTWcNdJ0hvKS8HAe2FnHmx5ZR3nxtQgtQlO8&sig=Cg0ArKJSzH8_Yuvk4gFeEAE&id=lidar2&mcvt=1003&p=65,315,315,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=323906682&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695986092408&rpt=742&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 782F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=UnonGmnhQQHg7_W-HEUq4JIENEtLgyIbJFUwh1HYPysxz9kDc8yiJSagByyvT6phRHscJkINxrXdCyV31VMNRuaA0umRVQvyNkgomfjgUaQYRbQenGNuf3neeTbQlTSrfETXZOFeaX45sXWp3qmmUHUvtAbIwM80pVpMpzRMI9BN3HCXnLut6Tqx46qBaMMqBke1b6KnC9XsSYYi-LvoYnclr2EW1Ak4X_NhjdrQpv3971aRvA4jO-MNEy9te3WzA7Jg1A&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYEHg4uRAAbnJ4rw-UHIDrvLluGvuw&u=%7Cvx7rpq5y2m8BVt5CbqxDSAOuLU%2BHrplxLJwrrnM8MwE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbKV7Fgi-hPwmBoz0kZ49XnpI3T7B_CiOoSdH8fquqaqA9f-5fH9iz2pXcdZ80wwtJqZUV2mbHOJKPl9d-F1ZFDGnpkmb3KnFEv9hMgb2oc186kbxFV3ZjeGDeEwxDXoMYQgFhaHZQaO_Y5M0oeIohpQx6BUXcCuTzNUb0zu6IKt3jBfVkqttBn5z1iZfzZaBArgxK04Vnd4HO2pxV-DVu3nzuYHKGD_UEIUjs9Mx6tG8bqM8P_qjRObM_xg0jfmITXe15WjgtLQUMmbHizXCl6rXT4otr4N0nSks7X0Cwhej7diBg3w9S9nxphUWGSqd_mGHwe2MFF2JuDChkxG2y4hnR43qkGuKu9rz820obyLfsycvZVa6V-8usmBba5txsCVPHwBluES4C_SiVfoHRwjcagqRocBUHB53bMVLa7Guc5xy_QUEz44Oz22v0eWduMRaytU8Bj1a9QarnYz89jBg0WUneqEjcKU3vO-ersGherzf6hQpdlsh74OFyPqtuG6uRi-Sa_zTXnQVb8crq3xNdUQZe2YlZxr3nUyJbnNwbDwAo4VsVng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCll5RrLEWZYGrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT3Ak_QYS_9tOGsmq0WtzNTpVzVbQLM-iUyv1AFJPZLbxueLRzeUn2V4d1nFkmmILI0j_iOseKEjDnf8X4TvWvNzXAhD0mwhAU8Uj88U0_gmwi9-HyeRi-YJmVApT7RSWCnqP4WDUyFuTKhpLzTDbfc4PMDHXV1SebDRsGNeIwNRgY6nHrGxB0AB9hOqOCuzHzKY1-vamxcuvRVkk9daF7G09zArzTbP3UDJUMvgch6c2WBTFrSi0t-UrT5pe5ekrPH2i4jBAuCtibgSjkxTiGePfFr6Ud6OthsMY7KFICWoitF7HQ9xfgO1FiKoJ3c_6un-qLoiOs-kjsI4ZVU6BHRj7-seBlSAdGzxg33PPCP6c7TPeBTfCLS7qBQNO1PaSYdSpikwIY1s-FUTnn2yJzdUzbgSPQs7girdp7sxPkdo_ij4GKyZnXPhMybMt8CbvflsjDJ3f_8dU0lSb8HasDCykAmLDWirps9IQIR-ql6QHRMONExDasLieAEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2T5hQKu7Ux_wHlmFv2py7BpEcaOA%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E82C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQ50XRlDzLcvY3-AMrvYr-Ey_i4uOacQrNBwlGqNbqjyoPwe17wpLKae_6RN13f7yWb9Tu_482ZNxnqmejumvu8Kowy2EgxUGPKhQ&sig=Cg0ArKJSzGuFfNW7gge_EAE&id=lidar2&mcvt=1000&p=330,1200,610,1536&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=20&adk=3506699808&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695986092434&rpt=810&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FAFC 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:54 GMT
an-x-request-uuid
8064ac79-54a6-40b3-868d-878dfa191fd8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.130; 195.206.105.130; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
all
csm.eu.criteo.net/ Frame 83F7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=MC4WyGnhQQHg7_W-TaGzE7xxmG75AO_QHmG0wbne931cwE9U8tW9gT58K2dzoc22iZojzdSAWUe93aRRw2Y4PbOB7dCzhhNdjh7TkrhNbLLnvAJFDcPY_AIcQG8mjaL8teYNkikxwnXN6yYqQBLN1IyKMfeZhNUtTaW89bS8kRc_ZCgNb8L1b4zFKeI_CnTFNPeQSZyJpP0pobaEjprB0UlkxZV1nyjtHYtc0hq1FFx-fTBDcBk0oi64-crHUIudLqrvQQ&sds=2&rev=88628&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRaxrAABlYIHg4uRAAbnJykfRDFhlITCzexifg&u=%7Cvx7rpq5y2m%2Bj%2BPz5aLVK6RPn6W%2FPiN%2FQatWPC16oy8o%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pAC3aSY9p1mJ9XKnMtRUM8nqIaa5Rl2efL0FSY6XUG9zw0TPNcpRuQMS_Qzx0laPRRYaqbSZrlVtM8FAhvoWeIZyAC5g1oLhx_KH2ySx5HSVP66xwtG8GVFA9SL8pgfFlAUtcAc4Mudl-Sgmhug1J8szg8WQNSWNkXZCGRM1rMQ4wgePKcHIsXnF_N5aUabyficq5fDs_lXj87cnpsqJgfXYwX3lS0j-q4pUv2Ymb_iUJeITsFczfcqH2prZC5bqO-1l8aOChdQTkuWFnWJ-_TxqMleofpUVjFktLn92M4UDVFcxLeVdRB-WL2LlziWqCwddRBevEcj_CbBtIwY5eC-eK0gVDaIpl3PhR6KiL4cknX6al1jPm6OoZCNsAqNGgwA8_q_eilv49o5effo2ap0b7x1ZOzncQFLaGpjKCIavFTYMNLVv990tlMxu-a86B4pe_IjVYp1YGaiPG9PRfMr6QbilkuR6-AcMbnuVmEz-mlf1hLu7eIb1OwQt1c9SPVGHOO1--fG_vyey1nEWBZzLeJjsGZ3vbl5Vav1NBdLviVgW9o9gIpoi514v17-ApswuPAWGYQigD2qw0fLlciA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWeDerLEWZYKrBpGXjuwPp86b2A_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTk5NjE4MTQ4MjM5MzA5NjfIAQmpAq3mzrY3wLE-4AIAqAMByAMCqgT9Ak_QyO7RpAMhNavUOmoAYNgtr2GeP5QQV2_PkSa5-OStPv2YafiEgyJt9UdJiF477Ax4Poh2N34zWGCkDDK966qWH0K4V1VLUpg3l5rnXYR_0eDlCdKJntoBturSuMMGqRZ2kcv2nSkZzM1vNv0Y81zBzyUZuec98TqvN6s6VVMLDTM85B_GNEAVd6xfXs6I5cZV8IG5I3D9fUZ7GkfDnk43ai4Gd0PPEJQUE1PRyaveFc6Qc3IsJh3viTHGCeXwMbeViauYA4f1E8_0GKDkjKRIjQm7SEfS1o02zZ6-jHAbW9nE-NhtI4PpWZgRmsJvDGRfNOf18HMF8WBRaICM2Dts1tYq-vhd00T9fL9Cyf1RnEGwPLIwgM6N6tULd5SCmXlio2YyTA0Rz34SC-vSp7QKs3JfbtvTPn8Y5buSBQqAm305cIXsJdWUv63U9u9AtHCwRyzYxDu_v0KIYWnJeqqLyU9Pn7-eN1f9E_yO38Ja_D7QLfBQpgbxcJ7Ms-AEAYAGy9-_-5fMovUXoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2gwy7uwZjo89svFFLasc4EUoFH6A%26client%3Dca-pub-9961814823930967%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 11:14:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-R48ZLMXHJS&gtm=45Pe39r0&_p=884511560&gdid=dZTNiMT&cid=910471404.1695986089&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&sid=1695986089&sct=1&seg=0&dl=https%3A%2F%2Ftechbullion.com%2Fnick-oberheiden-sheds-light-on-what-to-do-after-receiving-a-cybercrime-subpoena%2F&dt=Nick%20Oberheiden%20Sheds%20Light%20on%20What%20to%20Do%20After%20Receiving%20a%20Cybercrime%20Subpoena%3F%20-%20TechBullion&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-K5LQDCX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techbullion.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 11:14:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://techbullion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
cdn.districtm.io/ids/ Frame 15CD 		0
0
9.gif
id5-sync.com/s/441/ 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_5845e35d-9561-4977-a55d-1deef04bbb49&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 29 Sep 2023 11:14:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
9.gif
id5-sync.com/s/441/ 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_72012b82-f8b7-4461-8984-f3985a49b317&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 29 Sep 2023 11:14:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
9.gif
id5-sync.com/s/441/ 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_9eb3c3be-2083-43a1-908d-c10f03548f3c&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 29 Sep 2023 11:14:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
9.gif
id5-sync.com/s/441/ 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_314d76ba-931c-4d05-8dfd-38e3f53b8d45&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 29 Sep 2023 11:14:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
9.gif
id5-sync.com/s/441/ 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_587ce1ee-fa61-46dc-8635-8afc8355ff45&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://techbullion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 29 Sep 2023 11:14:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
qcx.quantserve.com
URL
https://qcx.quantserve.com:8443/qchb
Domain
qcx.quantserve.com
URL
https://qcx.quantserve.com:8443/qchb
Domain
qcx.quantserve.com
URL
https://qcx.quantserve.com:8443/qchb
Domain
qcx.quantserve.com
URL
https://qcx.quantserve.com:8443/qchb
Domain
qcx.quantserve.com
URL
https://qcx.quantserve.com:8443/qchb
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
ssp.pub.network
URL
https://ssp.pub.network/ssp-server/HeaderBiddingService
Domain
qcx.quantserve.com
URL
https://qcx.quantserve.com:8443/qchb_notify?type=timeout
Domain
a.c.appier.net
URL
https://a.c.appier.net/gcm?google_gid=CAESEIFm5QwNT5LZJ1qfS_c9bgA&google_cver=1&google_push=AXcoOmQ9v02wv-zToHiVIiKHsjbBaNDGmYkw3TB0P2tZ4_gFuWTV8ycC5LCmhPdCe0voJsp_M3rwLqmGBf9UM9X14w0xuKQEEMMYnw
Domain
tg.socdm.com
URL
https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELZyexuVpUPLVlbG-zPvuhw&google_cver=1&google_push=AXcoOmQLaX544mIygGvqntfpe5Urs8fccNBaS82rE4bNVDWWYQHywHgLHsk94D2pN0oXZ-mNzjF7MU0-ktzwHytZGZU9nkvioeHeVw
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBs5cZTalt3W6eQ2yqeY80I&google_cver=1&google_push=AXcoOmQBCLdxFuH0vmmB3eEF4qjOq7MNaHRLjNOIWFoj0zdw8k5dYpF7XM0fqaOdvhg6eO5EH6RjA6tlxvYK_zMMokRY2otYbu0
Domain
id5-sync.com
URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSKSQKzmuqcnPOhUPhpE92-rCY_yRbddlYobRJ-VBxV0MVTj12qFbpibyXF8lV37qAT34aehVxWFqDzKWEEbj4pZnUBkJnX
Domain
sync.lunamedia.live
URL
https://sync.lunamedia.live/psync?t=s&e=255&cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001875%26dspCookie%3D%25USER_ID%25%26gdpr%3D0%26gdpr_consent%3D,,,
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB27STdVRjUib1ys0i4rec4&google_cver=1&google_push=AXcoOmTf87_3la8dfWO48PBWkVfdmMyywlkQYhipLL4zvWz9eiShQVzmdAEt3MNq4cS49BPp0VcBpyJLIjOSK1VUT1OQm2TdPRk
Domain
im.bluevoox.com
URL
https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEBJVUvGHDxnZVt94d-uJWw0&google_cver=1&google_push=AXcoOmRV_w-Lint6TVTt136lYm9AAYjratkX4ZIiiUO0ZrJpZBtQddpiMc_qM28rlqTtiycx2RctY5sInZvX8hq5kxW1z0WOMuwMvA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzI1Y2E0NTgtYTZkOS00OWFmLThiN2QtMjA2MmFlZDE0NDMy&google_push=AXcoOmSbDWRcIRDQRIOKprriRsa_pg-2b9Btu0igQ3qdg0Iwap60RXCSUDmVBS-YJZ5sUEV2U7aGc81nM0eO5MEaFgFvTQQOiNlN
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWjSWXPi9e6BM2ktZmPkyAnjWvWx1pyVlVCVL1dmzGiX9QCgJP5hWoyqyjcXlRsdsTXUQQVrGYeMkrGXQzGOXc2j2dMYSDkO6QQ_M&sig=Cg0ArKJSzArgG8c0j0ljEAE&id=lidartos&mcvt=596&p=1105,315,1195,1285&mtos=596,596,596,596,596&tos=596,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3042646370&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1695986090846&rpt=904&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfl5L82lPFMtVXv9z9Zt5KbT7TN1nMylwQgm5j3K9kSL_HKY2uXdiRGAvWPAcdvk1laIFWFm06FfaBXtZ5zd-uu9Wdk1diauYDpkE&sig=Cg0ArKJSzH5LHtBcarQvEAE&id=lidartos&mcvt=500&p=65,315,315,1285&mtos=500,500,500,500,500&tos=500,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=323906682&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1695986090880&rpt=909&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzs66vepcL0FvVXyrwIDXN2ih6xELZ3oKgqw-f6Jn1rLDf5SO-AAM-NE0ABUehvFxGb7P4f0Ng8rHitZIznkVj2rPQNiigIfkAT1w&sig=Cg0ArKJSzKrnChoxj-0TEAE&id=lidartos&mcvt=0&p=4241,315,4491,1285&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2646576759&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1695986090894&rpt=1010&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGIKwR4b5Pw_yLnxZHhBgqoFkvXRlBRTTpCj1XK9vzo9FG2WUuI8oyqJGBfZaQcel1yCbpB6b6u3Kk4Vr39XK_gCvHU6kFlk3WQdc&sig=Cg0ArKJSzJD8nsdpgObIEAE&id=lidartos&mcvt=398&p=330,1200,610,1536&mtos=0,398,398,398,398&tos=0,398,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=20&adk=3506699808&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1695986090908&rpt=1022&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-ziQQ6DNMFYmUxDFdjltL0zT-5odhsP9OKheSE4dYIhTn2t074f6_Oxpb8fOH1cfRJ46cx1_a9_JTcIOU00K2aet65FTk9DPfjVg&sig=Cg0ArKJSzPUrrNAzjldCEAE&id=lidartos&mcvt=0&p=3626,1200,4226,1500&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=4215429855&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1695986090985&rpt=987&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBs5cZTalt3W6eQ2yqeY80I&google_cver=1&google_push=AXcoOmQB5m9kyBlqVq8F4f8FBxZdnDYze7R1uTJsSIokzlwB5SyJ-sVHAfmDhTIeG3jrnPlHq9WIgzMgkqXvC_rx1MkBxp89mngR6A
Domain
cdn.districtm.io
URL
https://cdn.districtm.io/ids/index.html

Verdicts & Comments Add Verdict or Comment

304 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| documentPictureInPicture string| et_site_url string| et_post_id function| et_core_page_resource_fallback object| _wpemojiSettings undefined| $ function| jQuery function| flatpickr function| gtag object| dataLayer object| _taboola object| freestar object| adsbygoogle string| disqus_shortname string| disqus_title string| disqus_url string| disqus_identifier object| addComment object| swv object| wpcf7 function| ResizeSensor object| pp_ajax_form function| ppFormRecaptchaLoadCallback object| ppressCheckoutForm object| monarchSettings object| NiceScroll function| retinajs object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| runtime object| regeneratorRuntime object| wpcf7_recaptcha object| lazySizes function| disqus_config object| DISQUS object| FB function| _typeof object| TRC object| _tblConsole undefined| msg object| google_tag_manager object| google_tag_data object| fsdata function| load_script function| fsRequestBids object| googletag object| pbjs object| bsaexperiments object| bsagpt object| bsaheaderbid object| optimize object| bsapbChunk object| bsapb object| _pbjsGlobals object| mnet object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| bsas2s object| apstag string| GoogleAnalyticsObject function| ga function| BezierClass number| a object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| recaptcha object| closure_lm_492664 string| google_user_agent_client_hint object| __buffer function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl function| pbjsChunk function| JSEncrypt object| twemoji object| wp object| gaplugins object| gaGlobal object| gaData object| _aps boolean| apstagLOADED object| apscustom function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| ha object| _clrm object| Criteo object| confiant object| hadron boolean| __halo_loaded__ function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| PublisherCommonId function| setImmediate function| clearImmediate object| ID5 object| __id5_instances object| au boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16959860906426 object| vglnk object| _qevents object| advBidxc object| _comscore undefined| vglnk_16959860914497 function| fbq function| _fbq function| quantserve function| __qc object| ezt object| _qoptions function| _mR function| _mD object| COMSCORE object| ns_p undefined| vglnk_16959860918079 object| GoogleGcLKhOms undefined| vglnk_169598609253610 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

123 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AFIN4vfwPVzo4gJOgYMsgdzA0oAY8uatx-izYKz2ZWHSQ6Yx-O9P-8g0VHfTy6m-EroaIx3FsYdvXV0ktQkhigY
techbullion.com/ Name: _fssid
Value: 2020ca67-fc46-4da8-bd48-fd317610569b
.techbullion.com/ Name: _gid
Value: GA1.2.653462098.1695986089
.techbullion.com/ Name: _gat_gtag_UA_77396124_1
Value: 1
.pub.network/ Name: _fsuid
Value: c6eea4ab-168c-484e-858c-c0abf10812b9
.techbullion.com/ Name: _ga
Value: GA1.1.910471404.1695986089
techbullion.com/ Name: _fsuid
Value: c6eea4ab-168c-484e-858c-c0abf10812b9
.gumgum.com/ Name: cs
Value: true
.techbullion.com/ Name: __gads
Value: ID=e5f1bdc766d2a017-2276bf5f69e4001f:T=1695986089:RT=1695986089:S=ALNI_MZ_Bhqeug1SZhgq1qM0cdvsNBsEKA
.techbullion.com/ Name: __gpi
Value: UID=00000c88300aee6b:T=1695986089:RT=1695986089:S=ALNI_MahxcgfbaYgdPXGBJ7pJ3KlNPqrAA
.gumgum.com/ Name: vst
Value: e_94137725-d98b-4646-8a3a-528a2dc8bdb2
.adhigh.net/ Name: gi_u
Value: xB9iToHw9lj.AikABlGK4KYAAA
.omnitagjs.com/ Name: ayl_visitor
Value: 7f614d4002799a3e49fca79589f1ea18
.rubiconproject.com/ Name: khaos
Value: LN4IBU7G-1O-5579
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 80f3f66267afbb9f2bfefc414b765e88
.techbullion.com/ Name: _cc_id
Value: 80f3f66267afbb9f2bfefc414b765e88
.techbullion.com/ Name: panoramaId_expiry
Value: 1696590890111
.techbullion.com/ Name: panoramaId
Value: 5d14d2b68e0f8129953c03a0bd95e32246b0fc30edc903323d99a2c6e00543a6
.techbullion.com/ Name: panoramaIdType
Value: panoIndiv
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 587752=5649794
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0
.smartadserver.com/ Name: pid
Value: 2174209610784440979
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0&c=1&l=635210033&lo=90626159&lt=638315828902381963&o=1
.amazon-adsystem.com/ Name: ad-id
Value: A5n0YKYwkE7GsoLQR0dYtdQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 4170372529826451915
.csync.loopme.me/ Name: viewer_token
Value: 042eff3b-ce98-4c93-bf03-c8866ecaa6c4
.dotomi.com/ Name: DotomiTest
Value: 4425881647291587
.bidr.io/ Name: bito
Value: AABeK07KLWMAABk4xJ4LMA
.bidr.io/ Name: bitoIsSecure
Value: ok
.doubleclick.net/ Name: IDE
Value: AHWqTUnBXJ9B_UJqLbiWr4gwVfIeUXAsQpOcGF_RludZMjsyxXzHR8VnJr4Ll6d0Oxs
.quantserve.com/ Name: d
Value: EDoBCQGIKoEA
.quantserve.com/ Name: mc
Value: 6516b1ab-931f1-4bb2e-f49a6
.yahoo.com/ Name: A3
Value: d=AQABBKuxFmUCEE9AaI-O4DaLxYEU5-utAlcFEgEBAQEDGGUgZQAAAAAA_eMAAA&S=AQAAAqB3Kyk6iNvgfGa7aPMmn3s
.linkedin.com/ Name: bcookie
Value: "v=2&4f0f0efa-c308-4b40-8fe5-a4bec3a881b3"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTU5ODYwOTE7MjswMjEpGu6Mr6rko8OFXlxQUVwjLsXnRz7Hz/p5fmLPCfw18A==
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2722:u=1:x=1:i=1695986091:t=1696072491:v=2:sig=AQHn3aW-J8MOAJSoayj9jAmSk7G5HXKr"
.ctnsnet.com/ Name: cid_ee080713848e4d9c8711c0087b77f62e
Value: 1
.ctnsnet.com/ Name: gid_CAESED7-Al_pJ1v54Hlep0Y2XRI
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22CDF1F8AD-A1D5-489F-267B-D0C9CEBA2F7E%22%7D
.bidswitch.net/ Name: c
Value: 1695986091
.bidswitch.net/ Name: tuuid_lu
Value: 1695986091
.bidswitch.net/ Name: tuuid
Value: d21dcab5-3fcf-43fb-a271-3a879c2e129e
.scorecardresearch.com/ Name: UID
Value: 120940a897f5dfef9abd1971695986091
.ctnsnet.com/ Name: cid_ed7dd0600bfb4668b203fafc082c964e
Value: 1
.3lift.com/ Name: tluid
Value: 1184131847375318445921
.primis.tech/ Name: csuuid
Value: 6516b1aba66c6
.tapad.com/ Name: TapAd_TS
Value: 1695986091687
.tapad.com/ Name: TapAd_DID
Value: 6d673308-c114-47ef-a8b3-870b516e954e
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.smaato.net/ Name: SCM
Value: 19ef7b318a
.smaato.net/ Name: SCMsas
Value: 19ef7b318a
.turn.com/ Name: uid
Value: 7953198905934870436
.w55c.net/ Name: wfivefivec
Value: eTB7YaSO1QMbsn5
.simpli.fi/ Name: suid
Value: BEDC81BD7B4A42B9B8ECC33405451AC0
.lijit.com/ Name: ljt_reader
Value: HZuCvGZHGjRJSJDfQNiW9F2V
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpsgEnLm15Wr1qbBgMWySGKnddJL2ro25+knsgPXRR++EjlHbsxk2jPtgdhL7T8cENGBMqAVENMYuCAnekPgJibayvbO09yC6wbsm1clVNMrQ==
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZRaxqwAT72T74wAN
.yieldmo.com/ Name: yieldmo_id
Value: 3RUw2AA99sAaNTliNvuv%7C1695945600000%7C0
.bidswitch.net/ Name: google_push
Value: AXcoOmQ2f-2zibJY68xfDzJh57gGJ8wjDzwcYwECZBMc7mk-YvoTU6V9QflGwjeyMWTtlhSUkUZHCP272z9p_K4jApamtFmmY3abHw
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a299bed7-7db2-44e3-a185-cc097c5ceec1-003%22%7D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.360yield.com/ Name: tuuid
Value: c523a5ee-e883-4d6f-8c29-87cdacc07fdf
.360yield.com/ Name: tuuid_lu
Value: 1695986091
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EEE3E576-B227-4C65-8D68-44CBF9A8C3AC
.w55c.net/ Name: matchgoogle
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2e6z:19e0~2e6z"
.go.sonobi.com/ Name: __uis
Value: eead468c-f96a-4fd1-8bc5-e3d78d798a1a
.smaato.net/ Name: SCMg
Value: 19ef7b318a
.tremorhub.com/ Name: tvid
Value: 56dd29b26de24ae18ca8e146b115bf7c
.tremorhub.com/ Name: tv_UIDF
Value: CAESELlZigjFnqhnR1NqyUuDI1U
.tremorhub.com/ Name: tvssa
Value: 1695986092001
.techbullion.com/ Name: _fbp
Value: fb.1.1695986092081.1168117599
.techbullion.com/ Name: __qca
Value: P0-1427167826-1695986091557
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a299bed7-7db2-44e3-a185-cc097c5ceec1-003%22%7D
.hb.yahoo.net/ Name: data-mag
Value: LN4IBU7G-1O-5579~~63
.adsby.bidtheatre.com/ Name: __kuid
Value: 28a3014b-d112-4db7-879c-558b1574500b.465200092
.teads.tv/ Name: tt_viewer
Value: 325ca458-a6d9-49af-8b7d-2062aed14432
.techbullion.com/ Name: _ga_R48ZLMXHJS
Value: GS1.1.1695986089.1.0.1695986092.57.0.0
.criteo.com/ Name: uid
Value: b5942d5c-08e6-4856-8574-97c3fa88a5ce
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22CDF1F8AD-A1D5-489F-267B-D0C9CEBA2F7E%22%7D
.smaato.net/ Name: SCMtu
Value: 19ef7b318a
.casalemedia.com/ Name: CMID
Value: ZRaxrWMr.2kMIn5w9Z6S6AAA
.casalemedia.com/ Name: CMPS
Value: 3386
.casalemedia.com/ Name: CMPRO
Value: 3386
.adfarm1.adition.com/ Name: UserID1
Value: 7284204803909482650
.acuityplatform.com/ Name: auid
Value: 833851377664
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRTgUYGKImGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUU4FGBiiI90aGlyZFBhcnR5VXNlcklkWkNBRVNFQWhNcGo4eWNlM3NIWXdEbmJUY0VUUfv7hnZlcnNpb27C+w=="
.uuidksinc.net/ Name: jcsuuid
Value: LWPBb3ZKkS5Z7PcS48JY
.adx.opera.com/ Name: UID
Value: OPUebc881b97d404f1fbda3648666e8e220
.tribalfusion.com/ Name: ANON_ID
Value: a6nteZbMZaAC7pqGpS6ZdsbX7Gn3wZacb8VQsqQi3HyHU41cJVYgs7PqqoNYfH5n1ZdNqc47tQxaF6DKEB64F7tQffswaEHXa9CZcu
.de17a.com/ Name: guid
Value: 1.1495400873902398505
sync.gonet-ads.com/ Name: chk
Value: 1
.c.appier.net/ Name: _auid
Value: ZeIxyv5JCfCNJ6cErbEWZQ
.c.appier.net/ Name: _gu
Value: CAESEIFm5QwNT5LZJ1qfS_c9bgA
.yandex.ru/ Name: yuidss
Value: 3349107181695986093
.yandex.ru/ Name: yandexuid
Value: 3349107181695986093
.gonet-ads.com/ Name: pid
Value: N2FjNWU0NDc0YzA1OTJiZA
.techbullion.com/ Name: cto_bundle
Value: rt8H5V9vN3hoenZyT28lMkYwQzVzdTZEc0ZiNHd3cVlqTE5zQ2dLbnZrOHFKVjFvNlZWdXgzelEzJTJGUzZkJTJGRVYlMkZ5QnVFbUxBeWNETk1hZXhTaXdyd0FDdFlmMHExTE1JZSUyQllNRnBaZ0hZVDJieG9iUkg1cG1RT1VDaVFxeGphOGg2dmxWVWdLU1BUSGRiakJmczRNeW9XMFFId1dBJTNEJTNE
fksnk.com/ Name: AWSALBCORS
Value: vf3mLv2kfseAycUi8ZZUA5w4Bs61epwrcgqX+nF9FiSfAyOo88xgGmVUzJ0LIkECYcyN56RmjbapOWj3elEL6BFHCGQxJFq4lYtYpgJhGr95Uj0xhLX34+3EWXsO
.fksnk.com/ Name: f_001
Value: 7968BA2224DE850B
.fksnk.com/ Name: g_001
Value: 1
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MStjQ0NjS1MDIwMjezNDcwNDY1MRDiM9RNjw8NcfULqXD09HIBAODU6dQlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MStjQ0NjS1MDIwMjezNDcwNDY1MRDiM9RNjw8NcfULqXD09HIBAODU6dQlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129U4PcikPDUhLdAxOK_P2iMw3jXcqjgziNTSzNLW0MDOwNDYxNnjFiMI3BACtboABPQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129U4PcikPDUhLdAxOK_P2iMw3jXcqjgQAUNYskR4AAAA
.go.sonobi.com/ Name: HAPLB8G
Value: s8556|ZRaxs
.adotmob.com/ Name: uid
Value: 099e220400ce3b120b4f3ba3
.adotmob.com/ Name: uuid
Value: 099e220400ce3b120b4f3ba3
.adotmob.com/ Name: partners
Value: SMA%3A1695986093502
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-92700a2f-2a32-5f4b-73cb-76eb9b3cac48.JCcfjuMwD9%2B%2FjACaeRj%2B3FDW%2Bgzbg4SxbDs70OduvNE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-92700a2f-2a32-5f4b-73cb-76eb9b3cac48.JCcfjuMwD9%2B%2FjACaeRj%2B3FDW%2Bgzbg4SxbDs70OduvNE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AknAKLyoyX0tzy3brmzysSMPOaYI.0z2io6TcFe%2Fv64DFT3KLYaUeBE9%2BiYELy6042ZG%2Bxug
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AknAKLyoyX0tzy3brmzysSMPOaYI.0z2io6TcFe%2Fv64DFT3KLYaUeBE9%2BiYELy6042ZG%2Bxug
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEqjuYjyQz_VLUAeYdbPu5fEnrSJs5D4OZz4mx3aVJt1EHwYBCCt49qoBjABOgTwi70wQgT1Pf5S.nr7TSnMjpIXxSFd31IQoBvQFQMcYUzK54goVnPk25AA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEqjuYjyQz_VLUAeYdbPu5fEnrSJs5D4OZz4mx3aVJt1EHwYBCCt49qoBjABOgTwi70wQgT1Pf5S.nr7TSnMjpIXxSFd31IQoBvQFQMcYUzK54goVnPk25AA
.zemanta.com/ Name: zuid
Value: 31tt2ZgoPJLJOf6ZSSTA
.smartadserver.com/ Name: csync
Value: 66:099e220400ce3b120b4f3ba3|76:GOOGLE_HOSTED_SI|133:19ef7b318a
.socdm.com/ Name: SOC
Value: ZRaxrcCo8XoAAOrKXV8AAAAA

6 Console Messages

Source Level URL
Text
network error URL: https://dmx.districtm.io/b/v1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ssp.pub.network/ssp-server/HeaderBiddingService
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
other warning URL: https://a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBs5cZTalt3W6eQ2yqeY80I&google_cver=1&google_push=AXcoOmQB5m9kyBlqVq8F4f8FBxZdnDYze7R1uTJsSIokzlwB5SyJ-sVHAfmDhTIeG3jrnPlHq9WIgzMgkqXvC_rx1MkBxp89mngR6A
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.c.appier.net
a.pub.network
a.rfihub.com
a.tribalfusion.com
a7fcee239add579051a58e25f47549ab.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.eu.criteo.com
ads.travelaudience.com
ads.yieldmo.com
amazon-tam-match.dotomi.com
an.yandex.ru
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.disquscdn.com
c.pub.network
c21lg-d.media.net
cat.fr3.eu.criteo.com
cdn.confiant-integrations.net
cdn.districtm.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.taboola.com
cdn.viglink.com
cdn4.buysellads.net
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cs.chocolateplatform.com
cs.media.net
csm.eu.criteo.net
csync.loopme.me
d.pub.network
d5p.de17a.com
dis.criteo.com
disqus.com
dmx.districtm.io
dsp.adfarm1.adition.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcm.ctnsnet.com
google.partners.tremorhub.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
im.bluevoox.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
links.services.disqus.com
live.primis.tech
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
netdna.bootstrapcdn.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
protected-by.clarium.io
px.adhigh.net
px.ads.linkedin.com
qcx.quantserve.com
r.turn.com
referrer.disqus.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
srv.buysellads.com
ssbsync.smartadserver.com
ssp.pub.network
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.gonet-ads.com
sync.inmobi.com
sync.lunamedia.live
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
tags.crwdcntrl.net
techbullion.com
techbullion.disqus.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tumblr.com
x.bidswitch.net
a.c.appier.net
cdn.districtm.io
cm.g.doubleclick.net
cs.chocolateplatform.com
dmx.districtm.io
id5-sync.com
im.bluevoox.com
pagead2.googlesyndication.com
qcx.quantserve.com
ssp.pub.network
sync.lunamedia.live
sync.srv.stackadapt.com
tg.socdm.com
104.18.26.193
108.128.58.115
124.146.215.44
13.248.245.213
13.32.99.21
134.122.57.34
141.95.98.64
142.250.186.66
143.204.215.101
15.197.193.217
151.101.0.134
151.101.1.44
151.101.129.108
151.101.130.49
151.139.128.10
154.59.122.79
162.159.135.42
162.19.138.116
172.105.213.147
178.250.1.11
178.250.7.11
178.250.7.9
18.194.71.125
18.239.69.131
184.73.203.57
185.255.84.151
185.255.84.153
185.86.138.121
185.86.139.102
185.89.210.46
188.42.105.236
192.0.77.40
193.0.160.131
193.232.148.143
198.47.127.19
199.232.192.134
199.232.196.134
199.232.196.64
2.18.160.23
20.127.253.7
2001:4860:4802:32::36
2001:4860:4802:36::178
2001:678:cb4:bbbb::11
213.155.156.185
216.52.2.39
23.212.88.20
23.215.22.18
23.35.229.251
23.35.237.56
23.48.23.21
2600:1f18:612b:4200:7e1a:af:3ec:b85a
2600:9000:2057:7200:6:8656:f5c0:93a1
2600:9000:211e:da00:1b:5138:8a40:93a1
2600:9000:223c:f400:6:44e3:f8c0:93a1
2600:9000:236e:e00:1a:5235:f980:93a1
2602:803:c003:200::61
2606:4700:10::6816:34ad
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:4400::6812:2b5a
2606:4700::6812:14ce
2606:4700::6812:18ad
2606:4700::6812:acf
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9c
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::4
2a02:2638:d::a
2a02:2638:d::c
2a02:6b8::90
2a02:fa8:8806:12::1400
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3601:bf41:b326:fa86:2937
3.126.78.53
3.127.180.33
3.71.149.231
31.220.27.134
34.111.113.62
34.120.63.153
34.160.152.31
34.253.165.174
34.91.62.186
35.186.193.173
35.190.0.66
35.214.251.203
45.137.176.88
46.228.174.117
50.31.142.223
51.89.9.251
52.19.213.154
52.210.221.60
52.222.253.136
52.28.173.128
52.45.175.185
52.46.130.91
52.71.211.164
52.95.115.196
54.229.130.135
63.35.30.113
64.227.38.224
65.9.66.104
69.166.1.66
69.173.144.139
69.173.144.165
82.145.213.8
85.114.159.93
95.101.148.20
99.86.4.30
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
00cabfcae1880cb0a8be0f5cc35713b4e2f9948c9b8222b5748d166e346ba54a
020d18831e25830f4b8cf3ca08121019861a272cd1fa54b5596380fd1e407d3d
0276a27e67bdbc6bb0c57fe00eb45ddf79382623d4218e3f246b89ba9116b5c9
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
0465797cbea8fd257a30b2de085b4a7a5760590a75a23b224d690c1b2b5e3790
050aca70a65e2937f59c87af8c04cbaff655e65b494bd7eb917503ef669e3af2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b86e7d7d1a3629326cd88f3ba1029cb66412d51c60c3a625d154b113f62cb96
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0ca39afc3ad0989edee2567c8a33f4f15ae4efe0708d08754f8f980b03df888c
0e21fa32c09e488c701473729a0139e0e3cfc7e116ed5f84ae9897443e9d0fc8
1039df1fe932e5dd1ed646406774ecf7c6c1150cc15869f796869ce1d3070f5e
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
17dfdeb0ea6a4edf44cba4f38a953e89af8094d116796ef91157a2a86a459a1a
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a5a8948a4414e40dfedd07b46109983d5950597c2543f45ba8132bb2bc04582
1a8b4a657472c9c097bbb8e8f249f2a756907f1ee81af076765b37cecb9c8352
1ac66e8990482bb31fc1367de1e52a00b66397bcc21167937bae877f2e22fc97
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
2197c95adf29181c7d866ed999a4553157c2c092e0246d2dc5ad17f6a053aede
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
277a4473389decdb1fd907cf9acec8a67f2cf440efaf1729646aacf574f66367
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d81372d24594f6fc20de51c71f80266e35bf19666316ab3de588145fe7bd39c
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a1b5c201ae36a6fcba52ec5b93b3e7234b3a5cd856f38f3a78b0a880639734
356b587371621f9b029bec5b020533020877170a18b2843aef33fb29f89c8638
36112871d4951f2a2e84b8ba14b77e5c536b592817cb8524fcaedb90f3a185a8
362cb3ee451098e7663093e3dc502c715c2c942c5e026387806197a9a815bc35
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3ab8007c277130826b8a87e5b30bd689ee55a199d430c36e2032c9611a538dbe
3c23f58e5c037e4b8b1efc40ff22d331b67606d8eaf34e6ed9203a3fba9a2641
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f29a813007b6b2d62203613920d714f29ede6cd0a4e9154525e33fe79d6de24
3fd9ce2f2c89a736d4f61481037c5052c9a0fa8535a1631425ae55c12ef25c36
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffda7ec650729679454404b90679c0ec7fffc3f3cb0f7d0db349e0e49830918
4078f90bce2f39e044f6637e5ae0e50ec00d09a0bc78ce62aac25791ed9c1023
40ab97f2e45e85d3039abec4772f2976485ef3990ae72efb6ef6fdea3d2ee140
4170ee7e0b7536427ca9854b54544308d9605b0e5c1c2dcdc97c75c8c847364b
422e89f0aebf779b16727ccf9b174ac2f834c850f23d117802622ad16cac2e0f
43b5c9ad80f0a5d1c63568583e9cf6cd5ca8454a680f4ee80d5d63d00b15a360
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f26e74a5392e23175b93e81e7b642e02c20d3ca132207dc7f00abfb7dae2b6d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52d9662e9ffee344f6de6bcf32df38166e79eca053e611287a8610849210529f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55294e8a1b9e20b59ff2f01b6aa2ff7c383deb1c13a3e5c02c660c1894159e51
554b9eaf0e6479e64f2fc97ed935c8cc28af0c19c579aedaeb450027c6e56ca1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c016b568b4d5a6076e0549abf5012b4e0531fef41002405732ac4a1960e690
572e5e4a394913b6c3c000f37295ba6da7f7cadd25e3c70c7552e90b9f99ac58
572ea9d6773dcc68e5a717855c145a7d7e02305f42213c1c75266ddeae26bc8f
57afe1506ced39a9a79049d7c9758d24dcde144e9d09f647f9d521cc4e183746
58fc6bdc8cb09a527be7f71f458b44ad0854267dd4e684d22eecc6384a2a3222
5974d1517b24564f68b51dd609ec1dc9aefdfaa9cb3a535d8a44645390d0f240
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ae46894fe4121c3171e3c06f4bd0f12890aab86bd01de4b5398de3594b8abd8
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f2bc3fa0b469f17402f1b00cc98d398c33e48ed6f5c2b8401f3ab1650805aab
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
6026aabd17061aa51f6cb452cfc226fac56614d17fd12557a1fa4d339a79ea80
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66b5d5369846734a6ab63a032e69d4654476aa3005d20dd45592c987e1c3225f
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68f1d2cdde65c21f09c381329f6f4d33b95384d791b247bc15a9d5a2af02ff89
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6a84d7054c819c126c861adb95ed6086f75ad3e3ee0152e4c751bf023948ec63
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
7258586fbbb29903dd92a49fb3f2e6c9c284fd492fc004ab7f6fd562c4fdeb0e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74360287cb87eb4145a630d23ee115b394f23cf0dc923b0e06388f6b2b5dab29
75c62e82f74bd25345dc7a5f8e4d286a64916d81ef047b956a18b554146a8606
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79bc00b1ba3e228fe806d7ddfc0bd9a9b9eb904701a35d6dc435932c0b17c1e3
7b054b6caaa04c7df71ffae166ad1ceebc5fa627be271758cf29983fcdb3690f
7b9f76f6d8e9a83e258a2b2ae5f565da4d3ce3a27985bcfcfed9a20c47582def
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7ca7fc746afb39a9a7979bbea3bc4d986129775455da770c59261ed70f5cf37d
7cbf21b170320c61a57de956dd34f3c5954d84438503be2d6320f3e5da29dbbe
7d20f5c7fdbf2ea9dac76dc517c54e364da2c490df30dd4bb7bdae03a4e20861
7d25ee292ba73286f97145a7b654c5d245f8be56eaaab9e658c9d970294eae8b
7f09fffccbd5d13734ddd63f6a1acdbd83e47c3a45be7fe077fd2b1228a4c308
7ffddbdb0a569a6f24246ee87eb53a162d14851e8d8c01fdef0e84d1514879d7
80fa756dda143f69fb3ce750e905cc8188150dc4c6b7539bf3627fe26530b405
82b4d48df13e2eb43b350e6dc8d28911830a26f76a0beeab1f5a4e36ab449d09
83c799eafba373f1838ed53cf0bb4054839898f6d78667dc7ec262270d9d9719
84668247ec45d9e497720cf6a3c7a8ae586cdecc4e1f6802540dbce06728c349
86460bd9c65b4943cf599a0902eb884fd2e0e292124748a45456978c82eb8c98
86491d6886c4488c5638c81b628e733cbe7856fe8f698df6f6696971dba01bdd
86cb0c1f606f2215e998f367c31ad7af03b9da596088f255234388eeaf9d525e
8899aad3ca8863fd7d1a05a6d202e17053ad6f7ffe21a3d51d8f74150a9ff4b4
891a83477c74c132663fc1f9920e3f00e9c598eef36eb1b2c8a346c0410e4da8
89f4aac083fe2a30f16958e9d4562bfa79a60d6633ad409855dc3a202c15adcf
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af03da3d2ccb4f9f8a6f3045386bd65da002ebf0acc2b86daf395b27c7ebe38
8bfbc95bdd083716d0c5cca5b321daed55ec265bb7fba5626f90e25861f116e7
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de32782bfd8b1ad61b16c850632125163ef02de00c3f4e4a3d344999135f9df
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f5a73ea1fc268944012af813fbf4c65a9a6aa0f06de1e08367d73f4f1e5e2dc
8f5f96085cdb219d9f24011065877695e4383632e785d9731b7fa058c912538c
911acfe37ae454190591b0875359afa9512b9020ef7266725f34d3a14b1fe832
914fdf835aff2989f08ff17bcfb4a97c167d7610d328a481bc44d38ead03dc3d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
931dd593eed393a3d9a2f444e0606fe082a3674f2bd15b8b9e6b83b6a3b05349
98ad8de99faa1cf51663343960bec6a908041e3a7ab9b39d7f5e57a76f24e88b
990b3d25ea8194fca5f40fb7352f9622d2dae8f82dace6c369a654feb6f95c55
9a48e41cfe564edd7c83c30254191c62c55acb252b7018d2f9f6e8fb57920cae
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b9161daed700c08caf84ea8a485a1947d2f4393c36239cfcfd1e48a4aad6839
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b66cc384e826890c38a3ed76122f023b568aac4089db040921e0f3defc7119
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a54297f97c184218dafa90bdc1a288f41e00985886335833e4401c53649c3b0b
a54c886bb5efc68c64107d63f8d9448414a6317f625b92252933f0e5b0fb8004
a611b40a0cb9fdb3a5d195884b04df502375dd5ff757e9a718749b9448e2e72e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a8be64f62b179a7688220a48ae541aeff0ac8084e73ef488207e8226f0e52b14
aaf1a2e3b72b0a364e1884ea8fd1c7b4502acee959ae940e218acfbd7365f941
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
af5a9628858b383c6257068c476c25b5a8a6421b686a349a828c47f526e7f877
af694f595724a81a7c863ec1fbf157eb7eee4523a10eacd7dfc3bd0341dca39e
b0cb7d4b3cef95429a64326761eecf513b476adfb30ee40b0ee7712497e4e65a
b2024840f268b401c4d049158d59a09d2fef114b4ac3afb501796fb032068b98
b3b8af4aabef05c10b1a9deb067e632c5df7b90e04817ca7a44719b4806f0658
b4c6d453f6e6ebc355e7f067b02166b8135381bbc49300f5a5c375886ebef956
b5987b0f98b48b628cabea0df7047066efe28d186467c87c416e0aaa9ad678fb
b84b2674999e681b8a7670954141d72790595c47a305397c5b2d7dfd8681b6f3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb5a014d956d959c357f798c152473bc1468b45f9a9d07fef88f0de73956df99
bfe9b0c81b360f6235931630ab559b1a9912fbd8874e5df4e16866ecf5557d33
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c48706dfa0da7088c6e78a314e6dd327fe5389bbc46772cae4c83266d2be2ee5
c4f2299b7202a1826f2ef1266c5ca4b5564a2f92d7d37badd13d3639c3656aad
c541b2381767e1dace36ff6eff314d5e9da24767421a24b95779ec24985c3027
c818a83f204ae99d61236abde23e8c1965cd017b043b7c4227c7928b85509c1a
c839abe488fd0f1bad77fdf38dcf96497232184df294a5d17a8581244d3fc8cc
c9c071e4cf91a79908dfd3c18f09795b8aaa9a890635296b4a9fb5962da9f620
cd4ea0c51ab60a7a520269e7634dfd43ca5bd23b589305247926d188514a7c43
ceaf148b8332b81c551c93aa9124cbdbbbd6192fbb9bfe8dab8501547b35083e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff04aa99c9cdeeea14619c64b397d416825fe6cb1408d7cc34288e59ce88406
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d249a18a1a3c28215f017d9249038b6bdd75bc24c3a70fe827a1be154f2a4a79
d2b79f758ec0b990a6aa1c91605729c138d22b97916a6a399ceaa3174d19cef1
d2efbdfe0c58a80934f5109a119162e731a8aa61f022f548571076478cc4d23b
d61cc26f4706b0fbbe06f96944796ffd339d3e9d5cf31776dcfb6c2111983a72
d6ef36627b1c7ea1478b870bc3a9f517a7972fea9f4a7c8783b01c4edfd6d2b5
d91e9d886683d0b738455179f4e0fc544a1fc5f94982073e4c7ad9a2a5497c74
d9221b4469c6a7024a5720a843feb67f5d32ce16ec0e44818119924fe2d9f985
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e19febe27f4f993ae864356ad7e39be1f85b880e012aad6ec4ae63d1700fb3de
e2361280886b49d0e746b35fcdc69926b05e77746655fb768ac57d23b14e8097
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2f961f2a0af7d2ea8fa06b2db32c119f86b236d89ad3e4910c4894d1b9783
e652fe30151551709a9a1b69bd9d2cc5cf5f4d95b6ea11a6092d5704c8af8220
e7d609c4c97aef22e56b7071bcb067671629fa1d5f8906182c26feceea13bb58
e9d4c5cd0873c980789e49c0fb57805521da15cf3aebb56b193b501990f302e2
eadd87a517274d979534b492b1e8966d7a8f84c1b4609f4290983850c5b569f1
ec73e6d6a77b63678ed6a979518e8582ce0c613abd787cb1edabd7034e66778c
ee64b48a4adc34c93f7e98197baa722c303f42fd8344a8c50c59b6727d35c546
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d
f1f23442cb0d0b379c268616680ac233f500fa49c4eeb0602ac4a725648fe46f
f3a82bbda9976a0f7fd499cd71b41b78b86fb3c50e11ef3a5dc159033a3111bb
f429e4aab97e19545d83726b6764c3b73a95438be05747a26be856513b1d157a
f4bb6c152c06cdb9be9ea4e80e4862f3feea51ba5d7121de4295320d232d44f1
f4beaaff0b17616867738a381039ce7aa505fde1567d5755ec61c3786ebfd51e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
f9278a929392efc957d7c1f7646d15d4c84e47ac26f7ec3d78116716bf16bf2b
f9d24aa41ff06c90fa4f1336454e99e599bebcf0193994db66f8a4a18aabc133
fa2795f4f555f9f778d64da70be98eeb0a564f77b66ca4504ba58f4259adc163
fb5f5da8ea50ff67cf96a43bb65bc0ee3306637e91766f2461366afb811707dc
fdfef2dbe5671f5902cf580a72847b80e37eda9a38c7a92e0b961b4f07581943
fecf49b4b8b25a8e342fcf6cc8307912d26430c418dd096f7b50c6084e73f4bd