URL: http://xy2.eu/
Submission: On January 20 via manual from US — Scanned from DE

Summary

This website contacted 27 IPs in 5 countries across 16 domains to perform 118 HTTP transactions. The main IP is 93.157.97.6, located in Poland and belongs to OGICOM, PL. The main domain is xy2.eu.
This is the only time xy2.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 93.157.97.6 34360 (OGICOM)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.133 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::11 44788 (ASN-CRITE...)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
1 178.250.2.148 44788 (ASN-CRITE...)
12 178.250.2.135 44788 (ASN-CRITE...)
3 178.250.0.162 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
118 27
Apex Domain
Subdomains
Transfer
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
351 KB
22 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
pix.eu.criteo.net — Cisco Umbrella Rank: 7730
csm.eu.criteo.net — Cisco Umbrella Rank: 7881
59 KB
16 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
86 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
84 KB
10 xy2.eu
xy2.eu
95 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
58 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 293
36 KB
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 13370
ads.eu.criteo.com — Cisco Umbrella Rank: 7925
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10541
60 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
112 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5557
adservice.google.de — Cisco Umbrella Rank: 8028
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
14 KB
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1576
460 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
639 B
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1385
434 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
118 16
Domain Requested by
19 pagead2.googlesyndication.com xy2.eu
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
16 tpc.googlesyndication.com googleads.g.doubleclick.net
xy2.eu
tpc.googlesyndication.com
pagead2.googlesyndication.com
12 pix.eu.criteo.net ads.eu.criteo.com
xy2.eu
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
10 xy2.eu xy2.eu
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 static.criteo.net ads.eu.criteo.com
3 www.gstatic.com googleads.g.doubleclick.net
3 csm.eu.criteo.net ads.eu.criteo.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.google.com 1 redirects xy2.eu
tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com xy2.eu
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 s0.2mdn.net googleads.g.doubleclick.net
1 googleads4.g.doubleclick.net xy2.eu
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de xy2.eu
1 stats.g.doubleclick.net www.google-analytics.com
1 www.paypalobjects.com xy2.eu
1 ajax.googleapis.com xy2.eu
1 www.googletagmanager.com xy2.eu
118 28

This site contains links to these domains. Also see Links.

Domain
hoo.gl
bitly.ws
tinyurl.mobi
fueltiktok.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-11-02 -
2022-03-15
4 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-09 -
2022-04-06
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-09 -
2022-04-10
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-01 -
2022-02-24
3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-01 -
2022-02-25
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh

This page contains 13 frames:

Primary Page: http://xy2.eu/
Frame ID: F932C5E3EFB384BEE6E62EE50984ACAD
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/zrt_lookup.html
Frame ID: B793990867BA80B9BFC9BBF6806F2CE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&adk=1812271804&adf=3025194257&lmt=1642709408&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fxy2.eu%2F&ea=0&flash=0&pra=5&wgl=1&dt=1642709408027&bpp=51&bdt=155&idt=98&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5665636369736&frm=20&pv=2&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=242
Frame ID: 4C273DCB5EEBA286BA6985479EF68E03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642709408&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642709408027&bpp=9&bdt=155&idt=129&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5665636369736&frm=20&pv=1&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sVAvfm1TV6&p=http%3A//xy2.eu&dtd=247
Frame ID: 25FAFB83096369C0555D30A63501901E
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Frame ID: A50DC0D67AD0AF5A609D1BD649576909
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0BF72524B24AD69D9E3F5DC0DAE2D7E4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1
Frame ID: 974B9B65C9DA8EF5F0921B36A5EB13C0
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9089EDEDEC167C765985DC70762EC6ED
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1543232D21D36E0051C0E111C30297A9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5FFC69B9DC6C897089D7D2D72F245C1D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Frame ID: 898889C5F43E69BE311A08BD500D97FF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C181D1860B7DF2B5301C789600AEA667
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7CD44521B68EAA54AD6105F9E2CD220
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

XY2 | URL Shortener

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

91 %
HTTPS

73 %
IPv6

16
Domains

28
Subdomains

27
IPs

5
Countries

1014 kB
Transfer

2534 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

118 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xy2.eu/
11 KB
5 KB
Document
General
Full URL
http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache / PHP/5.5.38
Resource Hash
42995df11136e47c42f4c39de6ff4d401af851b485c81a3b94835bf352c04d1a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 20 Jan 2022 20:10:04 GMT
server
Apache
x-powered-by
PHP/5.5.38
cache-control
max-age=0
expires
Thu, 20 Jan 2022 20:10:04 GMT
vary
Accept-Encoding
content-encoding
gzip
transfer-encoding
chunked
content-type
text/html
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
51 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82175f3e2850d8739c1db9b958b7f44d9d259aa8aaf50833c4fd6656019f4455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Thu, 20 Jan 2022 20:10:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14881244106630233400
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
51884
X-XSS-Protection
0
Expires
Thu, 20 Jan 2022 20:10:07 GMT
js
www.googletagmanager.com/gtag/
91 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-36872558-7
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1a618395c01222fbadd778f8ae8bbe39330b2324c5ed304c1cf5aacebc7967a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36462
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 19:22:55 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Jan 2022 20:10:07 GMT
style.css
xy2.eu/css/
9 KB
3 KB
Stylesheet
General
Full URL
http://xy2.eu/css/style.css
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
3f28118203d7cf4351e9bc81564dc5920c88afd3d8e4c2521dcb1f6c837e5285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:07 GMT
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 07:15:16 GMT
server
Apache
etag
"25ae-5d0ce921e3dea-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0
accept-ranges
bytes
content-length
2238
expires
Thu, 20 Jan 2022 20:10:07 GMT
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
72a1e3adb05674f8ef530b95cb931574347142640996f0abc5b25687b8b3d28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 20:10:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 Jan 2022 20:10:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jan 2022 20:10:07 GMT
flipcounter.js
xy2.eu/js/
7 KB
3 KB
Script
General
Full URL
http://xy2.eu/js/flipcounter.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
87ac385a225113ecdfaab236cf5d9dc07cb24e24cafc9167d5ca608adccbfa0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:07 GMT
content-encoding
gzip
last-modified
Sun, 31 Dec 2017 09:17:38 GMT
server
Apache
etag
"1cff-5619f56448393-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
2237
expires
Thu, 20 Jan 2022 20:10:07 GMT
modernizr.custom.21954.js
xy2.eu/js/
3 KB
2 KB
Script
General
Full URL
http://xy2.eu/js/modernizr.custom.21954.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
87ccd2fba3c5f48709c2492fdeaaa0168982577c14132df74a4d6016eb6abc0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:07 GMT
content-encoding
gzip
last-modified
Sun, 31 Dec 2017 09:17:43 GMT
server
Apache
etag
"ac7-5619f56924595-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
1394
expires
Thu, 20 Jan 2022 20:10:07 GMT
counter-style.css
xy2.eu/css/
14 KB
2 KB
Stylesheet
General
Full URL
http://xy2.eu/css/counter-style.css
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
cb019b3a5c0b97a5b0c8e4987703516ba24b76594c5f8c83efd7990aa3bc6a8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:07 GMT
content-encoding
gzip
last-modified
Sun, 31 Dec 2017 10:49:16 GMT
server
Apache
etag
"392c-561a09df98eba-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0
accept-ranges
bytes
content-length
1665
expires
Thu, 20 Jan 2022 20:10:07 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Jan 2023 15:29:12 GMT
adframe.js
xy2.eu/js/
16 B
306 B
Script
General
Full URL
http://xy2.eu/js/adframe.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:07 GMT
last-modified
Sat, 30 Dec 2017 21:02:30 GMT
server
Apache
etag
"10-5619511402320"
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
16
expires
Thu, 20 Jan 2022 20:10:07 GMT
paypal.jpg
xy2.eu/gfx/
9 KB
9 KB
Image
General
Full URL
http://xy2.eu/gfx/paypal.jpg
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
1ae6619173f92af4f0201b7204322213c714b56df437aa7d6482a1c141d5337c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
last-modified
Tue, 02 Jan 2018 13:00:56 GMT
server
Apache
etag
"2204-561cab086d14b"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8708
expires
Fri, 20 Jan 2023 20:10:08 GMT
paypal.png
xy2.eu/gfx/
5 KB
6 KB
Image
General
Full URL
http://xy2.eu/gfx/paypal.png
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
675f6b6dc673aae01f8ef949697ee544c8df8574ca090a4dd690776ec6e442ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
last-modified
Tue, 02 Jan 2018 13:00:54 GMT
server
Apache
etag
"158c-561cab06562ce"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5516
expires
Fri, 20 Jan 2023 20:10:08 GMT
pixel.gif
www.paypalobjects.com/pl_PL/i/scr/
42 B
434 B
Image
General
Full URL
https://www.paypalobjects.com/pl_PL/i/scr/pixel.gif
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id
b3943a91c0247
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
42
x-served-by
cache-sjc10061-SJC, cache-mxp6960-MXP
x-timer
S1642709408.130158,VS0,VE1
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
130, 1
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36872558-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2114
date
Thu, 20 Jan 2022 19:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 20 Jan 2022 21:34:54 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/
284 KB
103 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6727d06084637b8753db97adddcc553152749b8ca736d067eff05a3fe07c8b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104552
x-xss-protection
0
server
cafe
etag
8237760085041922737
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jan 2022 20:10:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/ Frame B793
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Thu, 20 Jan 2022 15:43:32 GMT
expires
Thu, 03 Feb 2022 15:43:32 GMT
cache-control
public, max-age=1209600
age
15996
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v21/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://xy2.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 19:33:50 GMT
x-content-type-options
nosniff
age
174978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 19:33:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
121 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=191&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20ao%20(http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A209%3A326)%0Aat%20%24n%20(adsbygoogle.js%3A208%3A1144)%0Aat%20ho%20(adsbygoogle.js%3A215%3A365)%0Aat%20c%20(adsbygoogle.js%3A216%3A38)%0Aat%20adsbygoogle.js%3A64%3A116%0Aat%20xd.aa.ma%20(adsbygoogle.js%3A63%3A809)%0Aat%20adsbygoogle.js%3A64%3A91%0Aat%20adsbygoogle.js%3A53%3A943%0Aat%20MutationObserver.observe.childList%20(adsbygoogle.js%3A216%3A259)&shv=r20220118&mjsv=m202201120101&eid=44750773%2C44753738%2C31064203&url=http%3A%2F%2Fxy2.eu%2F
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wEO_EBrAnc9BLjLQAUk1VvoK.woff2
fonts.gstatic.com/s/courgette/v8/
24 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/courgette/v8/wEO_EBrAnc9BLjLQAUk1VvoK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b0fe2d79a2476314a0ee068faa535cb80c352b228df20f226a3f1cfc96b762d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://xy2.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:03:27 GMT
x-content-type-options
nosniff
age
173201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24984
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:18:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 20:03:27 GMT
RrQfboBx-C5_XxrBbg.woff2
fonts.gstatic.com/s/acme/v11/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/acme/v11/RrQfboBx-C5_XxrBbg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77fb74c793e3bfa921d1cbfa6f781ac9a024c2b8aec71efd5495977f68bf5a9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://xy2.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 05:53:03 GMT
x-content-type-options
nosniff
age
137825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8240
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 18:55:07 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 05:53:03 GMT
collect
www.google-analytics.com/j/
2 B
200 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1798187001&t=pageview&_s=1&dl=http%3A%2F%2Fxy2.eu%2F&ul=en-us&de=UTF-8&dt=XY2%20%7C%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1133528387&gjid=1429989370&cid=341575375.1642709408&tid=UA-36872558-7&_gid=60813185.1642709408&_r=1&gtm=2ou1c0&z=1507233286
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xy2.eu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://xy2.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
435 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36872558-7&cid=341575375.1642709408&jid=1133528387&gjid=1429989370&_gid=60813185.1642709408&_u=YEBAAUAAAAAAAC~&z=1500912543
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://xy2.eu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 20 Jan 2022 20:10:08 GMT
content-type
text/plain
access-control-allow-origin
http://xy2.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-2614556310778759
fundingchoicesmessages.google.com/i/
89 KB
31 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2614556310778759?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ea294cfa76364c4341bce90dd7c652cfc51344a96a5aec23e300eaba156cbee
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0MWKmR7n5QAwRST9ERJq8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-0MWKmR7n5QAwRST9ERJq8g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0MWKmR7n5QAwRST9ERJq8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-0MWKmR7n5QAwRST9ERJq8g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
date
Thu, 20 Jan 2022 20:10:08 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36872558-7&cid=341575375.1642709408&jid=1133528387&_u=YEBAAUAAAAAAAC~&z=691121995
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36872558-7&cid=341575375.1642709408&jid=1133528387&_u=YEBAAUAAAAAAAC~&z=691121995
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxWSSJgQqy5np5kkv5ODcKhi1olaK3uE2Hs2oirbPBq8l4915O0uEkAhdpzUqm2pBQ5TJQ9bfl2ZLzMkBG2RFIo=
fundingchoicesmessages.google.com/f/
42 KB
16 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWSSJgQqy5np5kkv5ODcKhi1olaK3uE2Hs2oirbPBq8l4915O0uEkAhdpzUqm2pBQ5TJQ9bfl2ZLzMkBG2RFIo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQyNzA5NDA4LDI2MDAwMDAwMF0sIkIzNDg5NDE4LTQzOTgtNDJEMi1BOUI0LUVGRkYyNEQ2QjdDQSIsIkIwNTFCQ0JGLTRGQUYtNDNGNS05OEVELTc0N0ZCMENBOUU0NyIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLHRydWUsdHJ1ZV0sImh0dHA6Ly94eTIuZXUvIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Je69o0mtxD8.es5.O/d=1/rs=AJlcJMydvUjzwfiAPOM_kfGnu3NwwQbXmw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
80741adf1ef1bc29ffca609a941228f95f5928ceba68fc01abdcbb9843e2d28d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z0U8W5qVoo/Bg97pzrR8lA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-z0U8W5qVoo/Bg97pzrR8lA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z0U8W5qVoo/Bg97pzrR8lA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-z0U8W5qVoo/Bg97pzrR8lA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
210 B
639 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=xy2.eu&callback=_gfp_s_&client=ca-pub-2614556310778759
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
89bf84ed36c287c1b008d25588fd0c02bd2de31e182949b9be68e37f1c509777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 20:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 20:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4C27
210 KB
59 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&adk=1812271804&adf=3025194257&lmt=1642709408&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fxy2.eu%2F&ea=0&flash=0&pra=5&wgl=1&dt=1642709408027&bpp=51&bdt=155&idt=98&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5665636369736&frm=20&pv=2&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=242
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
426918e63c40148976bd72d4aff4ef330087b8e26e115e468964b5cfc064357f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 Jan 2022 20:10:08 GMT
server
cafe
content-length
60268
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 Jan 2022 20:10:08 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 25FA
22 KB
9 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642709408&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642709408027&bpp=9&bdt=155&idt=129&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5665636369736&frm=20&pv=1&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sVAvfm1TV6&p=http%3A//xy2.eu&dtd=247
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2327362c17383b312262bae9db7ec4c6256adf57459a83460ab5fcb964febb23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 Jan 2022 20:10:08 GMT
server
cafe
content-length
9381
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 Jan 2022 20:10:08 GMT
cache-control
private
AGSKWxWIEcjEPWp4GzbvW_TZMcz8fZyxAzLrcwt5YwGea_taybiI9w2geI2kvLLoMnlzIomiBPpBZUqK1EgyWDNPa1-LsgidXdnk3klI42r1G1WT-zH0BulDJaQhQ1TspnZENfdDeGSwuq8i2CLAGQkFlboyHYd0JInXGJKPIdzRdCM6bjIu2PFQtFEG9Uxv
fundingchoicesmessages.google.com/el/
0
25 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIEcjEPWp4GzbvW_TZMcz8fZyxAzLrcwt5YwGea_taybiI9w2geI2kvLLoMnlzIomiBPpBZUqK1EgyWDNPa1-LsgidXdnk3klI42r1G1WT-zH0BulDJaQhQ1TspnZENfdDeGSwuq8i2CLAGQkFlboyHYd0JInXGJKPIdzRdCM6bjIu2PFQtFEG9Uxv
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.gDrjrnPLQgI.es5.O/d=1/rs=AJlcJMzYLrppK0-JTz33Xs5bZ_FIhbJmpw/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0djluRvMg37qNWdwr8SBoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0djluRvMg37qNWdwr8SBoQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://xy2.eu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
http://xy2.eu
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0djluRvMg37qNWdwr8SBoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0djluRvMg37qNWdwr8SBoQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUwFotWie7F_SlWIJ2HManettJI3zPNP1Xy_7IovLNjTt94HbcLvfjl10-TqV3bn4MiYyhUuNDEyCenInRiybllBsgwuoSdl4lHibF7VwNRW7yrHxctvXTBGDYvjAytfaHFVbIg7JtfolrCbAZz9fHJ-2vesrIPfU1KqhIvczw7BXMJ0d5WnaQJKRP0
fundingchoicesmessages.google.com/f/
61 KB
22 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUwFotWie7F_SlWIJ2HManettJI3zPNP1Xy_7IovLNjTt94HbcLvfjl10-TqV3bn4MiYyhUuNDEyCenInRiybllBsgwuoSdl4lHibF7VwNRW7yrHxctvXTBGDYvjAytfaHFVbIg7JtfolrCbAZz9fHJ-2vesrIPfU1KqhIvczw7BXMJ0d5WnaQJKRP0?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQyNzA5NDA4LDMyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDFdLCJodHRwOi8veHkyLmV1LyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.gDrjrnPLQgI.es5.O/d=1/rs=AJlcJMzYLrppK0-JTz33Xs5bZ_FIhbJmpw/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e790b13642b1c926a531f33253d38aadae88605ba5958dde3b30622b1e4e2144
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4UmZt651IIE+mrazBnCI+A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4UmZt651IIE+mrazBnCI+A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-4UmZt651IIE+mrazBnCI+A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4UmZt651IIE+mrazBnCI+A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 25FA
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642709408&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642709408027&bpp=9&bdt=155&idt=129&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5665636369736&frm=20&pv=1&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sVAvfm1TV6&p=http%3A//xy2.eu&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 20:09:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 25FA
122 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642709408&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642709408027&bpp=9&bdt=155&idt=129&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5665636369736&frm=20&pv=1&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sVAvfm1TV6&p=http%3A//xy2.eu&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jan 2022 20:10:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 25FA
15 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642709408&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642709408027&bpp=9&bdt=155&idt=129&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5665636369736&frm=20&pv=1&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sVAvfm1TV6&p=http%3A//xy2.eu&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 20:05:13 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 25FA
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cl4bgoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSnAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZoi42680OP2FemA_ZNrkiarmJTrmANsVjeNA5ToG2ssZw5GnBI35DgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNjE0NTU2MzEwNzc4NzU5GAA&sigh=BjDObiWgmkI&uach_m=[UACH]&cid=CAQSGwCNIrLMpA9JZmAUDC6YDsT0NQJkl-tGpRUt0hgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642709408&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642709408027&bpp=9&bdt=155&idt=129&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5665636369736&frm=20&pv=1&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sVAvfm1TV6&p=http%3A//xy2.eu&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642709408&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642709408027&bpp=9&bdt=155&idt=129&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5665636369736&frm=20&pv=1&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sVAvfm1TV6&p=http%3A//xy2.eu&dtd=247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 20 Jan 2022 20:10:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 20 Jan 2022 20:10:08 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 25FA
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UOb8EMz6RLAJyAGdg2ICAgAAAI76l97vjlJMEKDB6WGac-Sj-MkIVfONDAAS&wp=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642709408&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642709408027&bpp=9&bdt=155&idt=129&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5665636369736&frm=20&pv=1&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sVAvfm1TV6&p=http%3A//xy2.eu&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:07 GMT
server
Kestrel
server-processing-duration-in-ticks
290204
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame A50D
219 KB
59 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642709408&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642709408027&bpp=9&bdt=155&idt=129&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5665636369736&frm=20&pv=1&ga_vid=341575375.1642709408&ga_sid=1642709408&ga_hid=1798187001&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064203&oid=2&pvsid=705879394678082&pem=805&tmod=1836097431&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sVAvfm1TV6&p=http%3A//xy2.eu&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ad409c74d16046c1b1f44a4668611a69cf6d4eef0c8a57576429349d8045f4f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=aNpnz6McrZSiA3GWQKvdVYKN33l5AIApAFBGzF-_2lWk5XuPYkjNUdYjyi3LSVPX3bAoHWL-M_PBA4j9jQSrUJiUc8fd8ZhImjo8OGAiArSC-l_7p6W1Kxd-CuFs2gbYb0bwVFceX_Zv-eJ1x3sm_kFS3f3nTynjI5DGQJzGzZ8IDuIpzOVdOf7NQHVnSQdmUgD2MH7dtbwLoYmN_XKIeeTZOwKYkKBEeyVFmmgUx1W1N8j2Dl3NFhpjNUFyGMyYpeAWuQ"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
138303552
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
truncated
/ Frame 25FA
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1bf8e2c1177aab138123b441ff674473b3617e1b92a15fc4f8aac0f1ef10047

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame A50D
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Jan 2023 20:10:08 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A50D
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Jan 2023 20:10:08 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A50D
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 15 Jan 2023 20:10:08 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame A50D
507 B
835 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 15 Jan 2023 20:10:08 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame A50D
0
460 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1642709408
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:7400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:09 GMT
via
1.1 36e42f052a24feab91529d442c70cf34.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
TXL50-P1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
AJsUqhnq0FLrPhT9JrxBNEtoR9mcfdOGneLdUIkQCvlheY-t9Nme3A==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame A50D
43 B
347 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=dzMNGKIgar3PdS5R9BM-mVDRxQVLwehknzmzCD4uAiTeWD3ACyeZYdZkoCCo7puGyiNey6IQI9_vLdVRMsnFbXO0AAoZt1Z9gbsSZQeoNmEs4meZbaJ1thoUchvUUBrI6zHecsNruFsWgVSpot44G6WL3DwVAfP1ZAbbucxIJnn-pAuWTCZkU3TqpjSeLHI08PUbZ78zwp0rpwCuZ83iPscA91I_c8ccXWuPaR8Ea49G81tuMmkAS6O4X9kASEv9X3Kp6vnGa_8zJMYsbweO7iETIKs_IwDubgIAaazVOTzaI2CJzH3mFwlEKbzDYHC-xEZJ1egCpAE2VLwPsUE0n2hgFrtULe89ZlMHlE-duUMiHTBCAWDJCQUBd3Us90bM2CBx7q3mEh0URPmzBMdujca-CGAPfewg4x-oiwWaaCib9seP4531EudF387ZBos-zHA6dA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:08 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3005824
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame A50D
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:08 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Jan 2023 20:10:08 GMT
img
pix.eu.criteo.net/img/ Frame A50D
5 KB
5 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=396&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=Xzn5qn-PjNhsYf6Tg2wBNgno
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:38:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
19877
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=28487390
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
5106
expires
Fri, 16 Dec 2022 07:48:42 GMT
img
pix.eu.criteo.net/img/ Frame A50D
3 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoCaritasverband-fur-die-Diozese-Limburg-e-V-109141DE.gif%3Feb%3D1&v=3&w=800&s=_B-8C4GTpwx8YVLCZ1khPNmH&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
944585003819bc679b3343e2faf4edbe539322a662f8e6564db5b3e66b152b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:38:21 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
19906
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=1646314
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
3076
expires
Tue, 08 Feb 2022 15:56:56 GMT
img
pix.eu.criteo.net/img/ Frame A50D
6 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoBMW-Group-27361DE-2101221525.gif%3Feb%3D1&v=3&w=800&s=MsH_5I1fgPst-J4Jpa9CEsh7&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f8de8ee65552be2f01a67a6dc47020a4a132e9bfe4b8eb02143d89fb2df08241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:09:25 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
43
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=1953
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
6422
expires
Thu, 20 Jan 2022 15:09:04 GMT
img
pix.eu.criteo.net/img/ Frame A50D
5 KB
5 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoZenJob-GmbH-Extern-253922DE-2011231050.gif%3Feb%3D1&v=3&w=800&s=yNtVSyMvGQ7vNe6i3CJi6U6k&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:09:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
40
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=1295
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
4833
expires
Thu, 20 Jan 2022 15:32:52 GMT
img
pix.eu.criteo.net/img/ Frame A50D
12 KB
12 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoMinisterium-fur-Kultus-Jugend-und-Sport-Baden-Wurttemberg-28337DE-2111221437.gif%3Feb%3D1&v=3&w=800&s=xjwPNCYQ_Kwzlt7RtnBuUGjP&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8466e7c902429db137c980d7179aaf599ddb5d0042e40c63d22f9ffab1c8167a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
2
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=3282
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
12251
expires
Thu, 20 Jan 2022 17:13:15 GMT
img
pix.eu.criteo.net/img/ Frame A50D
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FH%2FlogoHeller-Medizintechnik-GmbH-Co-KG-194161DE.gif%3Feb%3D1&v=3&w=800&s=Fv9WfVwuA2V50sS_fEd2R3kZ&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ac3e8f8704079fbc66c0ebe6c058b7706d29fa7c5298309f043c5f2447eec06e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:35:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
16468
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=2130222
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
1416
expires
Mon, 14 Feb 2022 07:19:22 GMT
img
pix.eu.criteo.net/img/ Frame A50D
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoAmazon-Europe-Core-209745DE.gif%3Feb%3D1&v=3&w=800&s=73aN-t3__h_ZfDnR-qlT1tYA&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
566e91d0eb78e7265f74cf9a37e2ae4015fa5435ffd6fd4b50e4a2b1e2bd6a53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 16:44:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
12356
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=2416894
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
1770
expires
Thu, 17 Feb 2022 16:05:47 GMT
img
pix.eu.criteo.net/img/ Frame A50D
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FT%2FlogoThyssenKrupp-Regional-Services-Germany-GmbH-20241DE.gif%3Feb%3D1&v=3&w=800&s=1bf_nTjedBk2yF-PIpZIQpPb&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bc0b263c7a92aa4b891aba2e2792726b2b7ac1c068e55b37a073d95a8e9e5faf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:59:54 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
18614
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=1714575
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
1554
expires
Wed, 09 Feb 2022 11:16:10 GMT
img
pix.eu.criteo.net/img/ Frame A50D
1 KB
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDie-Deutsche-Rentenversicherung-Bund-72117DE.gif%3Feb%3D1&v=3&w=800&s=-9Aw5LNYIKhLohiGeoPzPNt8&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f8ef005f40475087be5036cfafc663e0981f44bc209660d95d9c9871fdbce43a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:09:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
17
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=1418
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
1220
expires
Thu, 20 Jan 2022 16:42:13 GMT
img
pix.eu.criteo.net/img/ Frame A50D
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:47:46 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
19341
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=2027537
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
1584
expires
Sun, 13 Feb 2022 02:00:04 GMT
img
pix.eu.criteo.net/img/ Frame A50D
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoBioNTech-SE-114680DE-2107131108.gif%3Feb%3D1&v=3&w=800&s=cELpggGis67F-LNz8R_QPaC4&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f3390a0099975d5e0ad659c1f288b91aa0110858bce77b5395f6a5f388ed91ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:16:00 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
21248
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=1944188
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
1654
expires
Sat, 12 Feb 2022 02:19:08 GMT
all
csm.eu.criteo.net/ Frame A50D
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=aNpnz6McrZSiA3GWQKvdVYKN33l5AIApAFBGzF-_2lWk5XuPYkjNUdYjyi3LSVPX3bAoHWL-M_PBA4j9jQSrUJiUc8fd8ZhImjo8OGAiArSC-l_7p6W1Kxd-CuFs2gbYb0bwVFceX_Zv-eJ1x3sm_kFS3f3nTynjI5DGQJzGzZ8IDuIpzOVdOf7NQHVnSQdmUgD2MH7dtbwLoYmN_XKIeeTZOwKYkKBEeyVFmmgUx1W1N8j2Dl3NFhpjNUFyGMyYpeAWuQ&sds=2&rev=80217&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 20 Jan 2022 20:10:08 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A50D
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:09 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Jan 2023 20:10:09 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A50D
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YenBoAAEnoIKe6LRAAz1o2eagwW2wkeqnzDcmQ&u=%7CiPxVErXBlZwprrLP77ubtCV5KBYFmCmjwZDz3%2B5e%2BCs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weE9j93JPtPBUweb-XOdSQKLso3ZaVdETX1UqNgjdcQl7kU0c4j4iCL1cXJA0-AArbjLCgnWGuxmEcj5KM93z_Sg8m25Sumte3AQyDfq6otK6hW1aOo7HI5GHAl72fQtS_K2hsco3Re5lO9Nwg2aIS6-yPBZUWJ2Lgte4PGdXEWxO2pa8GUosP4isFIgtsaRxIeJEulJAIR2ltesllI43ROgtZmvxi4HC61xbQo14gltLVgM7vEwdIRGREo-Lt_it_o0chFf6wlic02HFSEMBng5sFFGx9zXsAd5T3mDt1JNtVjKNcf--Gqus00_ZFTehzxxb2FBhTZBIXHZ7YRbPut1fYH3NYZdmSXOW3UmqFChB-0hCDLSopc0oiDXQ6AsBWE4aoSs9Js7VwqlKJOF8e8ZIEuq0I4KsUN5IqACClVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC27TnoMHpYYK9EtHF7gOj67PwDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjYxNDU1NjMxMDc3ODc1OaAB1bbS6gPIAQmpAn5B5MS4CbM-qAMBqgSqAU_QfUNYVBna0hAMLjgDZvH3yAUZh3gcmTl9lxPLx-0Gp9WnyAQHxTBKW6ybp5U8AYZ76GywSMCmmhsxrHLcPnlOYdY5nNez8Ir7s94u6ORJ6Z7kZJpeNzq1Uv8CqJF9Wo4g5IycTpNG_Xq5693-l_BvRkPDokCMDqMQmDkCUJhZomw0yl-JsP1NJ5PNlWkfzEGAWrM2POt7-mTxcydEDdhc_Oxrp2387pJRgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0evE35sX622XZpF0R-wbtfr-hyuw%26client%3Dca-pub-2614556310778759%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:09 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Jan 2023 20:10:09 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/
149 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
607abab2dcc713bafb514fcccf1275601f532bece2ee6e9fed786d3bf26cecc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54133
x-xss-protection
0
server
cafe
etag
11549584360338080181
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 Jan 2022 20:10:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-2614556310778759&eid=44750773%2C44753738%2C31064203
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=1345&su=xy2.eu&d=5000&eid=44750773%2C44753738%2C31064203
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-2614556310778759&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220118_084535&sat=1642615614668&afm=2%2C0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.149&alldns=0.149&allp=14&fd=(0%2C10%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1345&su=xy2.eu&pvc=705879394678082&r=0.1&eid=44750773%2C44753738%2C31064203
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-2614556310778759&eid=44750773%2C44753738%2C31064203
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 20:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 20:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 20:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/ Frame 0BF7
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Thu, 20 Jan 2022 16:09:22 GMT
expires
Thu, 03 Feb 2022 16:09:22 GMT
cache-control
public, max-age=1209600
age
14447
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/ Frame 974B
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Thu, 20 Jan 2022 16:09:22 GMT
expires
Thu, 03 Feb 2022 16:09:22 GMT
cache-control
public, max-age=1209600
age
14447
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 0BF7
4 KB
634 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 18:36:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 Jan 2022 20:10:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jan 2022 20:10:09 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0BF7
205 B
743 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:24:49 GMT
x-content-type-options
nosniff
age
63920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 20 Jan 2023 02:24:49 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0BF7
604 B
694 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 19:27:53 GMT
x-content-type-options
nosniff
age
2536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 20 Jan 2023 19:27:53 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/ Frame 0BF7
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8104
x-xss-protection
0
server
cafe
etag
11153116566150069083
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 20:05:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 974B
0
0
Fetch
General