bloxcms.com.siteindices.com Open in urlscan Pro
104.237.149.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bloxcms.com.siteindices.com/
Effective URL:
https://bloxcms.com.siteindices.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On August 17 via api (August 17th 2023, 2:57:15 pm UTC) from DE — Scanned from DE

Summary HTTP 208 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 17 domains to perform 208 HTTP transactions. The main IP is 104.237.149.142, located in Cedar Knolls, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is bloxcms.com.siteindices.com.
TLS certificate: Issued by R3 on August 6th 2023. Valid for: 3 months.

This is the only time bloxcms.com.siteindices.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	104.237.149.142 104.237.149.142	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3 21	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
37	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
31	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
25	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	35.181.77.138 35.181.77.138	16509 (AMAZON-02) (AMAZON-02)
1 1	35.181.29.184 35.181.29.184	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1 2	54.77.221.160 54.77.221.160	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:d200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f13:800... 2600:1f13:800:7780:c67c:ace0:7a0d:3866	() ()
208	30

3 104.237.149.142 (Cedar Knolls, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li879-142.members.linode.com

bloxcms.com.siteindices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.siteindices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.181.77.138 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com

cs.mytheresa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.181.29.184 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-29-184.eu-west-3.compute.amazonaws.com

mix-phoenix.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.221.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-221-160.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:d200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7780:c67c:ace0:7a0d:3866 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	criteo.net static.criteo.net — Cisco Umbrella Rank: 710 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9104 csm.eu.criteo.net — Cisco Umbrella Rank: 8684	478 KB
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	647 KB
24	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 ad.doubleclick.net — Cisco Umbrella Rank: 187 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371	241 KB
12	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8578 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10115 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15501	142 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	534 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1105 static.adsafeprotected.com — Cisco Umbrella Rank: 751 dt.adsafeprotected.com	101 KB
8	gstatic.com t3.gstatic.com www.gstatic.com fonts.gstatic.com	78 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	607 B
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	221 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	76 KB
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3	1018 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62 region1.google-analytics.com — Cisco Umbrella Rank: 2102	21 KB
3	siteindices.com 1 redirects bloxcms.com.siteindices.com www.siteindices.com	12 KB
2	mytheresa.com 1 redirects cs.mytheresa.com — Cisco Umbrella Rank: 82701	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	134 KB
1	commander1.com 1 redirects mix-phoenix.commander1.com — Cisco Umbrella Rank: 207896	1 KB
208	17

	Domain	Requested by
37	tpc.googlesyndication.com	googleads.g.doubleclick.net bloxcms.com.siteindices.com ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
31	static.criteo.net	ads.eu.criteo.com
25	imageproxy.eu.criteo.net	ads.eu.criteo.com
21	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net bloxcms.com.siteindices.com
17	pagead2.googlesyndication.com	bloxcms.com.siteindices.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com ad.doubleclick.net tpc.googlesyndication.com
11	www.googletagservices.com	googleads.g.doubleclick.net bloxcms.com.siteindices.com ads.eu.criteo.com www.googletagservices.com s0.2mdn.net
6	dt.adsafeprotected.com	ad.doubleclick.net
6	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net
6	www.googleadservices.com	bloxcms.com.siteindices.com
6	csm.eu.criteo.net	ads.eu.criteo.com
6	cdnjs.cloudflare.com	bloxcms.com.siteindices.com ads.eu.criteo.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net bloxcms.com.siteindices.com
4	cat.fr3.eu.criteo.com	ads.eu.criteo.com
4	ads.eu.criteo.com	googleads.g.doubleclick.net bloxcms.com.siteindices.com
4	www.google.com	3 redirects tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	static.adsafeprotected.com	ad.doubleclick.net
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	fw.adsafeprotected.com	1 redirects ad.doubleclick.net
2	cs.mytheresa.com	1 redirects ads.eu.criteo.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	bloxcms.com.siteindices.com www.googletagmanager.com
2	bloxcms.com.siteindices.com	1 redirects
1	ad.doubleclick.net	www.googletagservices.com
1	mix-phoenix.commander1.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	t3.gstatic.com	bloxcms.com.siteindices.com
1	www.siteindices.com	bloxcms.com.siteindices.com
208	31

This site contains links to these domains. Also see Links.

Domain
www.siteindices.com
blueknot.biz.siteindices.com
blackhatteam.com.siteindices.com
blur.by.siteindices.com
binayakcollege.org.siteindices.com
boiseutv.com.siteindices.com
bodysport.hu.siteindices.com
bonsaipots.com.br.siteindices.com
booksophile.com.siteindices.com
bm-medical.com.siteindices.com
boyynlfxooo.ws.siteindices.com
abuisrafil.blogspot.com.siteindices.com
aclah.com.siteindices.com

Subject Issuer	Validity	Valid
*.ae.siteindices.com R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.siteindices.com R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://bloxcms.com.siteindices.com/
Frame ID: 11E44BAFACEF6280DA921CA739B07F41
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/zrt_lookup.html
Frame ID: 97BFBFB95914B45D61A614BE786D7707
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=4096391363&adk=801452986&adf=683863926&pi=t.ma~as.4096391363&w=1110&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=1110x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230768&bpp=4&bdt=354&idt=247&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4283636873857&frm=20&pv=2&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=rkRkOwC20I&p=https%3A//bloxcms.com.siteindices.com&dtd=265
Frame ID: 48D063DDD219110B74B5E24431C48948
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=9205247819&adk=196439105&adf=2665882539&pi=t.ma~as.9205247819&w=350&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=350x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230773&bpp=1&bdt=358&idt=271&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zxznrfKaju&p=https%3A//bloxcms.com.siteindices.com&dtd=274
Frame ID: 4BB8A2064634E45B0A89266F67390784
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=1496813024&adk=1673820887&adf=2518690131&pi=t.ma~as.1496813024&w=730&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=730x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230774&bpp=1&bdt=359&idt=275&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=y7LuP431tM&p=https%3A//bloxcms.com.siteindices.com&dtd=278
Frame ID: ED9BF15346B94716515DC8AEA03E9664
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=8923683389&adk=2722634783&adf=1706824535&pi=t.ma~as.8923683389&w=1110&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=1110x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230775&bpp=1&bdt=360&idt=279&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280%2C730x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XnIdhNqp7M&p=https%3A//bloxcms.com.siteindices.com&dtd=284
Frame ID: 5D4BFA71FCB2F13555A456BE2F494E96
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&adk=1812271804&adf=3025194257&lmt=1692277031&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230789&bpp=1&bdt=374&idt=275&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280%2C730x280%2C1110x280&nras=1&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=288
Frame ID: 8F19DF70AEE8A615270DDB8D41D0F278
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwABWF4IFWC6AARqKSh51cGhWIAIRM1hkA&u=%7C7%2BaFQqKs8tcDI9VunIEbD4LEEQ3YwSSNTjugX6Dvi%2B0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC8675qickulgVVUvuR0wRCGjdiN6YhcBjpXN-LBmo6VOTygYZE4IPYBfTUqmrt_9qzywooVW6S66zXq7ObWrneV52XDHHLpZQXmTxZf2O17d6dKmOK-SYOiKAcjcX_kGbpb_lTjyMUNceP1ahO_C08UvxDZpqD8yO3Cb0IxGgoOgxH92RyMYWHGFc2EAdJ3w7CwNXLUKXiKrdcOXsb7TH9P0XEUmMKPdzAO2ub8dgqGsmGDBlVmfKRft6U312PAS4_hImqglaliw61NlfzIwsyABNIdld1Ef677cePZbqg06VRwpIO45pkyKWAX7lqiOs5Lgpy79vjEvTNglD9d3UEY-iSbS5qUPmaEhKE9KfmP7YQ2p3RIWOIx8u9diiM63QTwpQ6D_Of3d3d0bYZ-5b-RCAgTcXAlYrmszhF_Kg_DY5FYqtiRVrDtAqK12wXgNtwlnuD2nQ1EUPVI-rcPizp0JWj1SMdU-XQBd9_jZt6P0XTZXX-WHOrHZqjFOpE69rG0RnEWQiQ4iXiAsosrApvZ2jRkiJqJxSP31mvGeR-vw54U-j_GbwtznlMbj55fOFTZgJfSVs6K5Sr8VOC80gm6YtbM7mbifo37g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPZGlRzXeZN6wBbrB1fAPqdSR-ALJntKxXM2jlvdwwI23ARABIABglYr7gZQHggEXY2EtcHViLTU2OTQ1NDE0NDg2MTIzNjTIAQmpArMX2jC6PrI-qAMByAMCqgTcAU_Q3cfvu3PPR21HdEHATIrWxFbzafRQdjrYjkcLNE_LVibEFknE0tH_taLV7fJYlLUcm07iAkBp-VkTtmZg8gbKTO82qefrYdqS1wVex9Phbuhz72TNOFSDqySOpO9VM5Hi_Pvr2Vos7GXXZ4VTVx9PkTNmXO505wOEq4XS80Id5zwj0hBopaPcPamN6ESCfQ128EhsFRxchyowN9JIfFyGBpsW1mAJCrnfDjqhTTMWS3k2ozOS75yZwP643XCewLHnSzN2EUUdMz-VPl8uJiOsspanVz4F-eBXCiCABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08_5IYF6s9CknqKRA3MrOTz468jw%26client%3Dca-pub-5694541448612364%26adurl%3D
Frame ID: 5BCFF7AF6AE62D235292137B0E29C9EC
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FC24358D7A2896C67EF242E7B1F809BC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 1AB1B829601516B1032200D05B8ACF6E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: FF35CF65290944BACEF61E41D8CA7B17
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: E66F75337412CF86E3716AD19B43F892
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Frame ID: FFBAD6EA2288DE2DCDED29483F500797
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Frame ID: C6957CF26AFF4D5D25168A40CA97F745
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5F2A00EFA958CFEC0ECC112EC629EFE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Frame ID: F803C4604CB944B1F8BFC25CAD6E025D
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwAC278KZMQKAAauzw7Q_UcU-VTJAhZEDA&u=%7C7%2BaFQqKs8tdQwp9CLWatR925YuIW8sbEwSNW3N4sFHM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zqoFRbdbBSO3OM6z06R2-kRSJ3i32krVnZ3yISmzlw5DIks9JlNkoxl-34WWhAlR1Vk1v_4WSTb5acS8ihb_iP_qXLEZGrUG9ChOwZgK3tbN393PxVXguXRrE4t58GzgdK9gG8c59JKdD1PebUBV7oq9mPG4KoIxZpvB19EM9t0dPb8_QVOUr48RGvvZNvLxgXxihtnVDEK1SK0nEYiLvHEMXYsnxMrBMyXiiGV2hwCGwFdftcVKgB2QOEH4s98T1aTFqK-o6UZdflGsO9vhFbiwdpmTQ-C5jEXcj8FHjT13VAsUhkGKHPM2jEOzMVegdmOpmeM6RgANEv8elTtNdxPd1XrCdqTzyauGBUeUiAQU0zdUU85OlYrZHzaK7K9XRR-WN8XQBOWAZPIRbWzLo55_galEOTS6JWLEHJ0UizdZZxgDx1DDWH7wbCIxL5oWxeXgIjxS4wAhp8xVmaK4QAzm6glY3a2gwUOIJtHZ9xgGCoENVCJEUqdiUOzSbBHSvzfffx-PnoUTNOZ14fCZp_HrJBzVziu8nhy2hT2R0tUXVjgvxqp2AuyQnDINp9xUvrnksuY6MVmigFeVFk9wz4Ou603ValN00A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC53QQRzXeZL-3C4qIkwPP3ZqQAcme0rFc1Z2R93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNcBT9DTuOBuQt3U6a54qDO94EqBUZVe5z2DUF6Ffx4lLsn8eszDHR1W5kCdOrN65P32EkLD93lg0PZVi1NGOKmiBnUBRq7Ld-CeeHjt4cVj0colSbGkOWiSubt5xDKqGCdv2B0VK9Urkh4cLuBS7_QHdRIhzhOducyTkf0rKSngYK0uuON51btjLNBabkmR7osm1wVIUB8U7-7fRIveiFmfDSmdZbOutJ7xDEiVXTUyxDOy6h0XEJlaFIhrOPwhyl62DVo3RWj12jII5VtiuCTxpOOZxYVQjCyABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3fAP8UB-iTleerEn24EEQbtAEBuw%26client%3Dca-pub-5694541448612364%26adurl%3D
Frame ID: BC4D4648B58F32B57905629B799FA91D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Frame ID: A37D38A8BD94D0890C69E5B6F137B311
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwAC28AKZMQKAAauz4224tgmmn_MIdULrw&u=%7C7%2BaFQqKs8teklObD5f%2FZ0WUgM5e0JhrdEbcowGSnJao%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zqoFRbdbBSO3OM6z06R2-kQT9A-8G0bPvW8ec5z41NX0uamqb_nuWkQD-qPGEXgrPZLDFl9EVvRNWuIT3m7Au1bpme9qBDOtY2H0ewQ7y03i1BkpG7PMR8zA6Cumts5MjPCzQXSncJesip-x62C-vTVw-LfBGLTHRIZmTFpnO2N57v4g7Fy3dmXDn4IbrBgPlko6pKLLn_1FuRmzyrQDf6EAKEYra43X-z_MHj1wsLw365SuoAalth7DYrIxYaE701AHNe-sDI17pLk2yK84-_eOb2pZZFM6wsaPEMVjn2IbJxg9MF-kFI-DXui5w3_ARbedlwcb8hCBFtkPSOG0Eky6m5qUg5LNro4VMr4FyB28roH22BeuPJACPGkWH1BRYtJqezcEzQB2Cj5RYnEkxYM4mpxblKvKVPCOlAkGADF-bzeatmX3RJWF9Q814Dn25wMUf3aXs9vKGdNi9Wg_ymO0c8Kw9O9TqaJfINn38CgnqdhZfZyDJVTyeXEJty5cIgz3rI0lSWGVo0J9UidzaMFid5vh3K3set4yWJ6-txQSvX4PrOxyTX1EGsN81wOUZP9gGCzY6J5rExsYSVl2ilwMNewQqoIfaw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXJwQRzXeZMC3C4qIkwPP3ZqQAcme0rFc1Z2R93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNYBT9DUs0uQ_vHmWgZHD_1Y9_S3-MZyDidXDmn_o_2WATdzfaJDNXUL5bW0ePb0sawOjXy9P2jsnfPPjOomdv-uHqjyDpWLRj4KdjwLy2aRP2is7GmW1fzKj3501OEqmP23fEZc9Yc0iJ3_jMtCtMv3SVfJrG7ub5yo4L-aA1Kzxz-ezyFK2E3wH9ivzTo08DfkJ1sEwIwvi68UutPnv5lL5NlTVDNsf4NeGS-tmtBl_gL5XkpLD9G6aWixf9Ic278CVrvJJV0MK7j15K0-Jc2hUEHsc7n_O4AGkLLhoJTl4I20AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2VTzziOCVYxdUAFd3xRvA5iSA16w%26client%3Dca-pub-5694541448612364%26adurl%3D
Frame ID: A06A4433CE97509537778EE1C89CB1E4
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Frame ID: AB635E274A1008F4A313596DD2BC0E93
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwAC28EKZMQKAAauz11XQAx33lx5qLrdsA&u=%7C7%2BaFQqKs8td10RbT5MKByp%2Fzm0zc0tBkpGqf5k757IE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC8675qickulgVVz0EbnrSseZbrBPZVAOP2O40pZaoC5dtDTdupMfIVxYqv9-6-FRFHveH8UvhzB3PA8ss4fhRVzG5H28AQP9hZCTdHUCnYBOLX1jRPrFYuYoZRKwvAXehM5FDsPfdNLuQQH2wuDOQIKSFk7sZ3NqZnP8tBFY3rMxuCkHhtukFAXaMIJOr8g3dBYrVP6o2NYMwIEoF7iAyl7fTtK7A-8Um3Xknhs_1P8p5TuashgJnR9GU5hb4LbmURWaVfSOkchaBpQpRf21rN3Kns_09sZtbxGZmZDvh0wsPw3EdpNJTYWPCDC_6ujfb4vlwInyeYu5d57uygK25kMTiWW0VkjfkANdcJQPE9nlzvDAmgT_7RKbhO4Ak1IS5B2Aier7dhvna68G9_TyAIAYFC8C2d1XhcEhhNK4JXb3iFlp_vrre2WH8J9J_qGPYgaNhQSgYt4Z_SQe28jeFRpPmAwALJgD2OZKtGXt6UKTAqwcrKU4Vaf3VhSpSeJnzw7_ljYWuuYlqtaN_HdXkOXn0mTkq8Q3Nfnfcou3HJcGaKlF-hhp7VBgrrATyRZj4_Es9-pQT1uJxjGGEyxKp_Q36EcLP6V3V3Rg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5GdjRzXeZMG3C4qIkwPP3ZqQAcme0rFczaOW93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNcBT9A1PsL-u90d-kxXAsNKhGhlMi8ZmfPmHPXmuHZ0JJa8rmaaFu6duMPcgAurLVSQWvihpQ0n6OGLLY0lqealRLVQW0wAGtHtPj0nP2F8fG6xbSDxZiTLG4OGfDwV64maaqRpBjts9VqNHBHQVDMTOsj3Q_DLzYYC5I51QWX939vH-niTWwRbBVruQYFBS2u7tG9NgqHkgALXqa1nHoTrn7hEYGuTDksocgarmdwy-VdY4WdvV-uHGlUpirr4NUhg_rpAXvGKQ70Ams1E-2l5YaZnEXkULwGABvO4lOTL-s-H-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_27b_bglfGmNwY9qvOF5i_iIDButQ%26client%3Dca-pub-5694541448612364%26adurl%3D
Frame ID: E5B60A5317168E8DCFF60AC8D0C52AE7
Requests: 33 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 179E1EED9178EED1F2D5A93190815F5A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A0523C0EF970EE3207E1A44EF14DE28F
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s
Frame ID: 4C9D4CEE2CE00CD3C84AD449F053ED1B
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 605EFBDDB47882DA8FB7CAE73F490578
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8FFDDB7CEED74877BADA4DC83CBB31C8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index.html?ev=01_250
Frame ID: 2C2B31D5FE3146C365F3CCFBEE72BDCF
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0FBA539B6D4BD3456B6E8774B1E277E6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 50C26373031611A9679C771303DF7585
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C7DDAFE24076AAAEB5287DB147D56E5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bloxcms / Integrated Content Management System CMS for media | bloxdigital.com

Page URL History Show full URLs

http://bloxcms.com.siteindices.com/ HTTP 301
https://bloxcms.com.siteindices.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

208
Requests

97 %
HTTPS

73 %
IPv6

17
Domains

31
Subdomains

30
IPs

4
Countries

2689 kB
Transfer

6820 kB
Size

18
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.siteindices.com/

Search URL Search Domain Scan URL

URL: https://www.siteindices.com/explore
Title: Explore

Search URL Search Domain Scan URL

URL: https://www.siteindices.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://blueknot.biz.siteindices.com/
Title: blueknot.biz

Search URL Search Domain Scan URL

URL: https://blackhatteam.com.siteindices.com/
Title: blackhatteam.com

Search URL Search Domain Scan URL

URL: https://blur.by.siteindices.com/
Title: blur.by

Search URL Search Domain Scan URL

URL: https://binayakcollege.org.siteindices.com/
Title: binayakcollege.org

Search URL Search Domain Scan URL

URL: https://boiseutv.com.siteindices.com/
Title: boiseutv.com

Search URL Search Domain Scan URL

URL: https://bodysport.hu.siteindices.com/
Title: bodysport.hu

Search URL Search Domain Scan URL

URL: https://bonsaipots.com.br.siteindices.com/
Title: bonsaipots.com.br

Search URL Search Domain Scan URL

URL: https://booksophile.com.siteindices.com/
Title: booksophile.com

Search URL Search Domain Scan URL

URL: https://bm-medical.com.siteindices.com/
Title: bm-medical.com

Search URL Search Domain Scan URL

URL: https://boyynlfxooo.ws.siteindices.com/
Title: boyynlfxooo.ws

Search URL Search Domain Scan URL

URL: https://abuisrafil.blogspot.com.siteindices.com/
Title: abuisrafil.blogspot.com

Search URL Search Domain Scan URL

URL: https://aclah.com.siteindices.com/
Title: aclah.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bloxcms.com.siteindices.com/ HTTP 301
https://bloxcms.com.siteindices.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.google.com/s2/favicons?domain_url=http://bloxcms.com HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16

Request Chain 33

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 54

https://googleads.g.doubleclick.net/pagead/adview?ai=C54XjRzXeZITcBdPK1fAPvrGekAnt3NyfbtmCtbeAEt_jrJuPDhABIODF2ntglYr7gZQHoAGr0ezcAcgBAqgDAcgDyQSqBPMBT9Cy1LvZPwlFWG4UlCZKx3TBtGIQdH72NRVgB4aQGHuOCxoNwdSTmfrfpms5NuPDPACQUrDN1Gq6DiTySy7avh0g1S3Cy1Wrv7Wu1r5bGkFNuHCdgo0T00szP3tepph1DOY0ewA7emrK3sZJFwAAU1hDmCtB8HMfxaYMFelIOzm8xTCgx9fbHo7v_6x5g-dyOUtfzhZxkAooTDaK9rvCDvVvZb9nk7xtrpexACa8ci5EnsTmtdRIwzQqH9vJJbkMd6K9so1nyuJY0lCDMOQR3Sh1qewgIqG-T0iGxK_BfALhKXBWzuKtPDMx_gTgLCp-BuExwAT1vYjShgSSBQQIBBgBkgUECAUYBKAGAoAHva6TowKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDAoQLSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgmzAWh0dHBzOi8vZml0LWNvYWNoLmlvLz9icmFuY2gtbmFtZT1nb29nbGUmdGVzdC1uYW1lPWdvOWFuYiZnZW5kZXI9bWFsZSZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZjYW1wYWlnbl9pZD0xNzkzNzkzNDA3NiZhZGdyb3VwX2lkPTEzOTIyMTY3MTY2OSZhZF9pZD02NjgxOTYxMjYzOTcmdXRtX3Rlcm09gAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTU2OTQ1NDE0NDg2MTIzNjQYAA&sigh=rb8hmHpAPQM&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWE7-pw0oP70dxnC303sgGaBhcBLGFkBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211157486579163808404%22,%22debug_reporting%22:true,%22destination%22:%22https://fit-coach.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22463153323%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22849203970116373553%22}&andc=true

Request Chain 68

https://googleads.g.doubleclick.net/pagead/adview?ai=CSEu3RzXeZN-DBbas1fAPg6qhgAKppqfOb--z1ujSEbCjgOyQAhABIODF2ntglYr7gZQHoAHlx5WXKMgBAakCsxfaMLo-sj6oAwHIA8sEqgTzAU_Q91bbr8mIpHjNFhL1kVH5auWeh-l7LELcW-qxS2G9TNWSc_hpVgL_I7suEeFUkX--XbmQ80I2iNw5j4ddLWayc7uQXiRNY5cBQdlHZL_HldnSsdrQ50U_dJceMfoKbUkSZ-I9ddXoNAaInp0GS3DB9bC6hoo63GkUlIYE1kjl6Bu_sk63tgReezbHfsNdJD3GktzhgHBy1EMv-EIss242yYDLJKF_fYAegFISANWN3dYqYewYmh-Fo_1kt2z3_s5Lf7nZzf-92SK0j_nzg-FYxLK4xQqNQo5X76tpKpUwV50b_p86us-C1z6H7aeYu799ecAEndq3kZgEkgUECAQYAZIFBAgFGASgBgKAB-X_5fYCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQobYV0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJHGh0dHBzOi8vd3d3LmE3LXJlaW5pZ3VuZy5kZS-ACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNTY5NDU0MTQ0ODYxMjM2NBgA&sigh=pANJA4tk1M0&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWDvdHNf5jRtpyMkE8x-1YaaDeEXHQvRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217557734193749192793%22,%22debug_reporting%22:true,%22destination%22:%22https://a7-reinigung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210786005989%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22514147376806358769%22}&andc=true

Request Chain 84

https://googleads.g.doubleclick.net/pagead/adview?ai=CO3SrRzXeZOKdBM3H1fAP8bWioAG00J7zcej575SqC9nZHhABIODF2ntglYr7gZQHoAG91LLMA8gBCakCaqMdG0lCsj6oAwHIA8sEqgTmAU_QLl8HaluWCvy9pH4EO5PoVwrZYPInXUOxMZZYctd9BVgY9Sorzi0bzgs238FNlfnh7ByEJ4e3m3vXp5l6PAs2L8zguoJkHoF0osm0kYl0YPdlwDFrQgQb2R4WglEPye16cr3XU7ZxssRxu8lJJFXoivE81-6Zk9NjXoQaR8bLJGZThfoH2lqWbBLy3Y3O936-GxseHHkHPVh3LvXj0soL0XPtM-yYmoEPu4r4Xt0VZYDmZ55FXaUPjCCt7xkWCAKHcb8Pn9XCERbUS_ygDSQ0RCHEkeIQaXxhq1lBG3K9dFWxdQdKwASGmpXI5gKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHq6vNM6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMWAY9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCWdodHRwczovL3d3dy5zd3lkby5jb20_dXRtX2NhbXBhaWduPTg4NDQ2MzYzODImdXRtX3NvdXJjZT1HQURTJnV0bV90ZXJtPSZ1dG1fY29udGVudD0mdXRtX21lZGl1bT17Z2NsaWR9gAoByAsBuBPkA9gTDIgUCNAVAYAXAbIXHAoaCAASFHB1Yi01Njk0NTQxNDQ4NjEyMzY0GAA&sigh=LI9oCWZtAbo&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWve9NTjMBSS_ZoUnjLdktY3EYitqVYhgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225043517543191359872%22,%22debug_reporting%22:true,%22destination%22:%22https://swydo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22965519933%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225905501498615526433%22}&andc=true

Request Chain 137

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=64de354834dac5184e8a6191ac40066d&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent= HTTP 307
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=64de354834dac5184e8a6191ac40066d&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent= HTTP 307
https://cs.mytheresa.com/mix/v3/?tc_id=2023081716571311772951878&tcs=3504&rand=64de354834dac5184e8a6191ac40066d&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 192

https://fw.adsafeprotected.com/rfw/st/1579743/72912805/4.js?adContainerId=brand_safety_STXeZOumJPC39u8Pr-e0gA8&cbFunctionName=goog_wrapCb_STXeZOumJPC39u8Pr-e0gA8&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbloxcms.com.siteindices.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fads.eu.criteo.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fad.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN778265.154378CRITEO2%2FB30257563.372627018%3Bdc_ver%3D96.284%3Bsz%3D160x600%3Bu_sd%3D1%3Bgdpr%3D1%3Bdc_adk%3D3157791334%3Bord%3Da85am3%3Bclick2%3Dhttps%253A%252F%252Fcat.fr3.eu.criteo.com%252Fdelivery%252Fck.php%253Fcppv%253D3%2526cpp%253D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%2526maxdest%253D%3Buach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%3Bdc_rfl%3D3%2Chttps%253A%252F%252Fbloxcms.com.siteindices.com%242%2C%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252F%240%3Bxdt%3D1%3Bcrlt%3Dqlb4B71twn%3Bgcsr%3Dm%3Bstc%3D1%3Bchaa%3D1%3Bsttr%3D132%3Bprcl%3Ds&adsafe_type=d&adsafe_jsinfo=,id:a7403ae9-76e9-dbe1-3f5b-33bfa79b8522,c:lz2P4s,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d74fbcfb-979kj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:6,mot:0,app:0,maw:0,fm:tNcEbwQ+11%7C121%7C131%7C141%7C151%7C152%7C16%7C1711%7C1712%7C1811%7C19111*.1579743-72912805%7C191111%7C191112%7C1a1,idMap:19111*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:33,oid:59cdf3a4-3d0e-11ee-9237-563fd5ba3cb6,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_STXeZOumJPC39u8Pr-e0gA8&cbFunctionName=goog_wrapCb_STXeZOumJPC39u8Pr-e0gA8&true_pb=

208 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request / Show response
bloxcms.com.siteindices.com/
Redirect Chain

http://bloxcms.com.siteindices.com/
https://bloxcms.com.siteindices.com/

27 KB
7 KB

325ms
107ms

Document
text/html

104.237.149.142
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxcms.com.siteindices.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.237.149.142 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li879-142.members.linode.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61f82c95cceaabdc0a14e4fc5e09aa3e354a56ca419d3d27c2ebfb14ee1ad0b2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 17 Aug 2023 14:57:10 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Thu, 17 Aug 2023 14:57:09 GMT
Location: https://bloxcms.com.siteindices.com/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/ 152 KB
17 KB 74ms
28ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloxcms.com.siteindices.com/
Origin: https://bloxcms.com.siteindices.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 763878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17147
last-modified: Thu, 22 Jun 2023 11:21:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942eb0-42fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=en0bt5xtuuj03BYyGtP3kwicojXqPfbvRLLa%2Bi0X7sKjd1hKBmk0v5Ya0EmtMR1tkYQKVIIW%2F7cOwulFGiBX1ExkshwL2lLGnwQUIoCYkonKkdiWbiEcEfmdh%2Bvnm9JDfT1G7V06TrLio7whzlmMlwu4"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f82c4987ed2bb44-FRA
expires: Tue, 06 Aug 2024 14:57:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 85ms
33ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162020576-1

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac1b93ff14c79f093300dc688b66c154f0718cb0898c4e23c7415ec449791daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49451
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 17 Aug 2023 14:57:10 GMT

GET
H/1.1 200 logo.png
www.siteindices.com/ 5 KB
5 KB 330ms
104ms Image
image/png 104.237.149.142
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.siteindices.com/logo.png
Requested by: Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.237.149.142 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li879-142.members.linode.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0d3f12e73ccf13616cee5b3049d7d4e9bd1f5a0b681e3779bc76ef6124d63177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 14:57:10 GMT
Last-Modified: Sat, 30 Jan 2021 14:02:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5055-1612015360000"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5055

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 186ms
116ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b88cd48176837b4d02560d1b1f6144817694067ba342e1eee819ffa231833135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50718
x-xss-protection: 0
server: cafe
etag: 17782540125691736847
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:10 GMT

GET
H2

404

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain_url=http://bloxcms.com
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16

726 B
917 B

116ms
32ms

Image
image/png

2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:10 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
x-xss-protection: 0

Redirect headers

date: Thu, 17 Aug 2023 14:57:10 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 331
x-xss-protection: 0
expires: Thu, 17 Aug 2023 15:27:10 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 53ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 71646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27755
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6c6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7dAG89dn1SY1JrBjmmq7mBBVhT9jMyAWjgo2YTBuerbQwHu8MH5s0%2F8LYf11iKVyXpgqq5pmNlIwctZ0lY3WoiKsTJD%2Fcw0hu4XsawMf%2Fij6VCGAfGT0SVa2AB4lKyqzRWRj3zqPREpGtWPpJPvsfl%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f82c498c9825cb0-FRA
expires: Tue, 06 Aug 2024 14:57:10 GMT

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.15.0/umd/ 21 KB
7 KB 42ms
41ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.15.0/umd/popper.min.js

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d3b9482d4fb3b6aeaa089b08eb84381b5d3294c32c71ba320c4482bb4dbb8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1890669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6680
last-modified: Thu, 22 Jun 2023 11:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942d85-1a18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkvPD2sbLZefcsE9gJwXYV%2B2ewQevNRLkKgUOA8%2FNMV6GXR%2B9%2FmTHY%2FGw69MRG9l5ZkL1R5XyHiIbL2iPA9%2BlIn%2FXT%2FtD5ioIjF7R57Z3ME1UoeZ0c2dQ%2FCxyP%2B00324ehQEGdVgw1fKu0EbAcoWMTDG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f82c498d9975cb0-FRA
expires: Tue, 06 Aug 2024 14:57:10 GMT

GET
H3 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/ 57 KB
14 KB 63ms
61ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5568612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13537
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-e2d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaogeDX7fwdQv2MjNU2xHMxW3lgvgnmnXyRbSiSu66lbFG%2FWcjb2TU4l5YzU%2BYn0UHJpe593dbVWgteOEUPGAwyyWVXmW1zHc%2FxOMfe0wYM5P46J%2BJX05kZ7snuGUT1yZSKaknpoHaeaWU%2FLoW5bukD0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f82c498d99d5cb0-FRA
expires: Tue, 06 Aug 2024 14:57:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
85 KB 48ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YZLP68FKYZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162020576-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d13e946e809369c122aa99c6e17658fe1f8b26cc8c4e2cf6db6ce34f60760e21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 17 Aug 2023 14:57:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162020576-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 13:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4047
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 17 Aug 2023 15:49:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 83ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YZLP68FKYZ&gtm=45je38g0h2&_p=1454003756&cid=1929554003.1692284231&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692284230&sct=1&seg=0&dl=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&dt=Bloxcms%20%2F%20Integrated%20Content%20Management%20System%20CMS%20for%20media%20%7C%20bloxdigital.com&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YZLP68FKYZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloxcms.com.siteindices.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
214 B 29ms
28ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1454003756&t=pageview&_s=1&dl=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&ul=en-us&de=UTF-8&dt=Bloxcms%20%2F%20Integrated%20Content%20Management%20System%20CMS%20for%20media%20%7C%20bloxdigital.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=490140274&gjid=1978755636&cid=1929554003.1692284231&tid=UA-162020576-1&_gid=2127173505.1692284231&_r=1&gtm=457e3890&jsscut=1&z=2021961174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloxcms.com.siteindices.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloxcms.com.siteindices.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 369 KB
125 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5694541448612364&plah=bloxcms.com.siteindices.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc53415bd98ac9803575a9eb17ef92bca708e5a02a1b56c265d70213db98a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128224
x-xss-protection: 0
server: cafe
etag: 2043359159923725712
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/ Frame 97BF 10 KB
5 KB 70ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 13:23:30 GMT
etag: 13776922816869014096
expires: Thu, 31 Aug 2023 13:23:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
607 B 79ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bloxcms.com.siteindices.com&callback=_gfp_s_&client=ca-pub-5694541448612364

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5694541448612364&plah=bloxcms.com.siteindices.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41700d50f245db4cf2bf4d473e3912fa002f6fda408125c389bcf2884e75ddc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 48D0 108 KB
37 KB 1269ms
1268ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=4096391363&adk=801452986&adf=683863926&pi=t.ma~as.4096391363&w=1110&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=1110x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230768&bpp=4&bdt=354&idt=247&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4283636873857&frm=20&pv=2&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=rkRkOwC20I&p=https%3A//bloxcms.com.siteindices.com&dtd=265

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11e0642693c24788eba3a8a6ee77a53fdbb987399132d50eeeb10175366a5d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37648
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:12 GMT
expires: Thu, 17 Aug 2023 14:57:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4BB8 97 KB
37 KB 1142ms
1141ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=9205247819&adk=196439105&adf=2665882539&pi=t.ma~as.9205247819&w=350&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=350x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230773&bpp=1&bdt=358&idt=271&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zxznrfKaju&p=https%3A//bloxcms.com.siteindices.com&dtd=274

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f70fe61a94cb6566fee4ebdc4f320aaecdcb6c52d6a8de2b5a9fede48ce3b1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37377
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:12 GMT
expires: Thu, 17 Aug 2023 14:57:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED9B 34 KB
14 KB 556ms
556ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=1496813024&adk=1673820887&adf=2518690131&pi=t.ma~as.1496813024&w=730&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=730x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230774&bpp=1&bdt=359&idt=275&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=y7LuP431tM&p=https%3A//bloxcms.com.siteindices.com&dtd=278

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9232f5145851f29ce012520048686481e665bcc7d96819f6f7adc1570875fe02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14017
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:11 GMT
expires: Thu, 17 Aug 2023 14:57:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D4B 117 KB
38 KB 595ms
593ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=8923683389&adk=2722634783&adf=1706824535&pi=t.ma~as.8923683389&w=1110&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=1110x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230775&bpp=1&bdt=360&idt=279&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280%2C730x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XnIdhNqp7M&p=https%3A//bloxcms.com.siteindices.com&dtd=284

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c69df19d8716a4d012b89a3913294a6defa38418b8e4b9eb1ac5a8b62f33b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38695
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:11 GMT
expires: Thu, 17 Aug 2023 14:57:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F19 341 KB
60 KB 1391ms
1391ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&adk=1812271804&adf=3025194257&lmt=1692277031&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230789&bpp=1&bdt=374&idt=275&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280%2C730x280%2C1110x280&nras=1&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=288

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bb0402bdd0e95f7334cbb32d98089f29f6c61fe1d993c5208a8ee0c767b8734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:12 GMT
expires: Thu, 17 Aug 2023 14:57:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5BCF 151 KB
48 KB 189ms
117ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwABWF4IFWC6AARqKSh51cGhWIAIRM1hkA&u=%7C7%2BaFQqKs8tcDI9VunIEbD4LEEQ3YwSSNTjugX6Dvi%2B0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC8675qickulgVVUvuR0wRCGjdiN6YhcBjpXN-LBmo6VOTygYZE4IPYBfTUqmrt_9qzywooVW6S66zXq7ObWrneV52XDHHLpZQXmTxZf2O17d6dKmOK-SYOiKAcjcX_kGbpb_lTjyMUNceP1ahO_C08UvxDZpqD8yO3Cb0IxGgoOgxH92RyMYWHGFc2EAdJ3w7CwNXLUKXiKrdcOXsb7TH9P0XEUmMKPdzAO2ub8dgqGsmGDBlVmfKRft6U312PAS4_hImqglaliw61NlfzIwsyABNIdld1Ef677cePZbqg06VRwpIO45pkyKWAX7lqiOs5Lgpy79vjEvTNglD9d3UEY-iSbS5qUPmaEhKE9KfmP7YQ2p3RIWOIx8u9diiM63QTwpQ6D_Of3d3d0bYZ-5b-RCAgTcXAlYrmszhF_Kg_DY5FYqtiRVrDtAqK12wXgNtwlnuD2nQ1EUPVI-rcPizp0JWj1SMdU-XQBd9_jZt6P0XTZXX-WHOrHZqjFOpE69rG0RnEWQiQ4iXiAsosrApvZ2jRkiJqJxSP31mvGeR-vw54U-j_GbwtznlMbj55fOFTZgJfSVs6K5Sr8VOC80gm6YtbM7mbifo37g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPZGlRzXeZN6wBbrB1fAPqdSR-ALJntKxXM2jlvdwwI23ARABIABglYr7gZQHggEXY2EtcHViLTU2OTQ1NDE0NDg2MTIzNjTIAQmpArMX2jC6PrI-qAMByAMCqgTcAU_Q3cfvu3PPR21HdEHATIrWxFbzafRQdjrYjkcLNE_LVibEFknE0tH_taLV7fJYlLUcm07iAkBp-VkTtmZg8gbKTO82qefrYdqS1wVex9Phbuhz72TNOFSDqySOpO9VM5Hi_Pvr2Vos7GXXZ4VTVx9PkTNmXO505wOEq4XS80Id5zwj0hBopaPcPamN6ESCfQ128EhsFRxchyowN9JIfFyGBpsW1mAJCrnfDjqhTTMWS3k2ozOS75yZwP643XCewLHnSzN2EUUdMz-VPl8uJiOsspanVz4F-eBXCiCABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08_5IYF6s9CknqKRA3MrOTz468jw%26client%3Dca-pub-5694541448612364%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=1496813024&adk=1673820887&adf=2518690131&pi=t.ma~as.1496813024&w=730&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=730x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230774&bpp=1&bdt=359&idt=275&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=y7LuP431tM&p=https%3A//bloxcms.com.siteindices.com&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

78dac75b4855f9527371f2be90acd25c96063c3c9e4f56aee29b3173aeb65b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=z5fF5TS5MMlPDbEEs2MDJZvTLurf9PBGThcT8EKzZdFt0JmKLouynkXaYbb14_RriCHGsSpOOTNFHejLnVHrJGfwzaxCf7kea7Mal26V-Qn08MADNWvSCgGdzwmtVDX06wSEiHEImILCtTW3WQKooHu7LXCQh67ifay8g6l2knGwpF2zbAuk3iFRKd_asgEJq4fWYP3V7Ry1_Mu8OsRI7KlzYErbQ6skRz4K2ua8w8iwpI223JRBDGS7qwfAjwks0Y3nvg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 76664177
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame ED9B 3 KB
1 KB 83ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 13:43:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame ED9B 20 KB
8 KB 76ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED9B 180 KB
57 KB 109ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:11 GMT

GET
H2 200 8114489758196885127
tpc.googlesyndication.com/simgad/ Frame 5D4B 93 KB
93 KB 57ms
41ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8114489758196885127?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnbLYsiGDTB4IUmZKgIoZfXq841Pw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=8923683389&adk=2722634783&adf=1706824535&pi=t.ma~as.8923683389&w=1110&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=1110x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230775&bpp=1&bdt=360&idt=279&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280%2C730x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XnIdhNqp7M&p=https%3A//bloxcms.com.siteindices.com&dtd=284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f943916412cc5b13e2d88c9702396122c3bebb50a6e2f4f8089c51de2fc8aa36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 03:59:20 GMT
x-content-type-options: nosniff
age: 125871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95183
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 16:39:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Aug 2024 03:59:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 5D4B 23 KB
9 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 5D4B 3 KB
1 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 13:43:21 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 5D4B 67 B
196 B 29ms
26ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 02:28:40 GMT
x-content-type-options: nosniff
server: cafe
age: 44911
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Fri, 18 Aug 2023 02:28:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 5D4B 20 KB
8 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D4B 180 KB
56 KB 95ms
75ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:11 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 5D4B 35 KB
14 KB 58ms
54ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:30:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC24 143 B
166 B 23ms
22ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=8923683389&adk=2722634783&adf=1706824535&pi=t.ma~as.8923683389&w=1110&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=1110x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230775&bpp=1&bdt=360&idt=279&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280%2C730x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XnIdhNqp7M&p=https%3A//bloxcms.com.siteindices.com&dtd=284
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5D4B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b43ec0462b441bdec2a802f9438cec3b08258d228eeb296365c802857c2296c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC24
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
35ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:11 GMT
expires: Thu, 17 Aug 2023 14:57:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ED9B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb7a20984e572f6f39b34f7a49ac30001397e2437af97fa49060d7cca94cecf1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5BCF 2 KB
1 KB 107ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwABWF4IFWC6AARqKSh51cGhWIAIRM1hkA&u=%7C7%2BaFQqKs8tcDI9VunIEbD4LEEQ3YwSSNTjugX6Dvi%2B0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC8675qickulgVVUvuR0wRCGjdiN6YhcBjpXN-LBmo6VOTygYZE4IPYBfTUqmrt_9qzywooVW6S66zXq7ObWrneV52XDHHLpZQXmTxZf2O17d6dKmOK-SYOiKAcjcX_kGbpb_lTjyMUNceP1ahO_C08UvxDZpqD8yO3Cb0IxGgoOgxH92RyMYWHGFc2EAdJ3w7CwNXLUKXiKrdcOXsb7TH9P0XEUmMKPdzAO2ub8dgqGsmGDBlVmfKRft6U312PAS4_hImqglaliw61NlfzIwsyABNIdld1Ef677cePZbqg06VRwpIO45pkyKWAX7lqiOs5Lgpy79vjEvTNglD9d3UEY-iSbS5qUPmaEhKE9KfmP7YQ2p3RIWOIx8u9diiM63QTwpQ6D_Of3d3d0bYZ-5b-RCAgTcXAlYrmszhF_Kg_DY5FYqtiRVrDtAqK12wXgNtwlnuD2nQ1EUPVI-rcPizp0JWj1SMdU-XQBd9_jZt6P0XTZXX-WHOrHZqjFOpE69rG0RnEWQiQ4iXiAsosrApvZ2jRkiJqJxSP31mvGeR-vw54U-j_GbwtznlMbj55fOFTZgJfSVs6K5Sr8VOC80gm6YtbM7mbifo37g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPZGlRzXeZN6wBbrB1fAPqdSR-ALJntKxXM2jlvdwwI23ARABIABglYr7gZQHggEXY2EtcHViLTU2OTQ1NDE0NDg2MTIzNjTIAQmpArMX2jC6PrI-qAMByAMCqgTcAU_Q3cfvu3PPR21HdEHATIrWxFbzafRQdjrYjkcLNE_LVibEFknE0tH_taLV7fJYlLUcm07iAkBp-VkTtmZg8gbKTO82qefrYdqS1wVex9Phbuhz72TNOFSDqySOpO9VM5Hi_Pvr2Vos7GXXZ4VTVx9PkTNmXO505wOEq4XS80Id5zwj0hBopaPcPamN6ESCfQ128EhsFRxchyowN9JIfFyGBpsW1mAJCrnfDjqhTTMWS3k2ozOS75yZwP643XCewLHnSzN2EUUdMz-VPl8uJiOsspanVz4F-eBXCiCABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08_5IYF6s9CknqKRA3MrOTz468jw%26client%3Dca-pub-5694541448612364%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:11 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5BCF 2 KB
1 KB 108ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:11 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5BCF 308 B
636 B 99ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 11 Aug 2024 14:57:11 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5BCF 293 B
621 B 99ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 11 Aug 2024 14:57:11 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 5BCF 43 B
348 B 123ms
38ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=-b3E1yK5YaJiRvPhYQ1d0XoAGrpX8IR2hAYrI3YWSRsOPvwHleYbIyaq-xgnlImbF58dNNanqiQSpOYVJ-gZifMhtzo9pjq5sQ0hFHeFyUkSc8mO7k9-bt5uoFbD_fibwXbIYhQD37N-NLeBlhm2jicQoTgKtaL4nxe49vgE7hTzvCduCn9Pb46YAU2IU6cAfKylEke5-sSxkbkAD0oyxoL79OdMr6uwuMvDljinCbBrfVDEjMfdbIkDR4dVl_ATHUWDsqsV3Rr4YyM_S6p0O7zWW2LFQeXVDqJ4mA41BZBMcn6D8puISmT3xBloqIpiTZWDkML5Q4NTk1DgPs0fMzGvCsqhQVsrVSd3FHX7C30x1P-HK3QW12Y2cLWmyIUYC4bOno2TGMY4Nlf0BJVJ5elsdkrQTI57S3SRNGz4AQQCVoG3_IM-i00vIzovm7dykUeiBIzsdvpqTwU6dddOdcR7YfsIhT-OKTWgWGFI3avHvqMu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3782220
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5BCF 12 KB
5 KB 29ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 75642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5riNsMKQbNueOPWIeLEr0BobvmSkZkL%2FPzqIX%2Bl034Y%2FXMWb%2B5mjNHnqEhOlUFcxK88Pt80E43xlidn%2BjA27klUbBp565f8xkXT8Z8%2BYAc1nRVSGEzYeveqCy4mu%2BM%2Fu65NdTpdHhVQMYSy9DMhMdMj%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f82c4a12c685cb0-FRA
expires: Tue, 06 Aug 2024 14:57:11 GMT

GET
H2 200 d65a37834aea45f3b2f89ed6973b410b_taz_800_a.woff
static.criteo.net/design/dt/ Frame 5BCF 58 KB
59 KB 222ms
146ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/d65a37834aea45f3b2f89ed6973b410b_taz_800_a.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

91c32cf62c2a7ec7bc63bd4354823f66812d56d2323a5298eac81e5b969811c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 30 May 2018 09:59:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0e75fd-e98d"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:11 GMT

GET
H2 200 d9f6971a4f3d47b6be08a8b55e632b93_taz_700_a.woff
static.criteo.net/design/dt/ Frame 5BCF 55 KB
55 KB 141ms
65ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/d9f6971a4f3d47b6be08a8b55e632b93_taz_700_a.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

114b07db8be817bfb1f20e07ac98d9500c7ed50146512c32c102f41309437b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 30 May 2018 09:59:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0e75fd-daf9"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:11 GMT

GET
H2 200 403d3864d4f545aeb1484932bb4ec84c_taz_500_a.woff
static.criteo.net/design/dt/ Frame 5BCF 65 KB
65 KB 188ms
112ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/403d3864d4f545aeb1484932bb4ec84c_taz_500_a.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3f0133a51dbe2306a5d32fbc64643af6fc2503036a2ebec0e61b377d6e60ae75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 30 May 2018 09:59:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0e75fd-10316"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:11 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5BCF 12 KB
6 KB 41ms
41ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5BCF 4 KB
5 KB 140ms
68ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=49788&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F49788%2F180606%2Fd2747e8bfc464c829e15f92f21b511fc_logo_n_horizontal_ligh_rollover_bauh.jpg&v=3&w=372&s=SiSJ64Ua4TTOwc4igxagf6It

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0e937dbbcc6ac86d5eea66d1c88c0a4d73d48a0b1ebdabd7c76bf0aab271a0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4506
expires: Mon, 29 Jul 2024 21:12:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5BCF 8 KB
9 KB 170ms
98ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F280864%2F12.jpg&v=3&w=400&s=W3_NHElKab0TSjGKTKgRrpXx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

339a142b74d654e469fe04d9e4956f07f1a55018e7b2b032080967df7671d07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 8556
expires: Fri, 18 Aug 2023 17:38:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5BCF 17 KB
17 KB 134ms
63ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F1421466%2F12.jpg&v=3&w=400&s=WgS8OWejX709NAGDn_4AS536&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ef54137af7f2d2fcca27a38561c8218f12319812c5d2cb1d873a54873cf4ddc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 17222
expires: Fri, 18 Aug 2023 14:33:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5BCF 10 KB
10 KB 153ms
81ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F126266%2F12.jpg&v=3&w=400&s=Eu-vHOGi2X98M1L721bxipCZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f7209189c9d2e544cdcc09a7e86378304a2cb3c17504828ce062f4f56c6e411c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 10032
expires: Fri, 18 Aug 2023 04:18:55 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5BCF 6 KB
7 KB 152ms
81ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F1524253%2F12.jpg&v=3&w=400&s=fZhxAGCyIHw1tkN_f90fsssO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

53150cd0abdce77cb401a07e66c196041e5931fa9bf8e142f2ec114d1ee7dfaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 6538
expires: Wed, 23 Aug 2023 10:36:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5BCF 5 KB
6 KB 159ms
88ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F1488875-1%2F12.jpg&v=3&w=400&s=G0-wSl6-NOPVo-HcffMz79r0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da27056bbaebc192e79d43a94a1e0cf1661e7da3a9369f2a55a09c38f4dcadd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 5572
expires: Thu, 24 Aug 2023 03:10:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5BCF 0
128 B 113ms
34ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=z5fF5TS5MMlPDbEEs2MDJZvTLurf9PBGThcT8EKzZdFt0JmKLouynkXaYbb14_RriCHGsSpOOTNFHejLnVHrJGfwzaxCf7kea7Mal26V-Qn08MADNWvSCgGdzwmtVDX06wSEiHEImILCtTW3WQKooHu7LXCQh67ifay8g6l2knGwpF2zbAuk3iFRKd_asgEJq4fWYP3V7Ry1_Mu8OsRI7KlzYErbQ6skRz4K2ua8w8iwpI223JRBDGS7qwfAjwks0Y3nvg&sds=2&rev=88037&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5BCF 2 KB
1 KB 39ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5BCF 2 KB
1 KB 39ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:11 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5D4B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C54XjRzXeZITcBdPK1fAPvrGekAnt3NyfbtmCtbeAEt_jrJuPDhABIODF2ntglYr7gZQHoAGr0ezcAcgBAqgDAcgDyQSqBPMBT9Cy1LvZPwlFWG4UlCZKx3TBtGIQdH72NRVgB4aQGHuOCxo...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211157486579163808404%22,%22debug_reporting%22:true,%22destination%22:%22https://fit-coach.io%22,%22event_report_window%22:...

0
0

102ms
56ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211157486579163808404%22,%22debug_reporting%22:true,%22destination%22:%22https://fit-coach.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22463153323%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22849203970116373553%22}&andc=true

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11157486579163808404","debug_reporting":true,"destination":"https://fit-coach.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["463153323"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"849203970116373553"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 14:57:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 14:57:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11157486579163808404","debug_reporting":true,"destination":"https://fit-coach.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["463153323"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"849203970116373553"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AB1 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 13:42:20 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 144ms
58ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 17 Aug 2023 14:57:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ED9B 0
19 B 69ms
69ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0RvsRzXeZN6wBbrB1fAPqdSR-ALJntKxXM2jlvdwwI23ARABIABglYr7gZQHggEXY2EtcHViLTU2OTQ1NDE0NDg2MTIzNjTIAQmpArMX2jC6PrI-qAMByAMCqgTZAU_Q3cfvu3PPR21HdEHATIrWxFbzafRQdjrYjkcLNE_LVibEFknE0tH_taLV7fJYlLUcm07iAkBp-VkTtmZg8gbKTO82qefrYdqS1wVex9Phbuhz72TNOFSDqySOpO9VM5Hi_Pvr2Vos7GXXZ4VTVx9PkTNmXO505wOEq4XS80Id5zwj0hBopaPcPamN6ESCfQ128EhsFRxchyowN9JIfFyGBpsW1mAJCrnfDjqhTTMWS3k24TGzfRsWXO0HQWQ9EIxBszpiG_MXHScXipcTgNETrLq_0pSB6l-ABo7Uspy3sqWtYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01Njk0NTQxNDQ4NjEyMzY0GAA&sigh=qmLr0clvgO4&uach_m=[UACH]&cid=CAQSGwBpAlJWeOXjAdS_bsYQx-6R12V9fWWFuEiG9hgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=1496813024&adk=1673820887&adf=2518690131&pi=t.ma~as.1496813024&w=730&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=730x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230774&bpp=1&bdt=359&idt=275&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=y7LuP431tM&p=https%3A//bloxcms.com.siteindices.com&dtd=278
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 14:57:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame ED9B 0
126 B 128ms
35ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kILKFsz6RNoFmAKdg2ICAgAAAEFxH5o8vBSgEEY13mTwk1CzPBa-7FKSAAASAAAKCkFRVUREd0VCRHc&wp=ZN41RwABWF4IFWC6AARqKSh51cGhWIAIRM1hkA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:11 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 187000
server: Kestrel
content-length: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 4BB8 2 KB
950 B 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=9205247819&adk=196439105&adf=2665882539&pi=t.ma~as.9205247819&w=350&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=350x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230773&bpp=1&bdt=358&idt=271&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zxznrfKaju&p=https%3A//bloxcms.com.siteindices.com&dtd=274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 12190004885953881285
tpc.googlesyndication.com/daca_images/simgad/ Frame 4BB8 34 KB
34 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/12190004885953881285?w=600&h=500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18192f6b2176e73f105a048d601f7494ed5777f7915fcddf077c8ce8c62525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 11:03:28 GMT
x-content-type-options: nosniff
age: 186824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34913
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:20:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Aug 2023 11:03:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 4BB8 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 4BB8 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 13:43:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 4BB8 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 4BB8 2 KB
926 B 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BB8 180 KB
56 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:12 GMT

GET
H2 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame 4BB8 35 KB
15 KB 81ms
23ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
DATA 200
OK truncated
/ Frame 4BB8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3512a3ca0a590ced4ba84aab278fd26c1721ec3a762b3f7ca02b1a1bd787c260

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4BB8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CSEu3RzXeZN-DBbas1fAPg6qhgAKppqfOb--z1ujSEbCjgOyQAhABIODF2ntglYr7gZQHoAHlx5WXKMgBAakCsxfaMLo-sj6oAwHIA8sEqgTzAU_Q91bbr8mIpHjNFhL1kVH5auWeh-l7LEL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217557734193749192793%22,%22debug_reporting%22:true,%22destination%22:%22https://a7-reinigung.de%22,%22event_report_window%...

0
0

63ms
62ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217557734193749192793%22,%22debug_reporting%22:true,%22destination%22:%22https://a7-reinigung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210786005989%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22514147376806358769%22}&andc=true

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17557734193749192793","debug_reporting":true,"destination":"https://a7-reinigung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10786005989"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"514147376806358769"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 14:57:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 14:57:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17557734193749192793","debug_reporting":true,"destination":"https://a7-reinigung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10786005989"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"514147376806358769"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 48D0 4 KB
1 KB 90ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=4096391363&adk=801452986&adf=683863926&pi=t.ma~as.4096391363&w=1110&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=1110x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230768&bpp=4&bdt=354&idt=247&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4283636873857&frm=20&pv=2&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=rkRkOwC20I&p=https%3A//bloxcms.com.siteindices.com&dtd=265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Aug 2023 14:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 14:45:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Aug 2023 14:57:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 48D0 2 KB
892 B 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 48D0 23 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 48D0 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 13:43:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 48D0 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 48D0 180 KB
56 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:12 GMT

GET
H2 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame 48D0 35 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FF35 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 13:42:20 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5910944167532332768/ Frame 48D0 12 KB
12 KB 23ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5910944167532332768/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0f3acdf32f40ceb06899752a2888a265dd49ece9b5777cfe0e9eb2a2cbe341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 07:36:11 GMT
x-content-type-options: nosniff
age: 544861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12185
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 14:09:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 07:36:11 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9315118889271181551/ Frame 48D0 1 KB
1 KB 22ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9315118889271181551/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

085ee4a2d083f202c561812ca3bc8b26147656c582efa170d5de0ff907a5dd39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:41:43 GMT
x-content-type-options: nosniff
age: 278129
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1196
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 11:15:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 09:41:43 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 58ms
57ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 17 Aug 2023 14:57:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 48D0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f82aedc5a67f56f744f6959eddecdfc2eb41b12fe59ef711e9b719ba5d565d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 154 KB
52 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3cf9129ef036a2f3db5f05656b5bb31357839ba38100aa2559a60f497b8fd44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53707
x-xss-protection: 0
server: cafe
etag: 15462902093606694125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 48D0 16 KB
16 KB 78ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 476523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 02:35:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 48D0 15 KB
15 KB 80ms
28ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 557420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 04:06:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 48D0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CO3SrRzXeZOKdBM3H1fAP8bWioAG00J7zcej575SqC9nZHhABIODF2ntglYr7gZQHoAG91LLMA8gBCakCaqMdG0lCsj6oAwHIA8sEqgTmAU_QLl8HaluWCvy9pH4EO5PoVwrZYPInXUOxMZZ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225043517543191359872%22,%22debug_reporting%22:true,%22destination%22:%22https://swydo.com%22,%22event_report_window%22:%222...

0
0

58ms
58ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225043517543191359872%22,%22debug_reporting%22:true,%22destination%22:%22https://swydo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22965519933%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225905501498615526433%22}&andc=true

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5043517543191359872","debug_reporting":true,"destination":"https://swydo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["965519933"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"5905501498615526433"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 14:57:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 14:57:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5043517543191359872","debug_reporting":true,"destination":"https://swydo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["965519933"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"5905501498615526433"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E66F 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 13:42:20 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/ Frame FFBA 10 KB
4 KB 29ms
24ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:50:57 GMT
etag: 13776922816869014096
expires: Wed, 30 Aug 2023 23:50:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/ Frame C695 10 KB
4 KB 29ms
24ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:50:57 GMT
etag: 13776922816869014096
expires: Wed, 30 Aug 2023 23:50:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/ Frame 5F2A 10 KB
4 KB 28ms
24ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:50:57 GMT
etag: 13776922816869014096
expires: Wed, 30 Aug 2023 23:50:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/ Frame F803 10 KB
4 KB 30ms
27ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:50:57 GMT
etag: 13776922816869014096
expires: Wed, 30 Aug 2023 23:50:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 62ms
62ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 17 Aug 2023 14:57:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame FFBA 4 KB
744 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Aug 2023 14:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 14:19:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Aug 2023 14:57:12 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FFBA 205 B
229 B 26ms
23ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 16:54:37 GMT
x-content-type-options: nosniff
age: 165755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Aug 2024 16:54:37 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FFBA 604 B
628 B 26ms
24ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:19:58 GMT
x-content-type-options: nosniff
age: 189434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Aug 2024 10:19:58 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame FFBA 15 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e443793c22c99a71ea0ca1ae621676267abbbc301e98d78122bdedcbf6ac893a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:31:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6470
x-xss-protection: 0
server: cafe
etag: 4595109392211754618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 23:31:46 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame FFBA 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:17:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:17:48 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BC4D 49 KB
19 KB 51ms
50ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwAC278KZMQKAAauzw7Q_UcU-VTJAhZEDA&u=%7C7%2BaFQqKs8tdQwp9CLWatR925YuIW8sbEwSNW3N4sFHM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zqoFRbdbBSO3OM6z06R2-kRSJ3i32krVnZ3yISmzlw5DIks9JlNkoxl-34WWhAlR1Vk1v_4WSTb5acS8ihb_iP_qXLEZGrUG9ChOwZgK3tbN393PxVXguXRrE4t58GzgdK9gG8c59JKdD1PebUBV7oq9mPG4KoIxZpvB19EM9t0dPb8_QVOUr48RGvvZNvLxgXxihtnVDEK1SK0nEYiLvHEMXYsnxMrBMyXiiGV2hwCGwFdftcVKgB2QOEH4s98T1aTFqK-o6UZdflGsO9vhFbiwdpmTQ-C5jEXcj8FHjT13VAsUhkGKHPM2jEOzMVegdmOpmeM6RgANEv8elTtNdxPd1XrCdqTzyauGBUeUiAQU0zdUU85OlYrZHzaK7K9XRR-WN8XQBOWAZPIRbWzLo55_galEOTS6JWLEHJ0UizdZZxgDx1DDWH7wbCIxL5oWxeXgIjxS4wAhp8xVmaK4QAzm6glY3a2gwUOIJtHZ9xgGCoENVCJEUqdiUOzSbBHSvzfffx-PnoUTNOZ14fCZp_HrJBzVziu8nhy2hT2R0tUXVjgvxqp2AuyQnDINp9xUvrnksuY6MVmigFeVFk9wz4Ou603ValN00A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC53QQRzXeZL-3C4qIkwPP3ZqQAcme0rFc1Z2R93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNcBT9DTuOBuQt3U6a54qDO94EqBUZVe5z2DUF6Ffx4lLsn8eszDHR1W5kCdOrN65P32EkLD93lg0PZVi1NGOKmiBnUBRq7Ld-CeeHjt4cVj0colSbGkOWiSubt5xDKqGCdv2B0VK9Urkh4cLuBS7_QHdRIhzhOducyTkf0rKSngYK0uuON51btjLNBabkmR7osm1wVIUB8U7-7fRIveiFmfDSmdZbOutJ7xDEiVXTUyxDOy6h0XEJlaFIhrOPwhyl62DVo3RWj12jII5VtiuCTxpOOZxYVQjCyABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3fAP8UB-iTleerEn24EEQbtAEBuw%26client%3Dca-pub-5694541448612364%26adurl%3D

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

623bd059e5cea1358a2b5d87149ceb8cc8cb829020758561d211a9f3a1cf75c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=u5iHSjS5MMlPDbEEnG-VezZuU0s23hcT1-d4kprOH6t7-u-Bfx3gpestqJcFxMR_LGF_Z-VNI_WoGziQ-FbWyv_C4vj6HnbEV5v1EJoRuvKA9eKM0Ru66fj8JEY8tF5Ewa7goGJ9EdklZgZWBVSE1SR1Spb21T8PMzxwCPgwmPB40m829Pvln4vRikQPoc5gvy7FKlctd5vmpIoe5BROiBXewpZ4VBaL8CiptIlE63RIv-qdsBuYPxVtwYLCm2FpbGa0sg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 5173393
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame A37D 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 13:43:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame A37D 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A37D 180 KB
56 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:12 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A06A 38 KB
15 KB 46ms
45ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwAC28AKZMQKAAauz4224tgmmn_MIdULrw&u=%7C7%2BaFQqKs8teklObD5f%2FZ0WUgM5e0JhrdEbcowGSnJao%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zqoFRbdbBSO3OM6z06R2-kQT9A-8G0bPvW8ec5z41NX0uamqb_nuWkQD-qPGEXgrPZLDFl9EVvRNWuIT3m7Au1bpme9qBDOtY2H0ewQ7y03i1BkpG7PMR8zA6Cumts5MjPCzQXSncJesip-x62C-vTVw-LfBGLTHRIZmTFpnO2N57v4g7Fy3dmXDn4IbrBgPlko6pKLLn_1FuRmzyrQDf6EAKEYra43X-z_MHj1wsLw365SuoAalth7DYrIxYaE701AHNe-sDI17pLk2yK84-_eOb2pZZFM6wsaPEMVjn2IbJxg9MF-kFI-DXui5w3_ARbedlwcb8hCBFtkPSOG0Eky6m5qUg5LNro4VMr4FyB28roH22BeuPJACPGkWH1BRYtJqezcEzQB2Cj5RYnEkxYM4mpxblKvKVPCOlAkGADF-bzeatmX3RJWF9Q814Dn25wMUf3aXs9vKGdNi9Wg_ymO0c8Kw9O9TqaJfINn38CgnqdhZfZyDJVTyeXEJty5cIgz3rI0lSWGVo0J9UidzaMFid5vh3K3set4yWJ6-txQSvX4PrOxyTX1EGsN81wOUZP9gGCzY6J5rExsYSVl2ilwMNewQqoIfaw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXJwQRzXeZMC3C4qIkwPP3ZqQAcme0rFc1Z2R93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNYBT9DUs0uQ_vHmWgZHD_1Y9_S3-MZyDidXDmn_o_2WATdzfaJDNXUL5bW0ePb0sawOjXy9P2jsnfPPjOomdv-uHqjyDpWLRj4KdjwLy2aRP2is7GmW1fzKj3501OEqmP23fEZc9Yc0iJ3_jMtCtMv3SVfJrG7ub5yo4L-aA1Kzxz-ezyFK2E3wH9ivzTo08DfkJ1sEwIwvi68UutPnv5lL5NlTVDNsf4NeGS-tmtBl_gL5XkpLD9G6aWixf9Ic278CVrvJJV0MK7j15K0-Jc2hUEHsc7n_O4AGkLLhoJTl4I20AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2VTzziOCVYxdUAFd3xRvA5iSA16w%26client%3Dca-pub-5694541448612364%26adurl%3D

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8a98e0a8f603bbbdb33de3bdf1573370b6b32b824f30d382fd7eef55b112c00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=3lTlTDS5MMlPDbEENmwtspfuIH4cNGikH7bFaaiYC72FfBS7XdOvQX5vqMV6dnF2p5_ab-KRqdGdDcDQZeMyQOvlT0gor-zrNv9A1tPEMLMX4zLPxTUDE5CBhh_94yi5-OEX5UxQc-YXQHiJwrFf5hKo6_wiyCpN1M7a1NLoFy3ysJTjp-2F12G8CavSMVcjH1pjXD2aADkhhSuor8_9a0ayOBPv6qlFETsjyPk79kbejWxu1D8Wlky5CSzfjGp0V3X44w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4282557
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame AB63 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 13:43:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame AB63 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB63 180 KB
56 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:13 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E5B6 192 KB
57 KB 155ms
151ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwAC28EKZMQKAAauz11XQAx33lx5qLrdsA&u=%7C7%2BaFQqKs8td10RbT5MKByp%2Fzm0zc0tBkpGqf5k757IE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC8675qickulgVVz0EbnrSseZbrBPZVAOP2O40pZaoC5dtDTdupMfIVxYqv9-6-FRFHveH8UvhzB3PA8ss4fhRVzG5H28AQP9hZCTdHUCnYBOLX1jRPrFYuYoZRKwvAXehM5FDsPfdNLuQQH2wuDOQIKSFk7sZ3NqZnP8tBFY3rMxuCkHhtukFAXaMIJOr8g3dBYrVP6o2NYMwIEoF7iAyl7fTtK7A-8Um3Xknhs_1P8p5TuashgJnR9GU5hb4LbmURWaVfSOkchaBpQpRf21rN3Kns_09sZtbxGZmZDvh0wsPw3EdpNJTYWPCDC_6ujfb4vlwInyeYu5d57uygK25kMTiWW0VkjfkANdcJQPE9nlzvDAmgT_7RKbhO4Ak1IS5B2Aier7dhvna68G9_TyAIAYFC8C2d1XhcEhhNK4JXb3iFlp_vrre2WH8J9J_qGPYgaNhQSgYt4Z_SQe28jeFRpPmAwALJgD2OZKtGXt6UKTAqwcrKU4Vaf3VhSpSeJnzw7_ljYWuuYlqtaN_HdXkOXn0mTkq8Q3Nfnfcou3HJcGaKlF-hhp7VBgrrATyRZj4_Es9-pQT1uJxjGGEyxKp_Q36EcLP6V3V3Rg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5GdjRzXeZMG3C4qIkwPP3ZqQAcme0rFczaOW93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNcBT9A1PsL-u90d-kxXAsNKhGhlMi8ZmfPmHPXmuHZ0JJa8rmaaFu6duMPcgAurLVSQWvihpQ0n6OGLLY0lqealRLVQW0wAGtHtPj0nP2F8fG6xbSDxZiTLG4OGfDwV64maaqRpBjts9VqNHBHQVDMTOsj3Q_DLzYYC5I51QWX939vH-niTWwRbBVruQYFBS2u7tG9NgqHkgALXqa1nHoTrn7hEYGuTDksocgarmdwy-VdY4WdvV-uHGlUpirr4NUhg_rpAXvGKQ70Ams1E-2l5YaZnEXkULwGABvO4lOTL-s-H-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_27b_bglfGmNwY9qvOF5i_iIDButQ%26client%3Dca-pub-5694541448612364%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ba98bcd9ce6293b367509d2f6d2489fcc631ed74ae26c181789ef9f8791eb0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=27xjvjS5MMlPDbEE0bjpSgBf30ZaxcOQ-OD2kb5ti3XxEeLbxJu3YrqFFp35frlbnx5L7BJ2zLKi2hJafB1B3TfWUBTn08epVm2X2zBflQlILQU_uXZtUX67wwKlAf-yo1N0sBnFApRdkDp2kstw360HFHEglTLqq0IdDDlUtzApnB8WJKTPshFxbsKB51g20D4LleMWf20Dosk_VT6SVojjKmjacyatwyYOVhDGAdoXj-Cp34BCRco7HpFcqf3RbW60Mg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 69668478
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame F803 3 KB
1 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 13:43:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame F803 20 KB
8 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F803 180 KB
56 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:13 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BC4D 2 KB
1 KB 40ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwAC278KZMQKAAauzw7Q_UcU-VTJAhZEDA&u=%7C7%2BaFQqKs8tdQwp9CLWatR925YuIW8sbEwSNW3N4sFHM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zqoFRbdbBSO3OM6z06R2-kRSJ3i32krVnZ3yISmzlw5DIks9JlNkoxl-34WWhAlR1Vk1v_4WSTb5acS8ihb_iP_qXLEZGrUG9ChOwZgK3tbN393PxVXguXRrE4t58GzgdK9gG8c59JKdD1PebUBV7oq9mPG4KoIxZpvB19EM9t0dPb8_QVOUr48RGvvZNvLxgXxihtnVDEK1SK0nEYiLvHEMXYsnxMrBMyXiiGV2hwCGwFdftcVKgB2QOEH4s98T1aTFqK-o6UZdflGsO9vhFbiwdpmTQ-C5jEXcj8FHjT13VAsUhkGKHPM2jEOzMVegdmOpmeM6RgANEv8elTtNdxPd1XrCdqTzyauGBUeUiAQU0zdUU85OlYrZHzaK7K9XRR-WN8XQBOWAZPIRbWzLo55_galEOTS6JWLEHJ0UizdZZxgDx1DDWH7wbCIxL5oWxeXgIjxS4wAhp8xVmaK4QAzm6glY3a2gwUOIJtHZ9xgGCoENVCJEUqdiUOzSbBHSvzfffx-PnoUTNOZ14fCZp_HrJBzVziu8nhy2hT2R0tUXVjgvxqp2AuyQnDINp9xUvrnksuY6MVmigFeVFk9wz4Ou603ValN00A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC53QQRzXeZL-3C4qIkwPP3ZqQAcme0rFc1Z2R93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNcBT9DTuOBuQt3U6a54qDO94EqBUZVe5z2DUF6Ffx4lLsn8eszDHR1W5kCdOrN65P32EkLD93lg0PZVi1NGOKmiBnUBRq7Ld-CeeHjt4cVj0colSbGkOWiSubt5xDKqGCdv2B0VK9Urkh4cLuBS7_QHdRIhzhOducyTkf0rKSngYK0uuON51btjLNBabkmR7osm1wVIUB8U7-7fRIveiFmfDSmdZbOutJ7xDEiVXTUyxDOy6h0XEJlaFIhrOPwhyl62DVo3RWj12jII5VtiuCTxpOOZxYVQjCyABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3fAP8UB-iTleerEn24EEQbtAEBuw%26client%3Dca-pub-5694541448612364%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BC4D 2 KB
1 KB 41ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BC4D 308 B
636 B 40ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BC4D 293 B
621 B 80ms
79ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame BC4D 43 B
347 B 40ms
40ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=G7jllHta821y4pNrdRKgLG3PEeixIIz6i2545exbTsUlzmY9XCynt2KNUCibBgNlSE0kBafEApKixK7fuSva8qKjqhQU0rgDUpUy5pEvNYrBzTTE4-R0VMszoI5jjc_jYKJa-4jJ1NYtcx5Zqga7aC3QRfqet9mONi6w3RRAes_Zq70QYtUzC0rT4Osh-9yK2-qiqkLTmC9QWK5EEK20s2wLZJQfAZ4rNs60jcTfXZfP-X29bAFvJz6WS62Ipb8f5b48wuiKMM16bP0ArwFC3XAwDh40YSWZ1lRGZviGxnI8FnbUVF0_ktDzBNxC56QbYla5jUvR1zPyj5QiIXKdDPgERE43pe-F3AAqu14LC5gCEInMSHam9UItbovrA7i2aAQRa6l7jYWQKhUn6OHAIqI0ATWCD3z1FX-d-eSId8KLLHCyjsJ5BGmQyM6TGrXeFVXVjuuom-AiVLv7M33QXSBzty3zc3-zm37VGYl3tEjWCTa_N6fi5pZtR3Y2WRvfqpsKJQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1578160
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 c539ff5cf9f5427d907721792d250f1a_image_ad_160x600.gif
static.criteo.net/design/dt/98009/4873519/ Frame BC4D 45 KB
46 KB 50ms
49ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/98009/4873519/c539ff5cf9f5427d907721792d250f1a_image_ad_160x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20932b3af65b20ed5b7a9bb771eca586cc6a711ecc15f11c514498ef0e0f06b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 31 Jul 2023 11:42:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "64c79e0b-b5c9"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 46537
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 179E 14 KB
1 KB 38ms
38ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 14:36:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Aug 2023 14:57:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 179E 2 KB
892 B 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 179E 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A052 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 179E 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 13:43:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 179E 20 KB
8 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 179E 180 KB
56 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:13 GMT

GET
H3 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame 179E 35 KB
15 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A06A 2 KB
1 KB 60ms
58ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwAC28AKZMQKAAauz4224tgmmn_MIdULrw&u=%7C7%2BaFQqKs8teklObD5f%2FZ0WUgM5e0JhrdEbcowGSnJao%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zqoFRbdbBSO3OM6z06R2-kQT9A-8G0bPvW8ec5z41NX0uamqb_nuWkQD-qPGEXgrPZLDFl9EVvRNWuIT3m7Au1bpme9qBDOtY2H0ewQ7y03i1BkpG7PMR8zA6Cumts5MjPCzQXSncJesip-x62C-vTVw-LfBGLTHRIZmTFpnO2N57v4g7Fy3dmXDn4IbrBgPlko6pKLLn_1FuRmzyrQDf6EAKEYra43X-z_MHj1wsLw365SuoAalth7DYrIxYaE701AHNe-sDI17pLk2yK84-_eOb2pZZFM6wsaPEMVjn2IbJxg9MF-kFI-DXui5w3_ARbedlwcb8hCBFtkPSOG0Eky6m5qUg5LNro4VMr4FyB28roH22BeuPJACPGkWH1BRYtJqezcEzQB2Cj5RYnEkxYM4mpxblKvKVPCOlAkGADF-bzeatmX3RJWF9Q814Dn25wMUf3aXs9vKGdNi9Wg_ymO0c8Kw9O9TqaJfINn38CgnqdhZfZyDJVTyeXEJty5cIgz3rI0lSWGVo0J9UidzaMFid5vh3K3set4yWJ6-txQSvX4PrOxyTX1EGsN81wOUZP9gGCzY6J5rExsYSVl2ilwMNewQqoIfaw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXJwQRzXeZMC3C4qIkwPP3ZqQAcme0rFc1Z2R93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNYBT9DUs0uQ_vHmWgZHD_1Y9_S3-MZyDidXDmn_o_2WATdzfaJDNXUL5bW0ePb0sawOjXy9P2jsnfPPjOomdv-uHqjyDpWLRj4KdjwLy2aRP2is7GmW1fzKj3501OEqmP23fEZc9Yc0iJ3_jMtCtMv3SVfJrG7ub5yo4L-aA1Kzxz-ezyFK2E3wH9ivzTo08DfkJ1sEwIwvi68UutPnv5lL5NlTVDNsf4NeGS-tmtBl_gL5XkpLD9G6aWixf9Ic278CVrvJJV0MK7j15K0-Jc2hUEHsc7n_O4AGkLLhoJTl4I20AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2VTzziOCVYxdUAFd3xRvA5iSA16w%26client%3Dca-pub-5694541448612364%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A06A 2 KB
1 KB 59ms
57ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A06A 308 B
636 B 35ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A06A 293 B
621 B 44ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame A06A 43 B
347 B 43ms
42ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=i3RJYWDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNvPGq7XOE1dPjY7iCDvY9ds3pBuVW5U9rjKvk4HcWg4XYDQ-jdDdM_FFwsQvQctBTm2pIwxRkCWdbEOQ1x8N0TyWNOQN9KZ9kimRGJhmq7Z3QHPxjuGd5FROC_T99pra9iev1cWzbxZFozSDskPpZgl7PIGDitO93uHDcHRZ9d1Q7lUzvGpyi5Edk_qKvt0TdmqCnc6YcDtXlPZVnbmP4i7dz7FlWvAGsVOspEWbh5rS2_QLneT9EwN1pRHl6i68PypO0J1opMY81dfDROwSs1b8PNlZpiDPQgtjs_Fq8T9_0zxvx2X9CEbzdCF2SsIeETKivYdWPhAkvUr1RCeeYy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1467913
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A06A 16 KB
7 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 17 Aug 2023 15:55:17 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BC4D 0
127 B 35ms
34ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=u5iHSjS5MMlPDbEEnG-VezZuU0s23hcT1-d4kprOH6t7-u-Bfx3gpestqJcFxMR_LGF_Z-VNI_WoGziQ-FbWyv_C4vj6HnbEV5v1EJoRuvKA9eKM0Ru66fj8JEY8tF5Ewa7goGJ9EdklZgZWBVSE1SR1Spb21T8PMzxwCPgwmPB40m829Pvln4vRikQPoc5gvy7FKlctd5vmpIoe5BROiBXewpZ4VBaL8CiptIlE63RIv-qdsBuYPxVtwYLCm2FpbGa0sg&sds=2&rev=88037&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BC4D 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BC4D 2 KB
1 KB 35ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
DATA 200
OK truncated
/ Frame F803 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 873d9804fad4a172942b60fd06122de33098024f2c98f2218e6c45cd17288e02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E5B6 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwAC28EKZMQKAAauz11XQAx33lx5qLrdsA&u=%7C7%2BaFQqKs8td10RbT5MKByp%2Fzm0zc0tBkpGqf5k757IE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC8675qickulgVVz0EbnrSseZbrBPZVAOP2O40pZaoC5dtDTdupMfIVxYqv9-6-FRFHveH8UvhzB3PA8ss4fhRVzG5H28AQP9hZCTdHUCnYBOLX1jRPrFYuYoZRKwvAXehM5FDsPfdNLuQQH2wuDOQIKSFk7sZ3NqZnP8tBFY3rMxuCkHhtukFAXaMIJOr8g3dBYrVP6o2NYMwIEoF7iAyl7fTtK7A-8Um3Xknhs_1P8p5TuashgJnR9GU5hb4LbmURWaVfSOkchaBpQpRf21rN3Kns_09sZtbxGZmZDvh0wsPw3EdpNJTYWPCDC_6ujfb4vlwInyeYu5d57uygK25kMTiWW0VkjfkANdcJQPE9nlzvDAmgT_7RKbhO4Ak1IS5B2Aier7dhvna68G9_TyAIAYFC8C2d1XhcEhhNK4JXb3iFlp_vrre2WH8J9J_qGPYgaNhQSgYt4Z_SQe28jeFRpPmAwALJgD2OZKtGXt6UKTAqwcrKU4Vaf3VhSpSeJnzw7_ljYWuuYlqtaN_HdXkOXn0mTkq8Q3Nfnfcou3HJcGaKlF-hhp7VBgrrATyRZj4_Es9-pQT1uJxjGGEyxKp_Q36EcLP6V3V3Rg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5GdjRzXeZMG3C4qIkwPP3ZqQAcme0rFczaOW93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNcBT9A1PsL-u90d-kxXAsNKhGhlMi8ZmfPmHPXmuHZ0JJa8rmaaFu6duMPcgAurLVSQWvihpQ0n6OGLLY0lqealRLVQW0wAGtHtPj0nP2F8fG6xbSDxZiTLG4OGfDwV64maaqRpBjts9VqNHBHQVDMTOsj3Q_DLzYYC5I51QWX939vH-niTWwRbBVruQYFBS2u7tG9NgqHkgALXqa1nHoTrn7hEYGuTDksocgarmdwy-VdY4WdvV-uHGlUpirr4NUhg_rpAXvGKQ70Ams1E-2l5YaZnEXkULwGABvO4lOTL-s-H-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_27b_bglfGmNwY9qvOF5i_iIDButQ%26client%3Dca-pub-5694541448612364%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame E5B6 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E5B6 308 B
636 B 35ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E5B6 293 B
621 B 34ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame E5B6 43 B
347 B 39ms
38ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=eBUMPcaADF0DoTd-ir_e-yAwvluDhNNc20PRXrZ5Zr7tC6uKD-RhcjJLSALibxmaY2eBb6dBHBzcsnH4HUMKWQUo-4mn5Jq7Ya-u5Cnk_StYmusCjrXai_IBU1qKaFdz-Si3WjCUvjaLKE_hkl_35OLI9oPSMXthk_zA6gjkVh1KtlkGDJS88BIYsnLr4IksYOtbOzq89QyM-4w5kVfKBoTqT2EAwT0iqtvMd9s7RdUhYNrPVrlX55vZ3WKvLsaQAAgmRsGmiouQyLyA0O6tNzZ2Jt9eF1ENRwh9BJph5KfuKX68nkAbCkNWhavKpV1mJF66NEEYD8WWcydbmESkuOItiBhLwrNvDFYzJJDTP3MPmHCvZ6GxnbFd5K35BUgF2-KCxQcNOOH6J2GFZKANDYKA3xmBO8PgS0vhvezq9N078x7453A19NTdntWr0X93CfSLLuxDRKaRfDRVFFG_CRkEDTQju_Dm4iDgYeQGON_HUlQk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1566003
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/
cs.mytheresa.com/mix/v3/ Frame E5B6
Redirect Chain

https://cs.mytheresa.com/mix/v3/?tcs=3504&rand=64de354834dac5184e8a6191ac40066d&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=cs.mytheresa.com&tcs=3504&rand=64de354834dac5184e8a6191ac40066d&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp...
https://cs.mytheresa.com/mix/v3/?tc_id=2023081716571311772951878&tcs=3504&rand=64de354834dac5184e8a6191ac40066d&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=

43 B
989 B

37ms
37ms

Image
image/gif

35.181.77.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.mytheresa.com/mix/v3/?tc_id=2023081716571311772951878&tcs=3504&rand=64de354834dac5184e8a6191ac40066d&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN41RwAC28EKZMQKAAauz11XQAx33lx5qLrdsA&u=%7C7%2BaFQqKs8td10RbT5MKByp%2Fzm0zc0tBkpGqf5k757IE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC8675qickulgVVz0EbnrSseZbrBPZVAOP2O40pZaoC5dtDTdupMfIVxYqv9-6-FRFHveH8UvhzB3PA8ss4fhRVzG5H28AQP9hZCTdHUCnYBOLX1jRPrFYuYoZRKwvAXehM5FDsPfdNLuQQH2wuDOQIKSFk7sZ3NqZnP8tBFY3rMxuCkHhtukFAXaMIJOr8g3dBYrVP6o2NYMwIEoF7iAyl7fTtK7A-8Um3Xknhs_1P8p5TuashgJnR9GU5hb4LbmURWaVfSOkchaBpQpRf21rN3Kns_09sZtbxGZmZDvh0wsPw3EdpNJTYWPCDC_6ujfb4vlwInyeYu5d57uygK25kMTiWW0VkjfkANdcJQPE9nlzvDAmgT_7RKbhO4Ak1IS5B2Aier7dhvna68G9_TyAIAYFC8C2d1XhcEhhNK4JXb3iFlp_vrre2WH8J9J_qGPYgaNhQSgYt4Z_SQe28jeFRpPmAwALJgD2OZKtGXt6UKTAqwcrKU4Vaf3VhSpSeJnzw7_ljYWuuYlqtaN_HdXkOXn0mTkq8Q3Nfnfcou3HJcGaKlF-hhp7VBgrrATyRZj4_Es9-pQT1uJxjGGEyxKp_Q36EcLP6V3V3Rg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5GdjRzXeZMG3C4qIkwPP3ZqQAcme0rFczaOW93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNcBT9A1PsL-u90d-kxXAsNKhGhlMi8ZmfPmHPXmuHZ0JJa8rmaaFu6duMPcgAurLVSQWvihpQ0n6OGLLY0lqealRLVQW0wAGtHtPj0nP2F8fG6xbSDxZiTLG4OGfDwV64maaqRpBjts9VqNHBHQVDMTOsj3Q_DLzYYC5I51QWX939vH-niTWwRbBVruQYFBS2u7tG9NgqHkgALXqa1nHoTrn7hEYGuTDksocgarmdwy-VdY4WdvV-uHGlUpirr4NUhg_rpAXvGKQ70Ams1E-2l5YaZnEXkULwGABvO4lOTL-s-H-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_27b_bglfGmNwY9qvOF5i_iIDButQ%26client%3Dca-pub-5694541448612364%26adurl%3D
Protocol: HTTP/1.1
Server: 35.181.77.138 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: private
date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
server: web
transfer-encoding: chunked
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=486000, pre-check=486000
expires: Wed, 15 Nov 23 16:57:13 +0100

Redirect headers

pragma: private
date: Thu, 17 Aug 2023 14:57:13 GMT
server: web
transfer-encoding: chunked
content-type: text/html
location: https://cs.mytheresa.com/mix/v3/?tc_id=2023081716571311772951878&tcs=3504&rand=64de354834dac5184e8a6191ac40066d&chn=display_pro&src=criteo&cmp=criteo_de&tarea=de&ptyp=dynamic&gdpr=1&gdpr_consent=
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
cache-control: private, max-age=486000, pre-check=486000
expires: Wed, 15 Nov 23 16:57:13 +0100

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E5B6 12 KB
5 KB 28ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 75644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dwp8hFfwvXLRZvCyNXbQwtubK%2FGYVZVz2XyGpY8XzL3jQTV5DR8aUHc8hPc8Bi1MyKufETIrW%2FmCHlNoULQyXSTOI1hQKe08ZgOd48NhJLJfCAi9K5Op53WKswOdoPGeFPpTPwLl78guSmeSJ8JDQWq0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f82c4aa48385cb0-FRA
expires: Tue, 06 Aug 2024 14:57:13 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E5B6 12 KB
6 KB 44ms
43ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H3 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame A06A 49 KB
20 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Aug 2024 22:02:07 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A052
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
38ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:13 GMT
expires: Thu, 17 Aug 2023 14:57:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 7 KB
7 KB 45ms
42ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=35288&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F35288%2F230404%2F75b6b6471c044820bb8eaf9a546f3810_logo_horizontal_1.png&v=3&w=196&s=0BiwAnw_UrH1oX7S08rqZ5uj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a9ed2bda0b81ef3998269bf6412b66bb3c831a22f312478b21d57c353254d382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 7290
expires: Mon, 29 Jul 2024 02:25:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 3 KB
4 KB 37ms
33ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F27%2FP00752506.jpg&v=3&w=400&s=wb1kVf-U4_f6tPypGrGx1c2E&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a813e5fa06c97bc52715268329e876649fb684a5304821544888e3655760ee9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=42292
content-length: 3396
expires: Thu, 17 Aug 2023 21:55:19 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 4 KB
4 KB 51ms
48ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fdc%2FP00765648.jpg&v=3&w=400&s=KMwuWBfZ0p8kPUuA1hli9FK7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dc140da86aa33cc95305cba81199e98f91d8d75f9cc3b2ec4c3cf75c4a0efa86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 4092
expires: Thu, 17 Aug 2023 17:30:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 3 KB
3 KB 49ms
45ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fac%2FP00680858.jpg&v=3&w=400&s=dagEAGHHLLrKmYGdCWG-7ZKJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

513dd695202816b7ebfd96e11c665d95cdeb07cfb40ea0d8c91306714ad2b8a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 3268
expires: Fri, 18 Aug 2023 01:35:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 2 KB
3 KB 38ms
35ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F0e%2FP00680913.jpg&v=3&w=400&s=pZDp_Pbs6rBojZBohNEI5Tnm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf3beaa56ee5531ed074e502f5ffe8eb9ba01611f96e808d0f741275919cd40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 2556
expires: Thu, 17 Aug 2023 20:12:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 18 KB
18 KB 45ms
42ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F83%2FP00749446.jpg&v=3&w=400&s=Pri5HOtWFUVuWGgUKciOSkFg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a0964328d374cd0daf0a4f2d1f573dba08bcc421f151a769bf312f66085545d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=37070
content-length: 18234
expires: Thu, 17 Aug 2023 19:34:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 2 KB
2 KB 39ms
35ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F42%2FP00752327.jpg&v=3&w=400&s=qOwocMheaAay1NvxQZOY3X7k&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3efe235f4c407752634a4af0d6a743041ab7087fdfc0f2b4ef4adba6a317a654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 2272
expires: Fri, 18 Aug 2023 00:33:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 14 KB
14 KB 55ms
52ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F7b%2FP00751684.jpg&v=3&w=400&s=l0yeEsli65ff5RQ1-sisnQ5T&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4bc6c40e439746366cb5508dfb4312c424293cadf6af00005f81ab0131ac3a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 14144
expires: Fri, 18 Aug 2023 01:14:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 12 KB
12 KB 60ms
57ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fae%2FP00680176.jpg&v=3&w=400&s=FTKYkhG85KVy_abHIF3JQpDT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2b0caf9d57a44cf055f97dbdb0b6b364f2e127ce3f5b93193670117ef9406dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 12242
expires: Thu, 17 Aug 2023 21:31:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 5 KB
5 KB 56ms
53ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F62%2FP00740731.jpg&v=3&w=400&s=tbJsP2EfNkLB04LymOXQY-xt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e841b6d22ff7a782ffc4019304b0b137618c139c29c86b86ef5dceca938ed058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 4648
expires: Thu, 17 Aug 2023 19:46:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 2 KB
3 KB 89ms
86ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F88%2FP00752437.jpg&v=3&w=400&s=JxumikN-EPRvq2SK4QrEZzQX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9e7b342794d05e0f455ec180f38698560d5e72207f466f503a93b59f86e61c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 2552
expires: Thu, 17 Aug 2023 18:55:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 7 KB
7 KB 70ms
67ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F7d%2FP00771805.jpg&v=3&w=400&s=eyAqjUPGxNhYevLGUBapsG4V&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c041fe95466655c1f02575752a0fe7b352a6521247daad41000df65babf602e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=34816
content-length: 7392
expires: Thu, 17 Aug 2023 15:52:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 22 KB
22 KB 86ms
83ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F8c%2FP00741820.jpg&v=3&w=400&s=4ovooDGQyLH_91L-Zte5FU7m&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

663c07bcc35c969798aabdbbb543d2930c470119883e19816030dad1a044e9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=42254
content-length: 22438
expires: Thu, 17 Aug 2023 21:09:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 4 KB
4 KB 93ms
91ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F28%2FP00680879.jpg&v=3&w=400&s=5eSqtdi7tG5MIrA-_9OvY9fu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e24a91cee51c9f62beac30dfb0e25f4ab169098ed65562b1e3a30544bbbb9e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 4132
expires: Thu, 17 Aug 2023 22:19:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 3 KB
3 KB 70ms
68ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F3a%2FP00652713.jpg&v=3&w=400&s=1RBgYjDDwVq40HykIpDpR0lF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

27a3a170ffb21b0a7d8722384e1541e3e2873eded39c5f2f89f88448c8c56c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 2976
expires: Fri, 18 Aug 2023 02:30:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 7 KB
7 KB 73ms
70ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F71%2FP00766244.jpg&v=3&w=400&s=c6ANRfzuO9FViE1CGPDOHS9e&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ecb8f51add373f5741f293052f260d741d39406d1233116235a6b918dcd597fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
content-length: 7414
expires: Thu, 17 Aug 2023 22:24:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 5 KB
5 KB 75ms
72ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F4f%2FP00748366.jpg&v=3&w=400&s=v0p3-pwjxrDUl-2matNqqS2C&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3a9b36a24bcda13a05bd3a05fbd46b574fbe48384910e3c0a811ce3078093c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=38041
content-length: 5016
expires: Thu, 17 Aug 2023 18:23:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 15 KB
15 KB 83ms
81ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2F57%2FP00751725.jpg&v=3&w=400&s=OFDybtA-Zj4eteaaE3MOqWJa&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6faad5a0b1cd669ca53a856dbf84c20c079c350e885db882cb2ebee9862108ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=37009
content-length: 15114
expires: Thu, 17 Aug 2023 22:16:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E5B6 7 KB
7 KB 92ms
90ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=35288&q=80&r=0&u=https%3A%2F%2Fimg.mytheresa.com%2F1000%2F1000%2F95%2Fjpeg%2Fcatalog%2Fproduct%2Fa8%2FP00773108.jpg&v=3&w=400&s=9fL87FNX0WLHIZ_vwAfUf2Xg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e4832ac6cac4bacdd479df80e1393dd4b13e9d500bb687f965333ef191c0325f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=37288
content-length: 7162
expires: Thu, 17 Aug 2023 23:42:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E5B6 0
127 B 35ms
34ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=27xjvjS5MMlPDbEE0bjpSgBf30ZaxcOQ-OD2kb5ti3XxEeLbxJu3YrqFFp35frlbnx5L7BJ2zLKi2hJafB1B3TfWUBTn08epVm2X2zBflQlILQU_uXZtUX67wwKlAf-yo1N0sBnFApRdkDp2kstw360HFHEglTLqq0IdDDlUtzApnB8WJKTPshFxbsKB51g20D4LleMWf20Dosk_VT6SVojjKmjacyatwyYOVhDGAdoXj-Cp34BCRco7HpFcqf3RbW60Mg&sds=2&rev=88037&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Aug 2023 14:57:12 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E5B6 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E5B6 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4BB8 42 B
64 B 169ms
125ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5JDffjV6eX5pncHjFGe9zDaY672wI-ep_j6CVO9TCUvhOlFqYzeFOyPIKUncIpcLTKuiERbZYdSofDlSb8Or7H6jIxDhGBjfLIaG1KXtf7o9H4J6BsjqBQ8A4XkA3h12TxfAIFo6pmVG7&sai=AMfl-YShYJpR2RoCbxt0UQtPs7ZvHRMZkl0ob321Jm4qc7yg6yyHN7EVAQQq4E-psXbmXnXQaLQLTThzGyy9&sig=Cg0ArKJSzCBsLPjHtYvGEAE&cid=CAQSGwBpAlJWDvdHNf5jRtpyMkE8x-1YaaDeEXHQvRgB&id=lidar2&mcvt=1061&p=0,0,280,350&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=196439105&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692284231048&rpt=1261&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A37D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c8a477fd31598d7289225e3336cc26673ceb070ca39819bb2f13acc3252f1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A37D 0
19 B 67ms
67ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0TNwRzXeZL-3C4qIkwPP3ZqQAcme0rFc1Z2R93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNQBT9DTuOBuQt3U6a54qDO94EqBUZVe5z2DUF6Ffx4lLsn8eszDHR1W5kCdOrN65P32EkLD93lg0PZVi1NGOKmiBnUBRq7Ld-CeeHjt4cVj0colSbGkOWiSubt5xDKqGCdv2B0VK9Urkh4cLuBS7_QHdRIhzhOducyTkf0rKSngYK0uuON51btjLNBabkmR7osm1wVIUB8U7-7fRIveiFmfDSmdZbOutJ7xDEiVXTUyhjGTeJqYjIrliJzI6MGHMleiB-w9a3B3bvo1Q6ndpgjpIUkd1jqABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTY5NDU0MTQ0ODYxMjM2NBgA&sigh=ktd8cyDIHDs&uach_m=[UACH]&cid=CAQSGwBpAlJW_ZTjl3fdWwyY8F1KNoO4z1Z6ubRr-xgB&cbvp=2&vis=1

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 14:57:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame A37D 0
125 B 36ms
35ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIqLFdyBMKAB2ASdg2ICAgAAALWlqafuUIzgEEY13mSk2QZo0YkI2iisAAASAAAKCkFRVUJEd0VQRHc&wp=ZN41RwAC278KZMQKAAauzw7Q_UcU-VTJAhZEDA&cbvp=2

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 165568
server: Kestrel
content-length: 0

GET
H2 200 B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4... Show response
ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/ Frame 4C9D 74 KB
33 KB 151ms
65ms Document
text/html 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

b589716b0715be0505835c9830fde4fcd933641160468d802bac7c44221c6dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 33040
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame A06A 0
127 B 35ms
35ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=3lTlTDS5MMlPDbEENmwtspfuIH4cNGikH7bFaaiYC72FfBS7XdOvQX5vqMV6dnF2p5_ab-KRqdGdDcDQZeMyQOvlT0gor-zrNv9A1tPEMLMX4zLPxTUDE5CBhh_94yi5-OEX5UxQc-YXQHiJwrFf5hKo6_wiyCpN1M7a1NLoFy3ysJTjp-2F12G8CavSMVcjH1pjXD2aADkhhSuor8_9a0ayOBPv6qlFETsjyPk79kbejWxu1D8Wlky5CSzfjGp0V3X44w&sds=2&rev=88037&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A06A 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A06A 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H2 200 a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff
static.criteo.net/design/dt/ Frame E5B6 16 KB
16 KB 39ms
39ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/a13f5a089b9f4fa68a01887fffacd2e9_futurastdbook.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f9854564eea51b88c56b7da87ae2606311a8bc5b5f4fe6c07536ffc6d59873ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Jun 2018 14:45:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b34f4a7-3fb8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:57:13 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 605E 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: bloxcms.com.siteindices.com
URL: https://bloxcms.com.siteindices.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 13:42:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 4C9D 11 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:22:46 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1579743/72912805/ Frame 4C9D 249 KB
75 KB 387ms
46ms Script
application/javascript 54.77.221.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1579743/72912805/skeleton.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.221.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-221-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 68687d7ff9b69e8d3d2a45fe554940460dbafff05de9b2495e62dff1caa9c347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:14 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4C9D 111 KB
39 KB 88ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 18:51:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 48D0 42 B
64 B 126ms
125ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiglGDNueqKerP2fBFor5IWBnVEjwuUupV0zxsKhW6G2GLFjmvGR697Sys8mZIpZjpBfOhv0DVlX5tcool4D9URT0bSMriAPsrc30mVElEgV_r54Y9Dnkp7EhGFHtaQwZZmOFRNIkREpUo&sai=AMfl-YTyX_ZOTspvdi6FudmrzrzZZJS1nHUJ3dVHu4b4GN-j-rYC61UeQsj-35Cj3Bg9KgVO6qL5Bssu5hdc&sig=Cg0ArKJSzGdQVHNKNAueEAE&cid=CAQSGwBpAlJWve9NTjMBSS_ZoUnjLdktY3EYitqVYhgB&id=lidar2&mcvt=1013&p=0,0,280,1110&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=801452986&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692284231035&rpt=1638&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4C9D 41 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:25:04 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8FFD 22 KB
8 KB 22ms
22ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 232753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 22:18:00 GMT
expires: Tue, 13 Aug 2024 22:18:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F803 0
19 B 70ms
69ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ3DeRzXeZMG3C4qIkwPP3ZqQAcme0rFczaOW93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNQBT9A1PsL-u90d-kxXAsNKhGhlMi8ZmfPmHPXmuHZ0JJa8rmaaFu6duMPcgAurLVSQWvihpQ0n6OGLLY0lqealRLVQW0wAGtHtPj0nP2F8fG6xbSDxZiTLG4OGfDwV64maaqRpBjts9VqNHBHQVDMTOsj3Q_DLzYYC5I51QWX939vH-niTWwRbBVruQYFBS2u7tG9NgqHkgALXqa1nHoTrn7hEYGuTDksocgarmdwyu1V5c-Dgy_g4hkGKWodezUF09AxKcOkI93U9PD_75UVh5AzjAsaABvO4lOTL-s-H-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTY5NDU0MTQ0ODYxMjM2NBgA&sigh=K6VRF1pNPpM&uach_m=[UACH]&cid=CAQSGwBpAlJW_ZTjl3fdWwyY8F1KNoO4z1Z6ubRr-xgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 14:57:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame F803 0
125 B 38ms
38ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kK-YFcz6RO0HfJ2DYgICAAAAtaWpp-5QjOAQRzXeZDl4icieaczG6w0AABIAAAoKQVFVRER3RUJEdw&wp=ZN41RwAC28EKZMQKAAauz11XQAx33lx5qLrdsA&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 168064
server: Kestrel
content-length: 0

GET
H3 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FFD 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:16:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:16:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C9D 180 KB
56 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:57:13 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/ Frame 2C2B 9 KB
3 KB 66ms
22ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9228411dc8d4252c8479e878474f095604a61cf15ac43f9c20938d6186a9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 195748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3228
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 08:34:45 GMT
expires: Wed, 14 Aug 2024 08:34:45 GMT
last-modified: Mon, 07 Aug 2023 09:01:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4C9D 0
0 139ms
58ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjXw6HfYsGEa95YJUNKcxK9qIu-t5tKgdw-Evit2LEtjcvpdGh2rkt-UQPtTXl-G8yM_O4mgfgYaQPJ_-QoRJWpdIFDLx68gG23CXNUoYJfJxAavQP08ajnKsP7fKTNSXLyWf9rEupqKHPdT1mem2JqHPY3Jpk96tfmdKAEl1jEm3EbSGFjgw8PM1d81fC2HAAwaMBS1MKrqDxPxJPjQ&sai=AMfl-YRf4wdh8KV98Og9pdhdnt8kuFK_trCEf5evFe6-8hTu23sR2DZ2YiVF-he6cvhEyi08BBDRZIs73dVYPTOV51lZgd4VPv8KH5qnFQ&sig=Cg0ArKJSzCS648DlAoKpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=128&cbvp=1&cstd=124&cisv=r20230815.62103&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 14:57:13 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2C2B 113 KB
38 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 14:57:13 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2C2B 236 KB
63 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 14:57:13 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/ Frame 2C2B 61 KB
14 KB 23ms
22ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49ebbaed94ee4bb2be3cb549d9f0732493c16f8c90d9baaed2dbf09032be8306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14450
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 09:01:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Aug 2024 07:25:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FFD 0
20 B 125ms
125ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bbu8FSTXeZOumJPC39u8Pr-e0gA8AAAAAOAHgBAI&bg=!x8SlxJDNAAZGPLJIZjw7ADkAdvg8WvKwPdlQGT0ewdtvtuDx67IiwyNe9cl0P6DzgamKhqdHJv6RCRRvVeImgHRIftkiMDbBEGoCAAAAolIAAAAHaAEHmQNMI49yAQ9-4swtOthn-S5d5smPDWmyJ73WNbW7s_MFSQXDxVqpVTmLfXSTlVJzE4kJIxrBapJV_I9BKwOtB6M92GeeiwH6s6JW0zs2k3ylFckViTSntkvkk3Wt68wE2hZEq_gWDJnDzueb0M47c0Jg1pubQE0XTyvBiErTD8DlGt8afcv2ViHJaoyP2wU4n8BnLpptx-I_k6jUNY6KyS1svIDjMmkcebydkgapyG7FCxvHovxCMQVF8Fz3ruqqIOSAdD4KC-d3iNS-cZpt3qO_4ZLfggbHWqB4HIPGXV-lxJl_2EEUl7tcssJiDg4IpDduCrzMzZJOTfRxv5bxuhDWTOJWmHbZtW2-Q7V1oLER3fO6uAsDg8l6B6S17p4f7uVJQJKfkWrCMF-OT5alzqk3WGohhvR-6ZuAwCIhou4UOpnTyHqqDyagyWJugOOwSsfyBUwOhVnfSSMLyvzHUq2HOuw9I1zQ-FLNl840khJsOSqUtMTtt0vPvT-ZZV8uau0gSmHSeZCAoLtUp6uF33I9-3Yc-aWbjLTaTdyViQ0Znu5BEgIgz3jHlVmTsbFG7miImFRwoMWDBT9S9i10ycZx6BO3gdxIuIXLwaSDHfby2VtUAbzKwlLqDhS7vYpw68eFDE2tGdUXp5jcnWM4-j3OZNozg1Qvof-Y-0Cv_iEjfaqEriHL_Mt4TMG6jUaryIrtR6Y_NJ0Gg8qpH0FdCnJqVQnnEl1teIHjb_GMf9AnkN8bhHURuAVybUe7qvSAQ0mNYfkprWc7YlveVNpbrltpVHSOAPqrWvLUNQzY81yRey2M7OK1aGkyCirExhPAUNh30v-OWIHXIl7wNX-P8EXHeud7ryIkyWO4t5nZP1-cGbNbvUuRncfpi8zWaqD_q1tKuEI6pzSME3fUqx7zRBafVLHkm1q6MdVwERvtYnTEbyWa21A75osoREeQEI1r5gePcKMru0Jefm5JF95aHCSs9QSfmSsmH4rwEPoXxnvwc7yPXtJWxZMB64jhzCRRR7MR9k8BE_xnC8_uxo4kDCnLxyVb_CGd0S08qW-JKfbHT50HodEsHbNN98XxIbIgyG6_SusakKhDRJETgm96KNuOZy21NRVFvP8MaAP4Sw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/ Frame 2C2B 64 KB
64 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index_atlas_NP_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

119a6bf3c39fd24690350c801bf503bfb82056d0908817a441eb8e6d0b024b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3575441168722645050/OPEL_D~1/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:25:12 GMT
x-content-type-options: nosniff
age: 189122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65029
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 09:01:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 10:25:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4C9D 0
0 59ms
59ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjXw6HfYsGEa95YJUNKcxK9qIu-t5tKgdw-Evit2LEtjcvpdGh2rkt-UQPtTXl-G8yM_O4mgfgYaQPJ_-QoRJWpdIFDLx68gG23CXNUoYJfJxAavQP08ajnKsP7fKTNSXLyWf9rEupqKHPdT1mem2JqHPY3Jpk96tfmdKAEl1jEm3EbSGFjgw8PM1d81fC2HAAwaMBS1MKrqDxPxJPjQ&sai=AMfl-YRf4wdh8KV98Og9pdhdnt8kuFK_trCEf5evFe6-8hTu23sR2DZ2YiVF-he6cvhEyi08BBDRZIs73dVYPTOV51lZgd4VPv8KH5qnFQ&sig=Cg0ArKJSzCS648DlAoKpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=326&vt=11&dtpt=198&dett=3&cstd=124&cisv=r20230815.62103&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 14:57:14 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 4C9D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1579743/72912805/4.js?adContainerId=brand_safety_STXeZOumJPC39u8Pr-e0gA8&cbFunctionName=goog_wrapCb_STXeZOumJPC39u8Pr-e0gA8&true_pb=&adsafe_pb=https%3A%2F%2Fst...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_STXeZOumJPC39u8Pr-e0gA8&cbFunctionName=goog_wrapCb_STXeZOumJPC39u8Pr-e0gA8&true_pb=

1 KB
1 KB

56ms
26ms

Script
application/javascript

2600:9000:223f:d200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_STXeZOumJPC39u8Pr-e0gA8&cbFunctionName=goog_wrapCb_STXeZOumJPC39u8Pr-e0gA8&true_pb=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s
Protocol: H2
Server: 2600:9000:223f:d200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
date: Tue, 15 Aug 2023 19:01:35 GMT
x-amz-cf-pop: FRA56-P5
age: 158143
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: SH7lCmm7mqPpb2EBLxDNWcBx5vPYZ8i0MZZ94xNY5WgcZinfeAwIqw==

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:14 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_STXeZOumJPC39u8Pr-e0gA8&cbFunctionName=goog_wrapCb_STXeZOumJPC39u8Pr-e0gA8&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0FBA 91 KB
23 KB 98ms
24ms Script
application/javascript 2600:9000:223f:d200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 28509658
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: DQnxRgf_1EC3YJCqnJzmor70_wBpcYLSPqGKFuo76_XjjLfu9UfwBQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C9D 43 B
215 B 580ms
179ms Image
image/gif 2600:1f13:800:7780:c67c:ace0:7a0d:3866

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1579743&asId=a7403ae9-76e9-dbe1-3f5b-33bfa79b8522&tv=%7Bc:lz2P52,pingTime:-3,time:68,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tNcEbwQ+11%7C121%7C131%7C141%7C151%7C152%7C16%7C1711%7C1712%7C1811%7C19111*.1579743-72912805%7C191111%7C191112%7C1a1,idMap:19111*,rmeas:1,rend:0,renddet:na,siq:34%7D&br=c
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c67c:ace0:7a0d:3866 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:14 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C9D 43 B
215 B 574ms
176ms Image
image/gif 2600:1f13:800:7780:c67c:ace0:7a0d:3866

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1579743&asId=a7403ae9-76e9-dbe1-3f5b-33bfa79b8522&tv=%7Bc:lz2P54,pingTime:-6,time:70,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:70,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tNcEbwQ+11%7C121%7C131%7C141%7C151%7C152%7C16%7C1711%7C1712%7C1811%7C19111*.1579743-72912805%7C191111%7C191112%7C1a1,idMap:19111*,rmeas:1,rend:0,renddet:na,siq:34%7D&tpiLookup=ao:bloxcms.com.siteindices.com*%2Cgoogleads.g.doubleclick.net*%2Cgoogleads.g.doubleclick.net*%2Cads.eu.criteo.com*&br=c
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c67c:ace0:7a0d:3866 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:14 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C9D 43 B
215 B 565ms
176ms Image
image/gif 2600:1f13:800:7780:c67c:ace0:7a0d:3866

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1579743&asId=a7403ae9-76e9-dbe1-3f5b-33bfa79b8522&tv=%7Bc:lz2P59,pingTime:-2,time:75,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:209,mdZ:683,beA:691,beZ:694,mfA:698,cmA:700,inA:700,inZ:707,prA:707,prZ:717,si:725,poA:726,poZ:750,cmZ:750,mfZ:750,loA:761,loZ:763,ltA:766,ltZ:766%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:75,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tNcEbwQ+11%7C121%7C131%7C141%7C151%7C152%7C16%7C1711%7C1712%7C1811%7C19111*.1579743-72912805%7C191111%7C191112%7C1a1,idMap:19111*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:34,sinceFw:40,readyFired:true%7D&br=c
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c67c:ace0:7a0d:3866 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:14 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F803 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss99brg2-NsO_9OhA6GxNcdu3XA7cUoLyU2-MKhjo-loD1teHne7XA6kn1MTbHS4lmpc_IR8eWROUXUjsiXuJgdlscukHhQuv1Wc1g&sig=Cg0ArKJSzOMTGLgZda21EAE&id=lidar2&mcvt=1006&p=0,0,124,1005&mtos=226,864,1006,1006,1006&tos=226,638,142,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692284232735&rpt=495&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C9D 43 B
216 B 455ms
175ms Image
image/gif 2600:1f13:800:7780:c67c:ace0:7a0d:3866

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1579743&asId=a7403ae9-76e9-dbe1-3f5b-33bfa79b8522&tv=%7Bc:lz2P70,time:190,type:e,im:%7Bimprf:%7Bttecl:643,ecd:124,tsecr:2%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tNcEbwQ+11%7C121%7C131%7C141%7C151%7C152%7C16%7C1711%7C1712%7C1811%7C19111*.1579743-72912805%7C191111%7C191112%7C1a1,idMap:19111*,rmeas:1,rend:0,renddet:na,siq:34,sis:160%7D&br=c
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c67c:ace0:7a0d:3866 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:14 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 all
csm.eu.criteo.net/ Frame E5B6 0
127 B 37ms
34ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame BC4D 0
127 B 37ms
35ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Aug 2023 14:57:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A37D 42 B
64 B 128ms
127ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZh-DH3vPMxPr4BlJB9uqSniEBko3ML0Wj03dBX5XHjOSn1p_QkmFvGAkFGJfFj7CnaNCmEedWH0jhDABU_u9Zmp9PPTf4aXlVwzo&sig=Cg0ArKJSzDOqqQLCX2oiEAE&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692284232947&rpt=160&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C9D 43 B
215 B 330ms
330ms Image
image/gif 2600:1f13:800:7780:c67c:ace0:7a0d:3866

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1579743&asId=a7403ae9-76e9-dbe1-3f5b-33bfa79b8522&tv=%7Bc:lz2PbL,pingTime:-10,time:485,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692284234661%7C%7C62f0fdf6364c5e4a83e58cd77f63fb78%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7C69588f34586f99f99180860677d3ef3d%7C%7Cdea5433974bf96e35fc31996f8f8e1b3%7C%7C2eed274d3a16e9a19e449425dc05e484%7C%7C9cfb76b75fb2fcf2594567c395f41375%7C%7C28b64f6d9a4e9ab91143e98fb963e663%7C%7C1663701684%7D
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B30257563.372627018;dc_ver=96.284;sz=160x600;u_sd=1;gdpr=1;dc_adk=3157791334;ord=a85am3;click2=https%3A%2F%2Fcat.fr3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3D7wyHPGDwEL1XB1DWa3qI0CoWRM4xJUlO9MzmmUhramrBWukGd5Yp8JT716cKpjEY58fXKlptD3gRznMPKN8ubrJ87E39J2xBkesOUX5fAR9ZPVr9uzDEfI5yoxxn0ajMndKyXFYkr4egdl6VFdrp5pJHecNsCCspKO5hg0sD7LQg0vXwHoaKeE88KTpM0AsqIdyYsqym-_31knsmJc6RB01ZYRhcOOx2BSVWf1H3dU-rNqJA1bsO634oGicb5egxRdjqX4VBvucPv8mncDzJctlOa6pbnR_arSgNJgLzN2GvHkVht7XRV62zcPxbFTxxfdp5GY2MnNU5KtDRgvzPN7uyBwxZHD3JQHwfkasfn00pG6Z9-nHcBHTewUgmptTFFzUsfSh2Y2MtlQ5TtKlO1YUGUC8pQrkeXB4cafkp-ZyUhDNfi4cphsRJSUhrTHlze7QPr2BCy8CkcBqclLuunUr7B2A%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fbloxcms.com.siteindices.com$2,,https%3A%2F%2Fgoogleads.g.doubleclick.net%2F$0;xdt=1;crlt=qlb4B71twn;gcsr=m;stc=1;chaa=1;sttr=132;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c67c:ace0:7a0d:3866 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:14 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 74ms
73ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230815&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecd4bcdadadbd05c14405b02cf719282a1bc63012887fe1be1356aaa425b1ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11755
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AB63 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: deba597473c6d14317baf1b64ef05efb672fd58e5ef86b151f5e32563f443455

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AB63 0
19 B 68ms
68ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcVovRzXeZMC3C4qIkwPP3ZqQAcme0rFc1Z2R93DAjbcBEAEgAGCVivuBlAeCARdjYS1wdWItNTY5NDU0MTQ0ODYxMjM2NMgBCakCsxfaMLo-sj6oAwHIAwKqBNMBT9DUs0uQ_vHmWgZHD_1Y9_S3-MZyDidXDmn_o_2WATdzfaJDNXUL5bW0ePb0sawOjXy9P2jsnfPPjOomdv-uHqjyDpWLRj4KdjwLy2aRP2is7GmW1fzKj3501OEqmP23fEZc9Yc0iJ3_jMtCtMv3SVfJrG7ub5yo4L-aA1Kzxz-ezyFK2E3wH9ivzTo08DfkJ1sEwIwvi68UutPnv5lL5NlTVDNsf4NeGS-tmtAn_CNr2cXXHG4mfcthQnTk0qsI4LHnPd-444VTFhIgCdUk-sX_zIAGkLLhoJTl4I20AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01Njk0NTQxNDQ4NjEyMzY0GAA&sigh=E5pBpXKZdIU&uach_m=[UACH]&cid=CAQSGwBpAlJW_ZTjl3fdWwyY8F1KNoO4z1Z6ubRr-xgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 14:57:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame AB63 0
125 B 36ms
35ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kPvyF9yBMKAB2ASdg2ICAgAAALWlqafuUIzgEEY13mTjfIot0X57RWYwAAASAAAKCkFRVUREd0VCRHc&wp=ZN41RwAC28AKZMQKAAauz4224tgmmn_MIdULrw&cbvp=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:14 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 139030
server: Kestrel
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4C9D 43 B
215 B 183ms
183ms Image
image/gif 2600:1f13:800:7780:c67c:ace0:7a0d:3866

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1579743&asId=a7403ae9-76e9-dbe1-3f5b-33bfa79b8522&tv=%7Bc:lz2PhL,time:857,type:e,im:%7Bpci:%7Btdr:796%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:857,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B846~0%5D,as:%5B846~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:334,fm:tNcEbwQ+11%7C121%7C131%7C141%7C151%7C152%7C16%7C1711%7C1712%7C1811%7C19111*.1579743-72912805%7C191111%7C191112%7C1a1,idMap:19111*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:34,sis:160%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c67c:ace0:7a0d:3866 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 14:57:15 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxcms.com.siteindices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 14:57:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 50C2 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:38:24 GMT
expires: Fri, 16 Aug 2024 14:38:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2C7D 829 B
559 B 33ms
33ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5cfbcc09f2e02295f8c6f413bf43318c079a53f0ef4d8f29a3c932de40afc5fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jNnUbjQblPdZ90-r0YPbDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloxcms.com.siteindices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-jNnUbjQblPdZ90-r0YPbDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:57:15 GMT
expires: Thu, 17 Aug 2023 14:57:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2C7D 0
0 121ms
121ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230815&jk=1085081625870828&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 50C2 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 13:42:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 50C2 0
11 B 21ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dxFU6Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:57:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.siteindices.com/	1970-01-20 23:40:44	Name: _ga Value: GA1.2.1929554003.1692284231
.siteindices.com/	1970-01-20 14:06:10	Name: _gid Value: GA1.2.2127173505.1692284231
.siteindices.com/	1970-01-20 14:04:44	Name: _gat_gtag_UA_162020576_1 Value: 1
.siteindices.com/	1970-01-20 23:26:20	Name: __gads Value: ID=09e88eab84b9c265-22ec2f1a9ee30086:T=1692284231:RT=1692284231:S=ALNI_MaJ6uI5BpWFfe6jSd6RxFR89Ozh7w
.siteindices.com/	1970-01-20 23:26:20	Name: __gpi Value: UID=00000c620bddb32f:T=1692284231:RT=1692284231:S=ALNI_MYDZbVky8y0axl_GjrI2eCjDS1WAg
.doubleclick.net/	1970-01-20 14:04:47	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:26:20	Name: IDE Value: AHWqTUnAItjK9QtpdFl2HjNhIrfjojTTKtGbfId4X2vyLGNToQkfxh8WvBLlBqFcNxg
.doubleclick.net/	1970-01-20 14:04:45	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 16:14:20	Name: ar_debug Value: 1
.siteindices.com/	1970-01-20 23:40:44	Name: _ga_YZLP68FKYZ Value: GS1.1.1692284230.1.0.1692284233.0.0.0
.mytheresa.com/	1970-01-20 22:50:20	Name: tc_cj_v2 Value: ~%24.%2B%27%7B4y%2B-%2AZZZ%7D-%24%2F%20%2AZZZKPSLLRNLMMJJJZZZpc_q
.mytheresa.com/	1970-01-20 22:50:20	Name: tc_cj_v2_cmp Value: %7D-%24%2F%20%2Ay~%20
.mytheresa.com/	1969-12-31 23:59:59	Name: TC_CHECK_COOKIES_SUPPORT Value: 1
.doubleclick.net/	1970-01-20 18:23:56	Name: APC Value: AfxxVi7G2lksxGC34Nk9FSfrd8FR3AC0Un_WKM9zhb8uyNcgQy03zA
.mix-phoenix.commander1.com/	1970-01-20 22:50:20	Name: tc_cj_v2 Value: ~%24.%2B%27%7B4y%2B-%2AZZZ%7D-%24%2F%20%2AZZZKPSLLRNLMMJJJZZZpc_q
.mix-phoenix.commander1.com/	1970-01-20 22:50:20	Name: tc_cj_v2_cmp Value: %7D-%24%2F%20%2Ay~%20
.commander1.com/	1970-01-20 22:50:20	Name: TCID Value: 2023081716571311772951878
.mytheresa.com/	1970-01-20 22:50:20	Name: CAID Value: 2023081716571311772951878

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5694541448612364&output=html&h=280&slotname=1496813024&adk=1673820887&adf=2518690131&pi=t.ma~as.1496813024&w=730&fwrn=4&fwrnh=100&lmt=1692277031&rafmt=1&format=730x280&url=https%3A%2F%2Fbloxcms.com.siteindices.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692284230774&bpp=1&bdt=359&idt=275&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=4283636873857&frm=20&pv=1&ga_vid=1929554003.1692284231&ga_sid=1692284231&ga_hid=1454003756&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077017%2C31077148%2C42532243%2C44799580&oid=2&pvsid=1085081625870828&tmod=171957131&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=y7LuP431tM&p=https%3A//bloxcms.com.siteindices.com&dtd=278 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.eu.criteo.com
bloxcms.com.siteindices.com
cat.fr3.eu.criteo.com
cdnjs.cloudflare.com
cs.mytheresa.com
csm.eu.criteo.net
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imageproxy.eu.criteo.net
mix-phoenix.commander1.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s0.2mdn.net
static.adsafeprotected.com
static.criteo.net
t3.gstatic.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.siteindices.com
104.237.149.142
142.250.184.230
172.217.16.194
172.217.18.2
178.250.7.9
2001:4860:4802:34::36
2600:1f13:800:7780:c67c:ace0:7a0d:3866
2600:9000:223f:d200:8:48e:53c0:93a1
2606:4700::6811:190e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a02:2638:3::3
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::4
2a02:2638:d::c
35.181.29.184
35.181.77.138
54.77.221.160
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
085ee4a2d083f202c561812ca3bc8b26147656c582efa170d5de0ff907a5dd39
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0d3f12e73ccf13616cee5b3049d7d4e9bd1f5a0b681e3779bc76ef6124d63177
0e937dbbcc6ac86d5eea66d1c88c0a4d73d48a0b1ebdabd7c76bf0aab271a0c3
0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b
114b07db8be817bfb1f20e07ac98d9500c7ed50146512c32c102f41309437b13
119a6bf3c39fd24690350c801bf503bfb82056d0908817a441eb8e6d0b024b1b
11e0642693c24788eba3a8a6ee77a53fdbb987399132d50eeeb10175366a5d9a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20932b3af65b20ed5b7a9bb771eca586cc6a711ecc15f11c514498ef0e0f06b1
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27a3a170ffb21b0a7d8722384e1541e3e2873eded39c5f2f89f88448c8c56c39
2b0caf9d57a44cf055f97dbdb0b6b364f2e127ce3f5b93193670117ef9406dcd
2c8a477fd31598d7289225e3336cc26673ceb070ca39819bb2f13acc3252f1c9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
339a142b74d654e469fe04d9e4956f07f1a55018e7b2b032080967df7671d07d
3512a3ca0a590ced4ba84aab278fd26c1721ec3a762b3f7ca02b1a1bd787c260
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c69df19d8716a4d012b89a3913294a6defa38418b8e4b9eb1ac5a8b62f33b5d
3efe235f4c407752634a4af0d6a743041ab7087fdfc0f2b4ef4adba6a317a654
3f0133a51dbe2306a5d32fbc64643af6fc2503036a2ebec0e61b377d6e60ae75
41700d50f245db4cf2bf4d473e3912fa002f6fda408125c389bcf2884e75ddc0
45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
49ebbaed94ee4bb2be3cb549d9f0732493c16f8c90d9baaed2dbf09032be8306
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4bc6c40e439746366cb5508dfb4312c424293cadf6af00005f81ab0131ac3a2c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513dd695202816b7ebfd96e11c665d95cdeb07cfb40ea0d8c91306714ad2b8a6
53150cd0abdce77cb401a07e66c196041e5931fa9bf8e142f2ec114d1ee7dfaa
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfbcc09f2e02295f8c6f413bf43318c079a53f0ef4d8f29a3c932de40afc5fb
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f82c95cceaabdc0a14e4fc5e09aa3e354a56ca419d3d27c2ebfb14ee1ad0b2
623bd059e5cea1358a2b5d87149ceb8cc8cb829020758561d211a9f3a1cf75c9
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
663c07bcc35c969798aabdbbb543d2930c470119883e19816030dad1a044e9ad
68687d7ff9b69e8d3d2a45fe554940460dbafff05de9b2495e62dff1caa9c347
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e18192f6b2176e73f105a048d601f7494ed5777f7915fcddf077c8ce8c62525
6faad5a0b1cd669ca53a856dbf84c20c079c350e885db882cb2ebee9862108ac
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
78dac75b4855f9527371f2be90acd25c96063c3c9e4f56aee29b3173aeb65b7c
7a9228411dc8d4252c8479e878474f095604a61cf15ac43f9c20938d6186a9cd
7d3b9482d4fb3b6aeaa089b08eb84381b5d3294c32c71ba320c4482bb4dbb8d5
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
873d9804fad4a172942b60fd06122de33098024f2c98f2218e6c45cd17288e02
8a98e0a8f603bbbdb33de3bdf1573370b6b32b824f30d382fd7eef55b112c00f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91c32cf62c2a7ec7bc63bd4354823f66812d56d2323a5298eac81e5b969811c2
9232f5145851f29ce012520048686481e665bcc7d96819f6f7adc1570875fe02
9bb0402bdd0e95f7334cbb32d98089f29f6c61fe1d993c5208a8ee0c767b8734
9e7b342794d05e0f455ec180f38698560d5e72207f466f503a93b59f86e61c09
a0964328d374cd0daf0a4f2d1f573dba08bcc421f151a769bf312f66085545d4
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0f3acdf32f40ceb06899752a2888a265dd49ece9b5777cfe0e9eb2a2cbe341e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a813e5fa06c97bc52715268329e876649fb684a5304821544888e3655760ee9f
a9ed2bda0b81ef3998269bf6412b66bb3c831a22f312478b21d57c353254d382
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac1b93ff14c79f093300dc688b66c154f0718cb0898c4e23c7415ec449791daa
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b3cf9129ef036a2f3db5f05656b5bb31357839ba38100aa2559a60f497b8fd44
b43ec0462b441bdec2a802f9438cec3b08258d228eeb296365c802857c2296c9
b589716b0715be0505835c9830fde4fcd933641160468d802bac7c44221c6dde
b88cd48176837b4d02560d1b1f6144817694067ba342e1eee819ffa231833135
ba98bcd9ce6293b367509d2f6d2489fcc631ed74ae26c181789ef9f8791eb0fd
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdc53415bd98ac9803575a9eb17ef92bca708e5a02a1b56c265d70213db98a94
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c041fe95466655c1f02575752a0fe7b352a6521247daad41000df65babf602e9
cb7a20984e572f6f39b34f7a49ac30001397e2437af97fa49060d7cca94cecf1
cf3beaa56ee5531ed074e502f5ffe8eb9ba01611f96e808d0f741275919cd40e
d13e946e809369c122aa99c6e17658fe1f8b26cc8c4e2cf6db6ce34f60760e21
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
da27056bbaebc192e79d43a94a1e0cf1661e7da3a9369f2a55a09c38f4dcadd5
dc140da86aa33cc95305cba81199e98f91d8d75f9cc3b2ec4c3cf75c4a0efa86
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deba597473c6d14317baf1b64ef05efb672fd58e5ef86b151f5e32563f443455
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e24a91cee51c9f62beac30dfb0e25f4ab169098ed65562b1e3a30544bbbb9e03
e3a9b36a24bcda13a05bd3a05fbd46b574fbe48384910e3c0a811ce3078093c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e443793c22c99a71ea0ca1ae621676267abbbc301e98d78122bdedcbf6ac893a
e4832ac6cac4bacdd479df80e1393dd4b13e9d500bb687f965333ef191c0325f
e841b6d22ff7a782ffc4019304b0b137618c139c29c86b86ef5dceca938ed058
ecb8f51add373f5741f293052f260d741d39406d1233116235a6b918dcd597fe
ecd4bcdadadbd05c14405b02cf719282a1bc63012887fe1be1356aaa425b1ef1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef54137af7f2d2fcca27a38561c8218f12319812c5d2cb1d873a54873cf4ddc8
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70fe61a94cb6566fee4ebdc4f320aaecdcb6c52d6a8de2b5a9fede48ce3b1f2
f7209189c9d2e544cdcc09a7e86378304a2cb3c17504828ce062f4f56c6e411c
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f82aedc5a67f56f744f6959eddecdfc2eb41b12fe59ef711e9b719ba5d565d0b
f943916412cc5b13e2d88c9702396122c3bebb50a6e2f4f8089c51de2fc8aa36
f9854564eea51b88c56b7da87ae2606311a8bc5b5f4fe6c07536ffc6d59873ea
fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

bloxcms.com.siteindices.com Open in urlscan Pro 104.237.149.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

97 %HTTPS

73 %IPv6

17 Domains

31 Subdomains

30 IPs

4 Countries

2689 kBTransfer

6820 kBSize

18 Cookies

15 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bloxcms.com.siteindices.com Open in urlscan Pro
104.237.149.142 Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

97 %
HTTPS

73 %
IPv6

17
Domains

31
Subdomains

30
IPs

4
Countries

2689 kB
Transfer

6820 kB
Size

18
Cookies

208 HTTP transactions
7 data transactions