urlscan.io logo urlscan.io
SecurityTrails logo

www.signal-arnaques.com Open in urlscan Pro
2606:4700:20::681a:1c6  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.signal-arnaques.com/scam/view/388341
Submission: On May 02 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 15 countries across 91 domains to perform 380 HTTP transactions. The main IP is 2606:4700:20::681a:1c6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.signal-arnaques.com. The Cisco Umbrella rank of the primary domain is 791782.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 26th 2021. Valid for: a year.
This is the only time www.signal-arnaques.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
77 2606:4700:20:... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
11 151.139.128.11 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2600:9000:236... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:440... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
3 54.38.64.100 16276 (OVH)
1 2.16.186.26 20940 (AKAMAI-ASN1)
1 3 2a02:2638::1c 44788 (ASN-CRITE...)
1 1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 145.239.193.51 16276 (OVH)
4 51.75.86.98 16276 (OVH)
2 6 2620:116:800d... 16509 (AMAZON-02)
1 99.81.62.190 16509 (AMAZON-02)
1 108.138.2.183 16509 (AMAZON-02)
4 6 23.35.236.247 16625 (AKAMAI-AS)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
16 2a00:1450:400... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
7 3.33.220.150 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
4 10 185.33.221.50 29990 (ASN-APPNEX)
10 21 142.250.184.194 15169 (GOOGLE)
2 2 52.49.66.40 16509 (AMAZON-02)
1 1 3.68.148.208 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 51.195.5.45 16276 (OVH)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 52.211.48.15 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.200 13414 (TWITTER)
1 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 178.250.0.157 44788 (ASN-CRITE...)
1 54.217.249.234 16509 (AMAZON-02)
3 4 69.173.144.165 26667 (RUBICONPR...)
1 1 37.252.173.22 29990 (ASN-APPNEX)
2 7 185.64.189.110 62713 (AS-PUBMATIC)
1 35.156.201.25 16509 (AMAZON-02)
2 3 185.86.137.131 201081 (SMARTADSE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 37.157.4.29 198622 (ADFORM)
2 50.31.142.95 22075 (AS-OUTBRAIN)
6 157.90.3.144 24940 (HETZNER-AS)
1 185.255.84.150 200271 (IGUANE-)
1 46.249.52.249 50673 (SERVERIUS-AS)
1 18 104.22.69.131 13335 (CLOUDFLAR...)
1 145.40.89.200 54825 (PACKET)
2 3.124.247.47 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
1 6 188.42.191.196 7979 (SERVERS-COM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 54.77.41.50 16509 (AMAZON-02)
5 52.59.116.64 16509 (AMAZON-02)
2 18.185.181.98 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 185.86.137.114 201081 (SMARTADSE...)
3 13.32.99.100 16509 (AMAZON-02)
3 24 76.223.111.18 16509 (AMAZON-02)
1 74.121.143.246 30419 (MEDIAMATH...)
4 23.35.237.151 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.170.16.189 16509 (AMAZON-02)
1 1 13.88.42.153 8075 (MICROSOFT...)
2 35.227.252.103 15169 (GOOGLE)
1 2 198.47.127.19 62713 (AS-PUBMATIC)
4 7 69.173.144.139 26667 (RUBICONPR...)
2 54.64.206.14 16509 (AMAZON-02)
2 142.250.184.227 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
7 7 35.211.178.172 19527 (GOOGLE-2)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 209.54.176.128 16509 (AMAZON-02)
1 1 64.202.112.255 23352 (SERVERCEN...)
4 23.205.235.133 16625 (AKAMAI-AS)
1 162.55.236.224 24940 (HETZNER-AS)
1 23.35.236.188 16625 (AKAMAI-AS)
2 2 52.50.60.18 16509 (AMAZON-02)
1 1 34.236.235.128 14618 (AMAZON-AES)
1 1 54.82.134.209 14618 (AMAZON-AES)
2 2 151.101.2.49 54113 (FASTLY)
2 2 35.157.220.171 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
3 3 74.121.143.240 30419 (MEDIAMATH...)
1 1 146.0.227.109 29066 (VELIANET-...)
1 138.201.65.75 24940 (HETZNER-AS)
2 2 194.190.76.45 48061 (UMA-TECH-AS)
1 1 81.163.17.245 49505 (SELECTEL)
1 151.236.118.210 204720 (CDNETWORKS)
1 2 47.252.78.131 45102 (ALIBABA-C...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 52.94.220.185 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 23.35.236.201 16625 (AKAMAI-AS)
2 2 185.94.180.126 ()
1 1 23.88.75.189 24940 (HETZNER-AS)
1 1 3.126.56.137 16509 (AMAZON-02)
3 4 37.157.2.234 198622 (ADFORM)
2 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.181 1299 (TWELVE99 ...)
1 178.250.2.151 44788 (ASN-CRITE...)
1 198.47.127.20 ()
1 1 51.222.80.231 16276 (OVH)
1 169.50.137.184 36351 (SOFTLAYER)
4 4 31.172.81.159 44066 (DE-FIRSTC...)
2 2 31.172.81.158 44066 (DE-FIRSTC...)
2 2 89.108.120.68 197695 (AS-REG)
1 31.172.81.172 ()
1 1 96.16.141.156 ()
1 2 2001:6d0:4001... ()
1 185.86.137.133 ()
1 2 2a02:6b8::90 ()
1 82.145.213.8 ()
1 185.64.190.81 ()
380 105
77    2606:4700:20::681a:1c6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.signal-arnaques.com
15    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
ads.themoneytizer.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
8    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2600:9000:236e:e400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:4400::ac40:996f (United States)

ASN13335 (CLOUDFLARENET, US)
sibautomation.com
5    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
1    2.16.186.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-26.deploy.static.akamaitechnologies.com
ced.sascdn.com
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a02:26f0:6c00::210:ba18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync-global.smartadserver.com
1    2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync-eu.smartadserver.com
7    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    145.239.193.51 (Valence, France)

ASN16276 (OVH, FR)
tag.leadplace.fr
4    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
6    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    99.81.62.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-62-190.eu-west-1.compute.amazonaws.com
p.cpx.to
1    108.138.2.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-183.fra56.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
6    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
16    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:223c:3c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
10    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
21    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
2    52.49.66.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-66-40.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    3.68.148.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-148-208.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2606:4700:3034::ac43:805f (United States)

ASN13335 (CLOUDFLARENET, US)
consent.heretic-sas.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    51.195.5.45 (France)

ASN16276 (OVH, FR)
PTR: p39.id5-sync.com
id5-sync.com
2    2606:4700::6811:90c (United States)

ASN13335 (CLOUDFLARENET, US)
in-automate.sendinblue.com
4    52.211.48.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-48-15.eu-west-1.compute.amazonaws.com
s.cpx.to
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    54.217.249.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-249-234.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    35.156.201.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-201-25.eu-central-1.compute.amazonaws.com
pool.grid-data.bidswitch.net
3    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    50.31.142.95 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1h.zemanta.com
6    157.90.3.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.3.90.157.clients.your-server.de
shb.richaudience.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
18    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    3.124.247.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-247-47.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    54.77.41.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-41-50.eu-west-1.compute.amazonaws.com
ice.360yield.com
5    52.59.116.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    18.185.181.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-181-98.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
3    13.32.99.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-100.fra60.r.cloudfront.net
ib.3lift.com
24    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    74.121.143.246 (United States)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
4    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    18.170.16.189 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-16-189.eu-west-2.compute.amazonaws.com
geo.moatads.com
1    13.88.42.153 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
beacon.walmart.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
2    54.64.206.14 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-206-14.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    2a05:d01c:1d8:8100:fcf5:ef31:f27f:f1a6 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a05:d018:d29:3602:1396:457e:6f4c:9f77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
7    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    64.202.112.255 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    52.50.60.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-60-18.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    34.236.235.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-235-128.compute-1.amazonaws.com
sync.ipredictive.com
1    54.82.134.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-134-209.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.157.220.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-220-171.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    74.121.143.240 (United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    138.201.65.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.65.201.138.clients.your-server.de
sync.dmp.otm-r.com
2    194.190.76.45 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net
px.adhigh.net
1    81.163.17.245 (Russian Federation)

ASN49505 (SELECTEL, RU)
mitdmp.whiteboxdigital.ru
1    151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
2    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
2    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.126 (None, )

ASN- ()
sync.search.spotxchange.com
1    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.181 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    198.47.127.20 (None, )

ASN- ()
image4.pubmatic.com
1    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
4    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
1    31.172.81.172 (None, )

ASN- ()
sync3.sniperlog.ru
1    96.16.141.156 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    2001:6d0:4001::226 (None, )

ASN- ()
www.tns-counter.ru
1    185.86.137.133 (None, )

ASN- ()
rtb-csync.smartadserver.com
2    2a02:6b8::90 (None, )

ASN- ()
an.yandex.ru
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
77 signal-arnaques.com
www.signal-arnaques.com — Cisco Umbrella Rank: 791782
628 KB
29 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 527
ib.3lift.com — Cisco Umbrella Rank: 1043
eb2.3lift.com — Cisco Umbrella Rank: 342
101 KB
27 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
322 KB
26 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 194
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
88 KB
19 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 632
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 957
fastlane.rubiconproject.com — Cisco Umbrella Rank: 438
pixel.rubiconproject.com — Cisco Umbrella Rank: 320
eus.rubiconproject.com — Cisco Umbrella Rank: 518
secure-assets.rubiconproject.com
pixel-eu.rubiconproject.com
30 KB
19 gstatic.com
www.gstatic.com
fonts.gstatic.com
p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com
547 KB
18 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5757
csync.smilewanted.com — Cisco Umbrella Rank: 4125
static.smilewanted.com — Cisco Umbrella Rank: 9742
19 KB
15 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 817
image6.pubmatic.com — Cisco Umbrella Rank: 557
ads.pubmatic.com — Cisco Umbrella Rank: 420
simage2.pubmatic.com — Cisco Umbrella Rank: 592
image4.pubmatic.com
simage4.pubmatic.com
28 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 217
secure.adnxs.com — Cisco Umbrella Rank: 374
acdn.adnxs.com — Cisco Umbrella Rank: 561
67 KB
11 google.com
apis.google.com — Cisco Umbrella Rank: 94
www.google.com — Cisco Umbrella Rank: 5
adservice.google.com — Cisco Umbrella Rank: 63
46 KB
11 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 22590
255 KB
8 bidswitch.net
pool.grid-data.bidswitch.net — Cisco Umbrella Rank: 10007
x.bidswitch.net — Cisco Umbrella Rank: 277
4 KB
8 smartadserver.com
csync-global.smartadserver.com — Cisco Umbrella Rank: 6499
csync-eu.smartadserver.com — Cisco Umbrella Rank: 77026
sync.smartadserver.com — Cisco Umbrella Rank: 1424
ww1097.smartadserver.com — Cisco Umbrella Rank: 22327
rtb-csync.smartadserver.com
2 KB
7 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1808
cache.betweendigital.com — Cisco Umbrella Rank: 22168
5 KB
7 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3713
sync.richaudience.com — Cisco Umbrella Rank: 1643
2 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 327
2 KB
7 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1591
mwzeom.zeotap.com — Cisco Umbrella Rank: 1470
22 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1223
4 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 4098
c1.adform.net — Cisco Umbrella Rank: 553
2 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 869
pixel.quantserve.com — Cisco Umbrella Rank: 394
cms.quantserve.com — Cisco Umbrella Rank: 989
12 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 368
mug.criteo.com — Cisco Umbrella Rank: 3014
dis.criteo.com — Cisco Umbrella Rank: 716
2 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 324
geo.moatads.com — Cisco Umbrella Rank: 549
px.moatads.com — Cisco Umbrella Rank: 372
107 KB
5 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 914
596 B
5 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1262
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 510
4 KB
5 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1149
tags.mathtag.com — Cisco Umbrella Rank: 2549
sync.mathtag.com — Cisco Umbrella Rank: 401
3 KB
5 cpx.to
p.cpx.to — Cisco Umbrella Rank: 10148
s.cpx.to — Cisco Umbrella Rank: 1775
6 KB
4 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 2694
2 KB
4 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1411
1 KB
4 heretic-sas.com
consent.heretic-sas.com
28 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 278
fonts.googleapis.com — Cisco Umbrella Rank: 39
33 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 747
3 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 393
ads.yahoo.com — Cisco Umbrella Rank: 1116
ups.analytics.yahoo.com — Cisco Umbrella Rank: 281
2 KB
3 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 4300
b1sync.zemanta.com — Cisco Umbrella Rank: 566
557 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8752
www.google.de — Cisco Umbrella Rank: 6250
1 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 617
2 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1705
mp.4dex.io — Cisco Umbrella Rank: 2170
24 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
61 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 625
syndication.twitter.com — Cisco Umbrella Rank: 900
133 KB
3 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 22768
823 B
3 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 25477
5 KB
2 yandex.ru
an.yandex.ru
673 B
2 tns-counter.ru
www.tns-counter.ru
706 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 14793
1 KB
2 adsniper.ru
sync3.adsniper.ru — Cisco Umbrella Rank: 11571
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5132
637 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4642
sync-eu.connectad.io — Cisco Umbrella Rank: 3140
897 B
2 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 2021
366 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 11199
823 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 776
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 532
652 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 437
1004 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 409
847 B
2 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 2894
87 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1401
415 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 158
74 KB
2 sendinblue.com
in-automate.sendinblue.com — Cisco Umbrella Rank: 26916
239 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
2 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 775
1 KB
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 768
id.rlcdn.com — Cisco Umbrella Rank: 536
366 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 133
83 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 1999
45 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1099
10 KB
1 opera.com
t.adx.opera.com
409 B
1 sniperlog.ru
sync3.sniperlog.ru
516 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 754
612 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2933
410 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 787
227 B
1 whiteboxdigital.ru
mitdmp.whiteboxdigital.ru — Cisco Umbrella Rank: 20201
818 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 15956
69 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2396
582 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 725
412 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 764
589 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 956
462 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
595 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 687
785 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1371
296 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 862
356 B
1 walmart.com
beacon.walmart.com — Cisco Umbrella Rank: 2048
580 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
176 B
1 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 5117
457 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4132
1 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 26218
534 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 744
651 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 410
382 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 685
13 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 22935
6 KB
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 9447
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 55
42 KB
0 sddan.com Failed
kvt.sddan.com Failed
380 91
Domain Requested by
77 www.signal-arnaques.com www.signal-arnaques.com
static.cloudflareinsights.com
24 eb2.3lift.com 3 redirects www.signal-arnaques.com
ib.3lift.com
eb2.3lift.com
ads.themoneytizer.com
21 cm.g.doubleclick.net 10 redirects www.signal-arnaques.com
googleads.g.doubleclick.net
eb2.3lift.com
16 www.gstatic.com www.google.com
www.gstatic.com
googleads.g.doubleclick.net
15 pagead2.googlesyndication.com www.signal-arnaques.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
12 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 ads.themoneytizer.com www.signal-arnaques.com
ads.themoneytizer.com
10 csync.smilewanted.com 1 redirects ads.themoneytizer.com
csync.smilewanted.com
ads.pubmatic.com
10 ib.adnxs.com 4 redirects ads.themoneytizer.com
eb2.3lift.com
acdn.adnxs.com
csync.smilewanted.com
8 www.google.com www.signal-arnaques.com
www.gstatic.com
www.google.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 x.bidswitch.net 7 redirects
7 prebid.smilewanted.com ads.themoneytizer.com
7 image2.pubmatic.com 2 redirects ads.pubmatic.com
7 match.adsrvr.org js-sec.indexww.com
www.signal-arnaques.com
eb2.3lift.com
6 pixel.rubiconproject.com 4 redirects csync.smilewanted.com
6 ads.betweendigital.com 1 redirects ads.themoneytizer.com
ads.betweendigital.com
6 shb.richaudience.com ads.themoneytizer.com
5 btlr.sharethrough.com ads.themoneytizer.com
5 mwzeom.zeotap.com www.signal-arnaques.com
4 sync.bumlam.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 eus.rubiconproject.com ads.themoneytizer.com
eus.rubiconproject.com
cache.betweendigital.com
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
4 ssum-sec.casalemedia.com 4 redirects
4 ice.360yield.com 2 redirects ads.themoneytizer.com
4 token.rubiconproject.com 3 redirects www.signal-arnaques.com
4 s.cpx.to p.cpx.to
www.signal-arnaques.com
4 consent.heretic-sas.com quantcast.mgr.consensu.org
consent.heretic-sas.com
www.signal-arnaques.com
4 onetag-sys.com ads.themoneytizer.com
cache.betweendigital.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 sync.mathtag.com 3 redirects
3 px.moatads.com www.signal-arnaques.com
3 fonts.googleapis.com googleads.g.doubleclick.net
3 ib.3lift.com www.signal-arnaques.com
3 sync.smartadserver.com 2 redirects www.signal-arnaques.com
3 pixel.quantserve.com 1 redirects www.signal-arnaques.com
3 id5-sync.com www.signal-arnaques.com
ced.sascdn.com
ads.themoneytizer.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 gum.criteo.com 1 redirects ads.themoneytizer.com
3 c.tmyzer.com ads.themoneytizer.com
3 sibautomation.com www.signal-arnaques.com
sibautomation.com
static.cloudflareinsights.com
2 an.yandex.ru 1 redirects
2 www.tns-counter.ru 1 redirects
2 x01.aidata.io 2 redirects
2 sync3.adsniper.ru 2 redirects
2 d5p.de17a.com 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 sync.search.spotxchange.com 2 redirects
2 ads.pubmatic.com csync.smilewanted.com
2 aax-eu.amazon-adsystem.com 1 redirects
2 event.clientgear.com 1 redirects
2 px.adhigh.net 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 match.prod.bidr.io 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
2 p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com
2 cc.adingo.jp googleads.g.doubleclick.net
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 rtb.openx.net googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 ww1097.smartadserver.com ced.sascdn.com
2 tlx.3lift.com ads.themoneytizer.com
www.signal-arnaques.com
2 prebid-server.rubiconproject.com ads.themoneytizer.com
2 b1h.zemanta.com ads.themoneytizer.com
2 adx.adform.net ads.themoneytizer.com
2 mug.criteo.com www.signal-arnaques.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 in-automate.sendinblue.com sibautomation.com
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 dpm.demdex.net 2 redirects
2 rules.quantcount.com secure.quantserve.com
2 platform.twitter.com www.signal-arnaques.com
platform.twitter.com
2 connect.facebook.net www.signal-arnaques.com
connect.facebook.net
2 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
2 quantcast.mgr.consensu.org www.signal-arnaques.com
quantcast.mgr.consensu.org
2 static.cloudflareinsights.com www.signal-arnaques.com
sibautomation.com
1 simage4.pubmatic.com ads.pubmatic.com
1 t.adx.opera.com
1 rtb-csync.smartadserver.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 sync3.sniperlog.ru
1 um.simpli.fi
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 ads.yahoo.com
1 id.rlcdn.com
1 cdn.connectad.io csync.smilewanted.com
1 static.smilewanted.com csync.smilewanted.com
1 cache.betweendigital.com ads.betweendigital.com
1 mitdmp.whiteboxdigital.ru 1 redirects
1 sync.dmp.otm-r.com ads.betweendigital.com
1 inv-nets.admixer.net 1 redirects
1 ad.turn.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 acdn.adnxs.com ads.themoneytizer.com
1 sync.richaudience.com ads.themoneytizer.com
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 p.rfihub.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 beacon.walmart.com 1 redirects
1 geo.moatads.com z.moatads.com
1 z.moatads.com ib.3lift.com
1 tags.mathtag.com ib.3lift.com
1 fonts.gstatic.com www.google.com
1 mp.4dex.io ads.themoneytizer.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 prebid.a-mo.net ads.themoneytizer.com
1 pbjs.e-planning.net ads.themoneytizer.com
1 hb-api.omnitagjs.com ads.themoneytizer.com
1 www.google.de www.signal-arnaques.com
1 pool.grid-data.bidswitch.net www.signal-arnaques.com
1 secure.adnxs.com 1 redirects
1 adtrack.adleadevent.com ajax.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 syndication.twitter.com platform.twitter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 api.rlcdn.com js-sec.indexww.com
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 csync-eu.smartadserver.com www.signal-arnaques.com
1 csync-global.smartadserver.com 1 redirects
1 ced.sascdn.com ads.themoneytizer.com
1 www.googletagmanager.com www.signal-arnaques.com
1 apis.google.com www.signal-arnaques.com
0 kvt.sddan.com Failed ads.themoneytizer.com
380 144
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.themoneytizer.com
GoGetSSL RSA DV CA		 2022-03-10 -
2023-04-10		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2022-03-25 -
2023-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
c.tmyzer.com
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2021-09-12 -
2022-09-12		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-13 -
2023-01-13		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-08 -
2022-05-09		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
sendinblue.com
Cloudflare Inc ECC CA-3		 2021-09-29 -
2022-09-28		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
adtrack.adleadevent.com
Amazon		 2021-05-17 -
2022-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-25 -
2023-03-07		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.e-planning.net
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
*.a-mo.net
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.360yield.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-03-28 -
2022-09-28		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-24 -
2023-02-24		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh

This page contains 50 frames:

Primary Page: https://www.signal-arnaques.com/scam/view/388341
Frame ID: CBD7A986BD907334960E1A36A519AD7E
Requests: 206 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Frame ID: D4070C2DCBBE2E2CBBEC0B44F709C722
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1651451052742
Frame ID: 0F6AF4BD48801FAF6D82954E26D5839C
Requests: 1 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=dgxmhmwk8udarp0eqgm3yuk8
Frame ID: 8B3F6C87755B522607A4CD9EEA473071
Requests: 4 HTTP requests in this frame

Frame: https://consent.heretic-sas.com/global-consent.html
Frame ID: DBD83AC42918330716D379048D27F5AD
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.signal-arnaques.com
Frame ID: BEE753A7A453CE53CF25DD93AE9EB26D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B&co=aHR0cHM6Ly93d3cuc2lnbmFsLWFybmFxdWVzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=normal&cb=rs6j9ymr5fbm
Frame ID: 1C3E1BCEACF5B8FB6D1C32CD56D19221
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8416474909997810&output=html&adk=1812271804&adf=3025194257&lmt=1651451053&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651451052713&bpp=3&bdt=199&idt=184&shv=r20220427&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3279543391900&frm=20&pv=2&ga_vid=1551782448.1651451053&ga_sid=1651451053&ga_hid=426141358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531550%2C31067323%2C31061828%2C31062930&oid=2&pvsid=1584946475217727&pem=878&tmod=1475904135&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=743
Frame ID: A436284EE5C242F795A962DDCE594217
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B
Frame ID: 6DE41721D59F9BB21A143CA4A2EE9E84
Requests: 3 HTTP requests in this frame

Frame: https://ib.3lift.com/rev/6ce243b78b284997e927c02b87e59df511f993b2/dist/bundle.js
Frame ID: 75FC06E51A3969BE7138F60C87EFB604
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 367F4768700FF9F211EBA3DB9F4A056F
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRFM1pEUTFZVEV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NzcyMTY4Nzg5NjczNzE2NjIvMTA2MzExMTYvMTE1MDc0OTQvNjIvMGNwdmEwNFV3LWgxOVlXdXNnYVFTZFF5eEZKNXlsQTRTX2RQOTI2cFVfZy8xLzYyLzAvMC8xODkyNzgyLzI5OTcwMTQ5MTQvMjE1NTQzLzExNDk1ODUvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTc3MjE2ODc4OTY3MzcxNjYyL2Ftcy8wLzkxMDMvNDAvOTk5LzI1OC8xNzguMTYyLjIwOS4wLzAuMDAwLzE2NTE0NTEwNTMvMTY1MTQ2MzY1My82Mi80MzM4Lw/fiAKJ3Jt977L_xWu_rjhfc9j6Dc&nodeid=3149&group=cdg&auctionid=3977216878967371662&shardkey=3977216878967371662&sid=11507494&cid=10631116&price=0.191&bp=a_bjbbgg&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.29
Frame ID: 533C7F1C00C9EDF1AA58E6E27D9170D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Frame ID: A567139CD73DCE7D049F3AAA4F0DFE30
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5CA0AF3D19BBA03239D08EF1DA686424
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E008F2548343D942E44EFF958015285E
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019
Frame ID: E74783D1A5F28D410178DB402561293A
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Frame ID: D7FC43E244486A5F7F9C8C1FE64272A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9F6F6C797AF9BC7BF891581FACE01618
Requests: 9 HTTP requests in this frame

Frame: https://p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: E6FE092D46D132D914AA64D5243A0291
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Frame ID: 41B288563C753B9FB35B6FE6772FD055
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Frame ID: EE12424439E2F1B7FB665F7E9C37AF71
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE65D4939707A0F944FF8A59744B11E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0CD258D4FC9A14FD7FAB6942FC54F04A
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 420BA58A942410BC720EDCFBDC345580
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 22AD564101AAEA61FC4FCD1513773E76
Requests: 10 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6587187179
Frame ID: 5878C92340FF2AE57ABAE701F2695194
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 0FEA57C3B16177AB81BB167BE7B06E1D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2CC4F97FE2E32DDF5BF014DF42224BE8
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1651451053610&gdpr=0
Frame ID: F68973BDF792D21716272AAAA4EE2B0B
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 932535A77724EFE3DFD371DB393BC890
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=058590ef-f5be-527a-8c09-5152ee6675ff&CACHEBUSTER=818211
Frame ID: 11A9A4099DC114FECBEA0949A1F2E2D7
Requests: 7 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 4572405E8BEAB5C8E2EA0FACBB38D10E
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=c97fc36596afb27de0db8dcc8608f3ef
Frame ID: C6FA6464553A3C82CF293A2D706CF49A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: DFC13DB6A72C57AD0D5D3FBE85DC93CB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/
Frame ID: 019A3DAEC02712237C44F74AAB601AC3
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 69B63E3D5C70060D3BF789C977F2A5A2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/08c8e3eb-8a6b-4038-8d6f-999df0a6ccf5&partner_id=1010
Frame ID: AC9A5638A24A6D43E983C72D429FA890
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 1FFC3432C44C3B59B393D6A71A6898B3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: FAEE8DAB839E9CD460C3F3A70A5E7FEA
Requests: 13 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Ym8kru8EzaEc9UlILlpKtgAA%261207
Frame ID: A58AEE110CA98C8EEDE5A1EE7D277F20
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/34a77b9d-c9ae-11ec-99d1-141922060506
Frame ID: 30191701955866EBA3062C771FA63945
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/fa5f80e4-cb32-4bd2-94ec-2362dcae7020?gdpr_consent=null&gdpr=0
Frame ID: 80ACBA1622B5663A2AE31D0F8F20CFD3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-UW8g8XxE2uFkI9_NMP0.93gSsd2j60wUebvJlOI-~A&gdpr=0&gdpr_consent=
Frame ID: F0B94D932A81F56E461C878C2347CFA2
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8
Frame ID: 90A7321970A0D192F543E0DA3FEC8486
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2d9a626f-24ac-4500-a3f3-a31d829ea435&gdpr=0&gdpr_consent=
Frame ID: 705C294F43CA4A582898F913A0044F92
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5968812546922592617
Frame ID: D216919780C7A3D1523FDC57FD748600
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A7D291BEF9D651D4ACD0E39625F186F4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/1502E6FA-2081-4535-A9FD-8210E8EEF8B8
Frame ID: 1B71DDA80019DA5F06FD681EE528B470
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: ABEEFB89AE5B1A5719FD93E979AD84B4
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: FEE75A12EBFB4DB0BDCFC6DEBBDA52BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

www.mondialrelay.com | compagniemondialrelayexpress@gmail.com | Site internet frauduleux | 3 commentaires

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /yii\.(?:validation|activeForm)\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

380
Requests

85 %
HTTPS

32 %
IPv6

91
Domains

144
Subdomains

105
IPs

15
Countries

2913 kB
Transfer

8194 kB
Size

116
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://csync-global.smartadserver.com/1097/CookieSync.html HTTP 302
  • https://csync-eu.smartadserver.com/1097/CookieSync.html
Request Chain 103
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db41456fe-dbf9-403a-6ac2-0be5dcd3882d%26reqId%3Da7db4833-593b-48e0-7ee6-851b390d7a9d%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?adnxs_uid=8646490127283099469&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Request Chain 104
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGz7V_ExNRlPiz-DCK58ayY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Request Chain 106
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db41456fe-dbf9-403a-6ac2-0be5dcd3882d%26reqId%3Da7db4833-593b-48e0-7ee6-851b390d7a9d%26zdid%3D1258 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db41456fe-dbf9-403a-6ac2-0be5dcd3882d%26reqId%3Da7db4833-593b-48e0-7ee6-851b390d7a9d%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=36330359507202384782875764095815842546&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Request Chain 107
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=nESLXsIstfvm9fyvlVpKA6iGyO2nrEQd%2BS41iYitP1U%3D
Request Chain 108
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db41456fe-dbf9-403a-6ac2-0be5dcd3882d%26reqId%3Da7db4833-593b-48e0-7ee6-851b390d7a9d%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2d9a626f-24ac-4500-a3f3-a31d829ea435&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Request Chain 144
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.signal-arnaques.com%2F&domain=www.signal-arnaques.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=N6QSE3xGSHNRYmN6bXdPeC9xVXowaGhvVXZhRlpVM2tOV3pWMnNVelo4dEw2LzNhbFNaSUFzQTlFSGhENVA1Q3BuaWVWalAvbmhDTERXRDhwSjFDTFZENTk1TUI3OXhQcW9rZWNMeW4waVllK2QvWXRUOWduRy9FTjFyWG9PeU9VNjZvMC8vbnZEb3k0YXh3aWRoUWNKSExVc2cwODVobFdFN0V1WXUyLzNUb0VsS1FDbG1HTkx6MTJDOG9ZZzcxdndQMXlicHhJcE5EN0NZQUFQVjlwKzg5Y2hmNmZvQ092aU8yWXJURC9QNkdDUzZHZDZsc3o1M2k4ZWZ2aHZ3SUZESC85fA&cppv=2
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3a652964-675b-4063-973d-3f49cefab4f9 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=3a652964-675b-4063-973d-3f49cefab4f9&google_gid=CAESEC1wg9Remijlt6sdlOMf9Ik&google_cver=1
Request Chain 151
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12769%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.signal-arnaques.com%252Fscam%252Fview%252F388341%26hn_ver%3D40%26fid%3D3a652964-675b-4063-973d-3f49cefab4f9 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=8646490127283099469&pid=12769&ref=&url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&hn_ver=40&fid=3a652964-675b-4063-973d-3f49cefab4f9
Request Chain 152
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3a652964-675b-4063-973d-3f49cefab4f9 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3a652964-675b-4063-973d-3f49cefab4f9 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8&fid=3a652964-675b-4063-973d-3f49cefab4f9
Request Chain 155
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D3a652964-675b-4063-973d-3f49cefab4f9&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3a652964-675b-4063-973d-3f49cefab4f9&gdpr=0&cklb=1
Request Chain 263
  • https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEPhfBSbzZ-il3uNykiV-rWE&google_cver=1&google_push=AYg5qPIF9S1rLslWI3DNusaNDFND20L0-dq7wJcWEdGb8govBlPu0znilQT6DgPZD0TWkqkrmXBmPGHuxlLN6kI1sGF9OBsVnzo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=W2L7A4Q8SJtLJfLhUXvGZ4&tap=gAds&google_gid=CAESEPhfBSbzZ-il3uNykiV-rWE&google_cver=1&google_push=AYg5qPIF9S1rLslWI3DNusaNDFND20L0-dq7wJcWEdGb8govBlPu0znilQT6DgPZD0TWkqkrmXBmPGHuxlLN6kI1sGF9OBsVnzo
Request Chain 265
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIi8-5P4JA32PYmt13aGkAU&google_cver=1&google_push=AYg5qPIXtfGkNu3glIQKVbjMMu2X0FK_Lqv1xsaBM31gggJsFXEtzG0xRC-Jt_lSuJbx8Q0ucGuVVDCOV53hLaLSpE6EYLfduHn1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FQLm-iCBRTWp_YIQ6O74uA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIXtfGkNu3glIQKVbjMMu2X0FK_Lqv1xsaBM31gggJsFXEtzG0xRC-Jt_lSuJbx8Q0ucGuVVDCOV53hLaLSpE6EYLfduHn1
Request Chain 266
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEODPQuxU0fKB2ijrTzmomcU&google_cver=1&google_push=AYg5qPIvz0YQD40Xvs0wAnGQDPgFesdRdGvd5CYikLTXphyfmMMlRKRBpBxfRkV_2JhsjcASqj7f8OyAdXJKNgLvzffQCSOfMXEN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJOWkJHQlItMUQtRVgxRQ==&google_push=AYg5qPIvz0YQD40Xvs0wAnGQDPgFesdRdGvd5CYikLTXphyfmMMlRKRBpBxfRkV_2JhsjcASqj7f8OyAdXJKNgLvzffQCSOfMXEN
Request Chain 267
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_cver=1&google_push=AYg5qPK4JyzPrkuUDWauefCKRRkMcbGM1g3xZST8lLwS27ryex6i_pQUeCZHgb3oKr4F2eKBOxGKPlTumxpq3hYbW8iO6XDDE-_W HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_push=AYg5qPK4JyzPrkuUDWauefCKRRkMcbGM1g3xZST8lLwS27ryex6i_pQUeCZHgb3oKr4F2eKBOxGKPlTumxpq3hYbW8iO6XDDE-_W&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym8kru8EzaEc9UlILlpKtgAABLcAAAAB&google_cver=1&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_push=AYg5qPK4JyzPrkuUDWauefCKRRkMcbGM1g3xZST8lLwS27ryex6i_pQUeCZHgb3oKr4F2eKBOxGKPlTumxpq3hYbW8iO6XDDE-_W
Request Chain 274
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBvEO1jFAGz_9ezBt5-JShw&google_cver=1&google_push=AYg5qPLpJGfXa3xri0y9VKnQ043YbGopMIP7nHtfqcLhLLdIpxQ-A82gzsZkPNu8cHhPVXJVZd0uNRpt0haqGkKqsQoSGiT24Tuo HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLpJGfXa3xri0y9VKnQ043YbGopMIP7nHtfqcLhLLdIpxQ-A82gzsZkPNu8cHhPVXJVZd0uNRpt0haqGkKqsQoSGiT24Tuo&google_hm=yHQVP1g0HR6Ft6sXWqMNCg
Request Chain 277
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEODPQuxU0fKB2ijrTzmomcU&google_cver=1&google_push=AYg5qPKodp6B8IuHgp8oaeHgg7Bra0qF7zG1Yg_26ZogGIYCKIuYaz18uhBySkk5l1RyyArPAan3WgJ3mZ801-TekekqRXRQ3zHY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJOWkJHQlItMUQtRVgxRQ==&google_push=AYg5qPKodp6B8IuHgp8oaeHgg7Bra0qF7zG1Yg_26ZogGIYCKIuYaz18uhBySkk5l1RyyArPAan3WgJ3mZ801-TekekqRXRQ3zHY
Request Chain 278
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_cver=1&google_push=AYg5qPJ-Ltb4OLWgrzVXJKYKTbsZUOnQfKz1Pr0uSuqFOhG5l226nx29a2WztuZAiLonSK83ECBb2FUwzv2acV5_t07C5nNBOENJsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym8kru8EzaEc9UlILlpKtgAABLcAAAAB&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_cver=1&google_push=AYg5qPJ-Ltb4OLWgrzVXJKYKTbsZUOnQfKz1Pr0uSuqFOhG5l226nx29a2WztuZAiLonSK83ECBb2FUwzv2acV5_t07C5nNBOENJsA
Request Chain 288
  • https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059 HTTP 302
  • https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Request Chain 293
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDc2Mzg2MDEyMjc5ODQzMjgzMw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDSEaj8nvoKFycRfHx-KgQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 295
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDc2Mzg2MDEyMjc5ODQzMjgzMw%3D%3D
Request Chain 297
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3260763860122798432833?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-wY95TlhE2oShVwLaG_W8Y0W_T9kkX8k2rN59KfEP_A--~A&dongle=0883
Request Chain 298
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3260763860122798432833&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3260763860122798432833&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455421025682333&expires=30&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=9fcb8828-774d-4934-b5fc-5d99117ef0b4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 300
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3260763860122798432833 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3260763860122798432833&dcc=t
Request Chain 301
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Request Chain 318
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AABFcE7E3kkAACPUSyFBkg&dongle=bzwx
Request Chain 319
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=342e13bf-c9ae-11ec-ba0e-dd9480ecc920&dongle=d54f&gdpr=1&gdpr_consent=
Request Chain 320
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-fb5e8204-3d69-4234-49b3-e136e995dac1$ip$178.162.209.130&dongle=4430
Request Chain 321
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=Ym8ksQAGLOABLAAZ HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=Ym8ksQAGLOABLAAZ&dongle=3c0a&gdpr=1&gdpr_consent=&_test=Ym8ksQAGLOABLAAZ
Request Chain 322
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8646490127283099469&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 323
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=064314f4-3456-4b90-aae3-33e7fac78f22&dongle=31ac
Request Chain 324
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8857679995411781151&dongle=d407
Request Chain 325
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=2d9a626f-24ac-4500-a3f3-a31d829ea435&dongle=3995&gdpr=1&gdpr_consent=
Request Chain 326
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%3D9fcb8828-774d-4934-b5fc-5d99117ef0b4%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=b0a98e34289945fca28062a26c599224&ssp=between&bsw_param=9fcb8828-774d-4934-b5fc-5d99117ef0b4&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9fcb8828-774d-4934-b5fc-5d99117ef0b4
Request Chain 328
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=Lh18mfJFSfx.AikABlGAgidUXg
Request Chain 329
  • https://mitdmp.whiteboxdigital.ru/pixel?id=058590ef-f5be-527a-8c09-5152ee6675ff&source=between&redirect=true&href=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D123%26external_user_id%3D%7Bmiid%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=123&external_user_id=ae4f2a92-b4ad-40bc-b9f6-22dce959cc29
Request Chain 335
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=c97fc36596afb27de0db8dcc8608f3ef
Request Chain 336
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=9fcb8828-774d-4934-b5fc-5d99117ef0b4 HTTP 302
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=9fcb8828-774d-4934-b5fc-5d99117ef0b4
Request Chain 338
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZlYzVlMGYxNDc1NTkwNTU5ZDJhZmYzMGEyZjFjZDcwNzRlOTk5NQ&gdpr=0
Request Chain 339
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jfuRtCelR2-HMO9HAYM-Aw&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jfuRtCelR2-HMO9HAYM-Aw&gdpr=0
Request Chain 340
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=S0x4kbvqQSuQwQd-BNHpbg&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S0x4kbvqQSuQwQd-BNHpbg&gdpr=0
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELaCiqKI2I7GTTh2Wd88ibk&google_cver=1
Request Chain 344
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2NZBGBR-1D-EX1E&gdpr=0
Request Chain 345
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2NZBGBR-1D-EX1E&sigv=1&esig=2~b9ab7b6b1e17dcac05c61f30ddbccc32ccb996c4&gdpr=0
Request Chain 346
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/
Request Chain 348
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/08c8e3eb-8a6b-4038-8d6f-999df0a6ccf5&partner_id=1010
Request Chain 351
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Ym8kru8EzaEc9UlILlpKtgAA%261207
Request Chain 352
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=34a77c00-c9ae-11ec-99d1-141922060506 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/34a77b9d-c9ae-11ec-99d1-141922060506
Request Chain 353
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/fa5f80e4-cb32-4bd2-94ec-2362dcae7020?gdpr_consent=null&gdpr=0
Request Chain 354
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-UW8g8XxE2uFkI9_NMP0.93gSsd2j60wUebvJlOI-~A&gdpr=0&gdpr_consent=
Request Chain 356
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8
Request Chain 357
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2d9a626f-24ac-4500-a3f3-a31d829ea435&gdpr=0&gdpr_consent=
Request Chain 358
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5968812546922592617
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FQLm-iCBRTWp_YIQ6O74uA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 362
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2d9a626f-24ac-4500-a3f3-a31d829ea435
Request Chain 363
  • https://pixel.onaudience.com/?partner=214&mapped=1502E6FA-2081-4535-A9FD-8210E8EEF8B8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTUwMkU2RkEtMjA4MS00NTM1LUE5RkQtODIxMEU4RUVGOEI4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHrm-BMhaniK5Isnbb2BIkY&google_cver=1
Request Chain 367
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6000409301337650221
Request Chain 369
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8646490127283099469&gdpr=0&gdpr_consent=
Request Chain 370
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Q6BYmEemD5pYpFjIE_NDyBeiDJtYp1qdQ6CUIe-P
Request Chain 371
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiyybyTBlIFl4XSlAY* HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiyybyTBlIFl4XSlAaiARA0Xgogya4R7IbgACWQwGR8 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABiyybyTBqIBEDReCiDJrhHshuAAJZDAZHw* HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiyybyTBqIBEDReCiDJrhHshuAAJZDAZHw* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=345e0a20-c9ae-11ec-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=345e0a20-c9ae-11ec-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=gOtz14RGIrH0r82LurUATg& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=gOtz14RGIrH0r82LurUATg&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=gOtz14RGIrH0r82LurUATg&extra2=aidata&google_gid=CAESEATBnjdlgLvQvFjhVLjIpvA&google_cver=1
Request Chain 372
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 375
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/818211 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/818211
Request Chain 376
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=058590ef-f5be-527a-8c09-5152ee6675ff&expires=60 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9fcb8828-774d-4934-b5fc-5d99117ef0b4&gdpr=&gdpr_consent=
Request Chain 378
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F058590ef-f5be-527a-8c09-5152ee6675ff HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/058590ef-f5be-527a-8c09-5152ee6675ff HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/058590ef-f5be-527a-8c09-5152ee6675ff?redir-setuniq=1

380 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 388341
www.signal-arnaques.com/scam/view/ 		101 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d7898f043d97b83d66e31744358ab937caeab613ae0c0cbd5a40b65dfa62da
Security Headers
Name Value
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
704c9cd4ad319948-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbL4HgPF%2FryU9n%2BKs23Aznroe2dIkggeLq07x6ZBZStWOZ2L8qUjAG6sYn0IoTQI%2Fk3YGD%2FttyMDz3JaMHpsRKr9gCmJR7%2BgAkXoOEsiI2D6qZRcPjwoRUHZ2EA9CmJaTeE2Jp1o5%2BgOQzr9Dsl6SVy1cuXf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8416474909997810
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d37a75584116261e7175df3e014f9e81ad6e9d4f3b42ab5308cad9449f92c446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.signal-arnaques.com/
Origin
https://www.signal-arnaques.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56169
x-xss-protection
0
server
cafe
etag
17469044712412128494
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 02 May 2022 00:24:12 GMT
message.css
www.signal-arnaques.com/assets/8478ea70/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/8478ea70/css/message.css?v=1651451052
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f094087d780a32b501515afabac2e590d2b40c1ea1ca7a8b4f9442b776b0f657
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
last-modified
Mon, 02 May 2022 00:24:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626f24ac-2272"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BpugfTW2nFYt6LR9HwCLu%2B71xA7U4RZq6nb1eKwuovdgKbe03ORsuzwbllQFUfvFFIPDsoAySWcNgUz4CJapcc%2BrYI1ep8LpwYIhG0NXhX0MVagMeFN6459oNeYxOHbNwzYGf2r9votTsnL86mxBAT5t2JE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=21600
cf-ray
704c9cd69ebd9948-FRA
expires
Mon, 02 May 2022 06:24:12 GMT
messageNotification.css
www.signal-arnaques.com/assets/8478ea70/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/8478ea70/css/messageNotification.css?v=1651451052
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38429ed1aef2f088f912d2ea07ec74734a93885f3f2a289d3ea309a88d3a7fb0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
last-modified
Mon, 02 May 2022 00:24:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626f24ac-ffc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKY9mHDHAAgphgaxdX%2FWO1jntBm5vRA8aQwiUK0B3izSr4ITyiF6RFX4A856azUmOtuUNkLFH21N5s1%2BHMRzkb%2B%2BzwjrCL6we%2FbnuHlGcoW%2FrAFnbvq7Z6oReGrJJimKhiUCo1Wj43ERgHbTig%2B%2BeI9ip1Yd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=21600
cf-ray
704c9cd69ebf9948-FRA
expires
Mon, 02 May 2022 06:24:12 GMT
listeMessages.css
www.signal-arnaques.com/assets/8478ea70/css/ 		1 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/8478ea70/css/listeMessages.css?v=1651451052
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef6877dde280683905a9ca38f513fd55744071d1871ab89edf87cf214d7892f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
last-modified
Mon, 02 May 2022 00:24:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626f24ac-448"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPtsfb57pX5r9x9pjKj5tugmGF5PtrNJYDr5e5GTay8pBgUrhrbCHUw7Ul1BK2aXRETEXZOvcqLjJN8byfmSEn6RxHimnrp3v0EzQ6Nyp9A0TRRLKWgHE8YRmpcnfhaagdRSfahfJoEkD9Irqs%2B%2FZsqojXh8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=21600
cf-ray
704c9cd69ec09948-FRA
expires
Mon, 02 May 2022 06:24:12 GMT
discussion.css
www.signal-arnaques.com/assets/8478ea70/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/8478ea70/css/discussion.css?v=1651451052
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c091c0a61fd6776cf307a60c6acf243271f48fa92bdbccfe4d2d84eec8f1c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
last-modified
Mon, 02 May 2022 00:24:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626f24ac-2635"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNiL5lhTuUX0hcP5f0gGqCIGBXEuU6wxa4gBMp%2FrIdjuNvn6%2F8WH9C%2BikQW613BBjuPLTLS5Jc6SLUdaRiX8kyZB7fig4hj9uIYozbl%2FCBL8YpqgXTNnVvrc5yEPQRBzt3g%2F2K6yh7EL12WGPvQ8Mgs5M%2Bqo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=21600
cf-ray
704c9cd6aec19948-FRA
expires
Mon, 02 May 2022 06:24:12 GMT
css-follow-widget-result.css
www.signal-arnaques.com/compiled/css/ 		1 KB
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/css/css-follow-widget-result.css?v=1651382884
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca5ac667020324f0c44252a388e414d1681b254eb164fbc216c893cad4cbba92
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a64-476"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fY8HcbO9vvUnJguZb2zvp2A2UOcSSXeZfw1B%2BR%2B5fsa0Sma3%2FFll3VCe%2FVGbTaz6sAGI4YWL%2Fk9jRJLypftQzypJS4xQezy%2BTxtRtLgwGWtJ8tsPWp0Wolsyio5YQHj9X6PkA%2BXmKqdleZdNxC%2By%2Fyz3TPod"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=21600
cf-ray
704c9cd6aec39948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
vote.css
www.signal-arnaques.com/assets/c0380339/css/ 		2 KB
928 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/c0380339/css/vote.css?v=1651451052
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2acc0b4868b17a88546d8b8f25bd47d0f46f389c3525ed0594c704320b1322f3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
last-modified
Mon, 02 May 2022 00:24:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626f24ac-6a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpKsLrgUTo4Mm3zcIfNYkOD4neZBPUw%2BsQXTVKL9ff3dmYzcE2PHwiqlVUcVzNECOK0iv98CWxDee8ScZ4O6wLpCtN8%2BlZ81rM3gNn6gmkLZAmJtkvUt9rM1Lr8q8trkWWh91wgcAgJuK1MEMus1y6HGvojf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=21600
cf-ray
704c9cd6aec49948-FRA
expires
Mon, 02 May 2022 06:24:12 GMT
commentFile.css
www.signal-arnaques.com/assets/2698a9a1/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/2698a9a1/css/commentFile.css?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bfab095c00b90d1c1ec499b770605c09eb8e2286504fabc89820be04464a0d2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-d50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YK2W4WVjf%2FxpVQqoRSx4BkkqrJKuHcoP7NLYeLCmmB2zlwxmFYCwLlLhKjvXIPAvn7%2FlmLcDRy4ZRWB%2FcFXmQ2H8yw%2FJkGg1zqJqo1zbh5%2BETKGNEuSQIgPSAmwzMfzx7neOSdToj3T9OXjLIh6JY2v3eARV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=21600
cf-ray
704c9cd6aec59948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
experienceDate.css
www.signal-arnaques.com/assets/2698a9a1/css/ 		532 B
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/2698a9a1/css/experienceDate.css?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5556bfd714e2aa2334c6c43a282c06a65295f730ff580b2d28609c6d4ce3751
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-214"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgEwwK5NbIu70pqgtVObMQ3VIvZXaNpgEGPDLq88zwfkQjVGCDO7c4M51v8WLa5HGXjouWF0Mp3b7Htc0oRzID9nQgl%2FiHiHyhYg6xs3sVbb2KLC3OEDHOdCJKSIIIYmCJ6QgjOR1T5h%2FeW5xSOXjbwd4Jm7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=21600
cf-ray
704c9cd6aec69948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
css-head-result.css
www.signal-arnaques.com/compiled/css/ 		59 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/css/css-head-result.css?v=1651382840
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2286b87d134e4af5f96e880ada03fa42fe168d7a8cc4b019dd58b83e7d486c56
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a38-ebe3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RanLJAIb%2BH7l6Vaz01%2BDW0IhvGS6HAoKm1tM0CvKbWvdQ0a6nzlaBxUrJ17NBqyJTGF3cwyhWWEs5n8PRMEMMi1X7p%2FskrT51nDRGkfbTi72Yd4GWfKAQ2PkzSI9qE3MZeKNzYxTAXg0PAOc5An9x%2BFHp5gx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=21600
cf-ray
704c9cd6aec79948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
css-select2-result.css
www.signal-arnaques.com/compiled/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/css/css-select2-result.css?v=1651382867
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad83eaaf781355979afabcede910e1612afa0eed5b2d6c01bbf0641e6fc55b5e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a53-3945"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UmxAAslXNdjzkh%2FSzwDrK3McoSQpj6ZUR2tTxIOG%2F1Vq0u0vf1sOC7QiO%2FsaUtLhSWW7z1F9XfRTcxWw7z4Epp2zZouDsDlkuy2Fg%2FJwkLQ6kOyLFx10P8VcgU54GEiJTA1siAgWigBOAcA9KF5oY%2FcVf5z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=21600
cf-ray
704c9cd6aec89948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
js-core-result.js
www.signal-arnaques.com/compiled/js/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-core-result.js?v=1651382858
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a5436e99c5ae03db81bd328ee282bcb307a7a9bd873e75efd960904f579905
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a4a-16003"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OemM3YB1ysOd8Z5%2B8xUGHcKxMfNaaO%2FeXHoFWG4fz4Bikk7S%2FrJ%2Fg4CRDTegt0UnVyJBAQJFhY%2BQ5UOPDgWMDtvUJ3yXeNhIp7Pj699YIdg9xh3ZqOyGSw0JS1O3rxdhePIj1pSnk9QZTwbrO5anrKUZNe6I"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd6aecc9948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
sweetalert2.all.min.js
www.signal-arnaques.com/assets/e2cc6cb5/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/e2cc6cb5/sweetalert2.all.min.js?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f91188245fc065fd6c502d1e3b262033871fea5a2c7c87b7cf9b06af29b30c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-976d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bFqPIww7VrRysFtV8m9Wt3TeeXwqJThXAv89Evf%2BtQkkY4BH1DNoQA3aOtHkvvQdT3D9s2HZoUElnnBBHVe8rCE5CNCtZqq8PJs1Voh4t24EFFKDOBoIBTtIvFI%2Bmq9NsIYWUrDLMEWtd61nWwj3d1%2BAOYE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd6aecd9948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
js-head-result.js
www.signal-arnaques.com/compiled/js/ 		94 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-head-result.js?v=1651382840
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6711c3bfd2ee52b6cad608bc28f735e23bd51d18bebda453c1e0b7075b53f01a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a38-176fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4JkGo2al5877%2Fv4Usdteo88qHFTi65G8ZSA2h99YL6hT4pnPEapcWejhXWPv9LFgEHCQwK%2Bi4b7r8xIKS7qso6Qg0L75ZpHuAAdAd9hWHMjZgZ0nFhCZcG%2Bj0VKfebx79Ssh86d15AmlUmuiqzqBHFMJ263"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd6aecf9948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
removeParam.js
www.signal-arnaques.com/assets/4e98b986/ 		213 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/4e98b986/removeParam.js?v=1651382918
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4dc9da7fe3309d9151863244a30e46c8c96b878de1400944e60025f1814d1af
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a86-d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHRT8WyL7efO2mDZj8GfmTnGel5zn8AD68kgEsHnbhsDNEirRQIz2gP5hilCFuq2ZZACBekFuoVtw%2FLRaADCuUSAswXy%2BxZrev4zSZhQTGaaUJnHv6loe8hihOf1123%2BmpDmZakgRKqNBHUYBr6o58HjAjjH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd6aed19948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
bootstrap.js
www.signal-arnaques.com/dist/js/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/dist/js/bootstrap.js?v=1651382725
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62cd693ac027fd4b0ee04db6a872d044a8795db02d3f008c95b0a8273a5af61
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e19c5-7199"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJ0%2BC9CQeyIr9tZ9QsAzno58uKfOl4razds0wSsnzU3%2BATY3q5FXfIAnv4695BVUWViQABsVdMqHyIQlS2Yl9BcZx%2FxzH53hzV9EywP2MiFoIrU4va63ZjKigk90q%2FewsvSB%2FapXYr9CbK9I9VFYmWyaJoTM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd6aed29948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
js-select2-result.js
www.signal-arnaques.com/compiled/js/ 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-select2-result.js?v=1651382866
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fee0ebfc2113cf67942fd48eafcc7636c4c65cd69d2644e7ad11545f5589227f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a52-1085c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKaMRsRrYToEmDHTS54jfuFoVrrm%2FI1BCSX69XRtUOrRjJE1mn7nvg0ZxN7np%2FqX8AVsxd6qOIQMVEqwB3vMWanEmBVgTnhOEVG9cQicXVb6CnZ3QZMayxrkdg6N7LLtmnFhClBTFtJ4QgBiy0lmNrN8Z1bY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd6aed39948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
invisible.js
www.signal-arnaques.com/cdn-cgi/challenge-platform/h/g/scripts/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651449600
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6d20ce50797421136114f015b2f3464cb53f38bc75c5e1aa313f29881dc6d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKqz6s%2B%2F1ruVTyCIP8%2Bd2hIcCDZJrewb4oDmrEUow8E3BakIUl1oi%2Bobti9O1tLspHNGY9yad1%2FeYPHYcTlQRrOgzx63vXdzmcR%2FWeFawDfs4nYdM5TXc6YNtwaw6vkh9BjdBA5bVUsvY3Nmf%2BCgl0dwBj1q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
704c9cd75f5b9948-FRA
js-mobile_detect-result.js
www.signal-arnaques.com/compiled/js/ 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-mobile_detect-result.js?v=1651382869
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7dfdd77cb6b762c79ab4d500aae90a07d3a142185ffc4289050888ec49aa9a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a55-93b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9Z9F5%2FzJ9mPMcunvxBcj0BHHVT7AdEX%2FwJTIAKvn7yvo81PdhP73TMzxCwC9mBaRbHDkwgMWVUATccIZiblXOx3Lvx9%2F0eEKBhAp6ufb99ElHAU%2FuzFDMrBvk6pMLP5tr5JmgqLm5sg%2FumvBwmEdH1bn226"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd6aed49948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
js-follow-widget-result.js
www.signal-arnaques.com/compiled/js/ 		927 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-follow-widget-result.js?v=1651382884
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0412c253ef97503c889613306b73d5c1e5ae956828aaa2d59b0e32ce7c942ea6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a64-39f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SruZ4XlvBfwV3hP0xEduglWfufUT0pmbXpPQB9HkCDLz4%2FIDj%2BqsK9p13tWOZsag5iWMYBvlU2Tvf1YMOBwY0AiGnxtyfmV6Ig7Vp2f3whUGRx%2Bb7qlT%2FsQYmh0YzAeZr%2FBANY4ToggpbMuNl0IoYafdFTrT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd6aed69948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
logo.png
www.signal-arnaques.com/images/langs/fr/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/langs/fr/logo.png
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d89c4ba7bebd3c6f3a5fa5f15c7a1780bbd18e11241705f8ac4b0edc24d3557d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19460
content-length
15304
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
"626e19c5-3bc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzggkBiL56YV6g0vroF8hExr58bAQrJhm7j6qjl4kIAoMCMfTMkHYk4X7cpU%2FPrZ15BMu8aTKXDOUa87GSqP8K4K%2FkgLxwh%2BmMfGOSO0hVDbQki7e%2BG%2FR4jfYLGP0h3utER9YU8nZZ5UHdvzfcESNWKDh1tr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd75f5d9948-FRA
expires
Mon, 02 May 2022 00:59:52 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
server
nginx
x-hw
1651451052.cds010.fr8.hn,1651451052.cds016.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2073
requestform.js
ads.themoneytizer.com/s/ 		150 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1cb6114f93da11ad3eb003fd9a64fd9c5506e49afd6547f001eb2b4c60107e70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
server
nginx
x-hw
1651451052.cds010.fr8.hn,1651451052.cds052.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
18437
1.svg
www.signal-arnaques.com/images/svg/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/svg/1.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a71a362be867e35ace74fdd5a2cd309af39da70250d973e000ed810dd8e5a64
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18674
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:26 GMT
server
cloudflare
etag
W/"626e19c6-14be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kh1MAmfujQoJelZN%2FvE2FTIhIbc9rhEOmj4zKtZR5rbQUG7ANDKlqyxcA%2FajR%2FVRZd%2BLya109sAd7l1PYZozbxLAfHmoJfgIJKDLjQBEF41OcgdLE9UqYBS25RIT4W6lrhPiYGIgsbfWZ7O%2BCG1DMPkl3FvR"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f5f9948-FRA
expires
Mon, 02 May 2022 01:12:58 GMT
2.svg
www.signal-arnaques.com/images/svg/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/svg/2.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba53129058400a0992a2ace499fe3fab7630855b1e4a023780ffe2e0367beb71
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:26 GMT
server
cloudflare
etag
W/"626e19c6-14e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3m60bZrflqezRZfdHOl3oGsUMytixQmpzEMg2ZRsCVV9yPm7z7CW89M4qZ4NnBI2nh8275hnmtZWi99yPhFuKEO4E1CKNxKHW2ML3pb%2BRBxFIQ1wMV9Mf0Uj%2FvGVFiW6U%2B13%2Fl0Knq6vbX1Kim5i9XccgG7V"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f619948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
3.svg
www.signal-arnaques.com/images/svg/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/svg/3.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9876133081bf7e449dac29f084425ac5dc28dc86fea98bfb06d90ff0b2a32766
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18674
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:26 GMT
server
cloudflare
etag
W/"626e19c6-168f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBlOwOcZVto3UiM1pPmOZXKBQhJe7roF5dDVRO7SbgYPaJm5CnDnl%2FF5kpsnS9jISR%2BdMzJs0BH0u%2FdvBDNu8Uq83ylSwoq7RfjWR2dnYf7UnpX8hzhIDVk%2B2lsRd0xZHAhKt0eXRkm3thJqs1R%2FyropZv%2B8"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f629948-FRA
expires
Mon, 02 May 2022 01:12:58 GMT
user_anonyme.png
www.signal-arnaques.com/images/ 		983 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/user_anonyme.png
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe72e710fa08ea724842080b779a946a2ef297a1337c14e53423fc53269fe98f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5055
content-length
983
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
"626e19c5-3d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHEc%2FX3l%2FwsXhIADo%2BxEQzyol%2BI2%2Fh2fMHq%2FHg1loTA%2BdGYOZ4Pa4TG9dvI6Go%2FBTOlM93VrxBe1WI512InYumhIcjyz2Fd3m3bcFm9li2kO8A%2F58B0D7djJ0PtkMy08s02p6CA23FP8heXbT%2BZrAnlkDiJw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd75f639948-FRA
expires
Mon, 02 May 2022 04:59:57 GMT
1607252435-865621.jpg
www.signal-arnaques.com/images/uploads/profiles/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/uploads/profiles/1607252435-865621.jpg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d16b481009776362f2e5673b49b8f12c7c22b08db65f0c0125b055bc206d383a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20103
cf-bgj
h2pri
content-length
1093
x-xss-protection
1; mode=block
last-modified
Thu, 08 Jul 2021 05:04:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
"60e6876d-445"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4cBas0YbRck4Pn5JOtUFo5RFxx80pgPDeDWBG9P%2BNt6KGYvKBmFcyv7l4sFrBbxLe4Np1YDWp8pKywxJ4GnntUeL2fhxohOhTMfJ1wYi%2BTzXX9jHdw3g%2B3muI1TpvDnh8dvBUTzFUfnWruIMQD8KEJ%2FxI35"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd75f649948-FRA
expires
Mon, 02 May 2022 00:49:09 GMT
enveloppe.svg
www.signal-arnaques.com/assets/8478ea70/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/assets/8478ea70/images/enveloppe.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e18113004c9a0722b67ace9c8ad89ec8a838520c04dd857a20d599339346d181
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 23:42:45 GMT
server
cloudflare
etag
W/"626f1af5-9e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DNFWEMKXWcDa1bbuSbJWtU5uSWxLmyJh7SN0R9ILiA%2Fq68hBunXk1ElGt8GQ%2FBY9uLMB2e%2FSa5egN7QgnEQ9aAt5OJV0MR9%2B5lqyCHz81OxCSfiCJQqcSG8DCo34o%2BiLcn6cqph6N6p5uiWFokBDZdN1%2FEh"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f659948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
7.jpeg
www.signal-arnaques.com/images/scam_thumbs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/scam_thumbs/7.jpeg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba5b5d0c0d833df3a1c94ac7092ceb06bf968efb97ec2703fbd020524693922
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15570
cf-bgj
h2pri
content-length
1135
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
"626e19c6-46f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjsM1oEQa5YETaZjGW8p6HvBBCatENJHUS3RolHLqbuA6qt8vybJw0o%2FCi0OTt2L4hHod3MxhxuyyCx66UXnYNqgAPoKfkgap01EazN94tI%2B6BQrJd9mJpzaUBCqumrZTWTB69mqrnoEkLmIvcS8nA1LDucO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd75f669948-FRA
expires
Mon, 02 May 2022 02:04:42 GMT
chargeback.jpg
www.signal-arnaques.com/images/links/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/links/chargeback.jpg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ce69b07de503667c61ff053b461601e2ce0343ac0c1197029c4ab07cf76233
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11767
cf-bgj
h2pri
content-length
5955
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
"626e1a25-1743"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=forjtGP61Wmu%2FeNIgDWsepsPCuiPQhZsctQfK2TciFVGuubP1PsvS8IIr0ZuqWITxog%2BvXoGJAjGwSJnFI3mAyE082SIUdVBNqc1Gc94W2yL3hOcrwA5CqZb%2FjV8I2XUqzuhbIbKwHCO68mClT6a1I2mAenk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd75f679948-FRA
expires
Mon, 02 May 2022 03:08:05 GMT
conseils-pour-acheter-sur-internet.jpg
www.signal-arnaques.com/images/links/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/links/conseils-pour-acheter-sur-internet.jpg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e613ee5829f804c471ad6f73021b514218e49c2881d4aee2e573c20d426e09
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11767
cf-bgj
h2pri
content-length
5834
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
"626e1a25-16ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CXh632ikWxHbY%2Bd7T51Gt3fEwdv%2BIkMRIAGUUEpW1rK2yFI4HWQAbEvALoMHPtFRddyCmJM1hNbn%2BJV4fbTJDG%2FJQYOVwoge%2FB16yS7%2BNa7R29pCPjUdGuzVTrBVi6tEGiLE3HmVVvXur4oGmLA4x%2BQwF3j"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd75f689948-FRA
expires
Mon, 02 May 2022 03:08:05 GMT
scamdoc.jpg
www.signal-arnaques.com/images/links/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/links/scamdoc.jpg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
872bd3b9dbaf07e40fdbe88990f45bf999948a3d5a0f9af6cc70d7261267ccef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11767
cf-bgj
h2pri
content-length
4497
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
"626e1a25-1191"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LS%2BXCk6GfJjzx5p40Su%2BQMZp0DhFIZ%2FpGdsYqhlqytBiXZeV5b0aKsXlAogLldwNPenFGe7tFeU0y6EPXL0MD8qJw6vZ8SVUCSR2xFVCVwQWbykveNA%2FHLgn1%2FFrj8alCB3%2FzoDsqdQngQNIr68Ap%2Bf0kyyZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd75f699948-FRA
expires
Mon, 02 May 2022 03:08:05 GMT
police_lego.jpg
www.signal-arnaques.com/images/links/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/links/police_lego.jpg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beddfa8f29bb1e03c39a2d704ca739f1515b3c445634772a2d6b97c12f8ad501
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8200
cf-bgj
h2pri
content-length
6054
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
"626e1a25-17a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJgq1oQ2SbMZiPeR6IebnsOVx9BFZi5ndMN6dYHCKGJAAEsySsNQjgtC%2FH2%2FlSHsc5vOn1S5RznE4i%2FVBZw0lekT8x5U6hx88YnkngNnwl8Nu1Yph4tYvpoWzVMaoKhh6ymgLcajg%2BbAWEQpHX0SW9eAZ5wO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd75f6a9948-FRA
expires
Mon, 02 May 2022 04:07:32 GMT
fb.svg
www.signal-arnaques.com/images/ 		989 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/fb.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a9ed2d5a23c2bb4cf0b2c1066f1ca5348bbda41c57c627e68fe595f5ec92560
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8221
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-3dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe1ucTNSjGOB1M6pHglh3bnxbryr3RHGU1PncTAuNC%2BBprIwxIB9tY%2FgJxGipP3fzzVwQv8RnRfJM8N27hdDV5TNpVcw6%2Fo1RW9GIbTbgmkXfD%2BYh%2FHbNLuK9Hr0wPEIKvYK0O2Xjwp5PYBONEEKPXxV8oXk"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f6b9948-FRA
expires
Mon, 02 May 2022 04:07:11 GMT
twitter.svg
www.signal-arnaques.com/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/twitter.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa0ad4cdd6752550185c1107b7c59127a5fcb17daac59daba2a3be1309d35a8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8221
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-73b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWvqhlzfweQeaK%2FUBjUbk3hUik3hUzYzjsL9kSr8pjSwQDoxeahDB5KJb8CL8vj2SvuEnFrjQTvd1yqNAFwN6m1o3%2BeZcgMM8iQZ1b2xm2irXPBtnlKOCMq96qiEvkw%2F2vXO2PhS5lJuQnFTU%2FogMooSzcsi"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f6c9948-FRA
expires
Mon, 02 May 2022 04:07:11 GMT
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20361
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 02 May 2022 00:24:12 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"2cdff035295781be"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 May 2022 00:24:12 GMT
report_icon.svg
www.signal-arnaques.com/images/svg/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/svg/report_icon.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1761d30d6966673031a8ff581c89ae60eb27c8fa229673ecd3aa548b37c3b4f5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18674
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:26 GMT
server
cloudflare
etag
W/"626e19c6-a7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIpt%2BZmSO%2FiVB%2FxxRTGdVH31DnI%2FUU4X0OJ0CMGrAmlAGSN0Cs6l5Jagq8V3j2kuKUYHnv4hYavxVFC1VN6NNFpXrB98ZlpPoZhNFwQGwRwWl71ewd0CVJsCPqthuHkexuKkPJCnScHxTknjlS5A7zhita%2Fk"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f6d9948-FRA
expires
Mon, 02 May 2022 01:12:58 GMT
comment-link.svg
www.signal-arnaques.com/images/svg/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/svg/comment-link.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aceebcf826609f2e68340350296afb6c5bf9a178442e3025014788afebc465a8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14928
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:26 GMT
server
cloudflare
etag
W/"626e19c6-be9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EUUKgYV6miba4UXbk3%2FDV9LgzVKq2sW2zbLoDKcYKCAZdWbGgZFXZz3C0u8ERAGbQX7W8j6YrlEzFA62ip5I5ieqGILWsSdJxqh52R7eyyfIctisqGLfkE7aALb%2B7mldaEj745BEIRsb%2FsbIlGLzwu4pDKg"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f709948-FRA
expires
Mon, 02 May 2022 02:15:24 GMT
1607428195-824743.jpg
www.signal-arnaques.com/images/uploads/profiles/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/uploads/profiles/1607428195-824743.jpg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0957bc246046f3e667939246c4c8888d23f9027d0250e6c8b5d67c4964f08eff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14927
cf-bgj
h2pri
content-length
1185
x-xss-protection
1; mode=block
last-modified
Thu, 08 Jul 2021 05:04:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
"60e6876d-4a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GpKzxnguNvisOr30WqPK%2By%2BloXwlcAi2%2BoTVn8YzAzq%2FeF5bsrcPR0WYAuwbiRvCvGhaTLZ43oFPVDLr3wMyJ87kx3nY72Pfpl3GzV4tsZBRe7sauFjPBsVyTNouRv6eN77MnM6IYHiH7vCuXO59ha7lWAT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd75f719948-FRA
expires
Mon, 02 May 2022 02:15:25 GMT
bars.svg
www.signal-arnaques.com/images/ 		2 KB
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/bars.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6275a1a04ce7add076e83814e6fba53ef080f134b4d4af277be7290581830131
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14928
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-90f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujcRs%2BFFAOsYRDhuVsHZnOgbtWMwaNKquhRDVqhwyV%2FPwtG8RfBFE0ucX31SQ9idOfJPX3XTqNl3G%2FAvHivuenQtCmGjswk%2FJAKKOpT9ViDzl21vSHqXoHaSivCEybZj23hhug3IKbaA5IMUkYIp%2BURnAB%2Fk"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f739948-FRA
expires
Mon, 02 May 2022 02:15:24 GMT
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a3e9e695ef04e38c6417c1877bdd1ad35d02ded1e2d8ce9c3526a9779e08bb62
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Mon, 02 May 2022 00:24:12 GMT
edit_icon.svg
www.signal-arnaques.com/images/svg/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/svg/edit_icon.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb7f8cc32c7b89e40b7b4cb4ba5a2fd0f9df8b0140a264cd4284e239fb59232b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18674
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:26 GMT
server
cloudflare
etag
W/"626e19c6-f4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcSBgKLtx%2B1i8kxzR1JagUeD%2Fj6siMwKFcGrgWkn%2F3yPSx3Hbo4uZ26UBAQMKtZXX3KnrBlkbvdsj1VPPOvAqXu2V3DBZ5XkhBm2wk6MLsYqJZ1ADMRNQ0izIyqAq7WnkXyCThdh8G6isVvdolasm0WnNhz6"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f759948-FRA
expires
Mon, 02 May 2022 01:12:58 GMT
remove_icon.svg
www.signal-arnaques.com/images/svg/ 		652 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/svg/remove_icon.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c13d8e0d5a92bee0904ed430f62649fad8fe778b3ea93cef5045299f70481e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18674
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:26 GMT
server
cloudflare
etag
W/"626e19c6-28c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fbh6qVPDlaq7NEM4seKaYoijC7QmA4WBJqMLD%2BVDWWKPsx0dHBEXs08tJhJOcr8dQnPFhV7pM%2F350QkxwxImOiuNCp8stHLApLldVIWYZNBxFo8X5gJofcqhdOexYEQOV0K0ei9AUhF4gaZ9nLcV2yPrhtOv"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f779948-FRA
expires
Mon, 02 May 2022 01:12:58 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
server
nginx
x-hw
1651451052.cds010.fr8.hn,1651451052.cds005.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2073
requestform.js
ads.themoneytizer.com/s/ 		151 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=28
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
d508774fcb1e11930a42ec9df2212af357fe0f923d2c01e17cc63291427a0cc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
server
nginx
x-hw
1651451052.cds010.fr8.hn,1651451052.cds224.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
18474
flag_fr.svg
www.signal-arnaques.com/images/langs/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/langs/flag_fr.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13c9abe5bfe1b997e3c7c173daa48f1108f14776bd56810ac67c69a2ed02979
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19460
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-765"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOnGEfXPQ7YcE5zbRNeabWgYmTNJ0JNneOvq72RQUhgBAN6HqCXpupB87Y6lD6nItLF2daeUG4419AVdNyEZ4qQfGaF3dIbQ0zvFc7NgXs425AvXoE8G9pTWkTm5MIUK2XcoW0t9n02FVuZIXP3qULivcq1g"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f789948-FRA
expires
Mon, 02 May 2022 00:59:52 GMT
flag_en.svg
www.signal-arnaques.com/images/langs/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/langs/flag_en.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c22d7f0f18e872ba355615a021ca740fa6bade2b38c4267767a7f2e5590e20
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-1c3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcjcnqGx7Eu5YsZjncrz7MpctFiWtWMDmyQZMvTN%2B8UsUOtuemoZwMm0nNMz0XyP8GvhwnXaXpipgkoF%2B6wOacx6%2BRJnP6XtA2A5svb%2Bxh3cAxVMvE1r4Vytcbv6GN8EE9xsWGcMcB80rxaubTmcMGN4DMTN"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f7d9948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
flag_es.svg
www.signal-arnaques.com/images/langs/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/langs/flag_es.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5489cff1f4e131a2c1674549214cb3b131e5e300d4d0df0c2191e312461bc75b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-798"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbYsnFbykaqr6VNONckyIMq77hksRlyoCKSd4Cx1HmikosH%2BpjC7XDuT67SqcykFiDkDuRBRbKJVJShTG3tnORSBWOiNYVC8p5qfMu3L4BzYQFue0Tc5Ul%2F%2BOU8eXamDcLlxPf6kmnJhrhbTt4rXCNEHtrhK"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f7e9948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
flag_it.svg
www.signal-arnaques.com/images/langs/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/langs/flag_it.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d325f1aab44d2af2bd71e98b737c4f94e2a8edbea86f5d0d48f679ed0f03c6cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-78f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PdWx5NiwdXFXamTBPqOvV8IFd2aUAfPOhA1nM8WPK2nv9ZBe7u0E9LxcecY5ghRwjHxOWSsXOyGWDwhzilhHh6NLom4Bbi56r3SccMpCLQ9U%2BEA4qzZglDUoVDra46o9avnfSzqLA%2FrodT8%2BfeqlqpihukJ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f809948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
flag_de.svg
www.signal-arnaques.com/images/langs/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/langs/flag_de.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2abc7956f71a1f5f777b79ed188bc1cfa5755dc42b853ee5361f7e93afacd93
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19460
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-757"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npM1N55%2Bg%2BWP5gHOKEyyZ20PE2CYyQBZG%2BMvO6QbPTcpebGFUAbxyKXdVGR6HtZXqxiIRv0ZPjCeRPMoPP1cTcQdW6bTF0mO7vUoD8yuT0d9Snk8S90u0ReMxLHjHmjKdPWx2gfYKYa7BJKNO4rEfsUxx%2F7Q"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f819948-FRA
expires
Mon, 02 May 2022 00:59:52 GMT
flag_fr-ca.svg
www.signal-arnaques.com/images/langs/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/langs/flag_fr-ca.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3339a037c6b196febc6d8e25b3c1e1a827b97b75d5651e6923fd365f749029
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19460
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-1e1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6gZIMgG0TiiD56Iii2ubp0cskocSqRtHPyZ3%2F1bmU5XIrdw0gBR76KEPCVg3eldCneNurCMLORMzq7tcAMm%2Fy%2FTKcqvZD3ffQB8qxRpnGRNscLd80QADyw4j3sHKn2NKnCgaaQT7J6xytQ1iyI34sfFCcAO"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd75f849948-FRA
expires
Mon, 02 May 2022 00:59:52 GMT
JsTrans.min.js
www.signal-arnaques.com/js/JsTrans/ 		1 KB
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/js/JsTrans/JsTrans.min.js?v=1651382726
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ef190ca9f8e3c2d5a123cc472f89c4762cee3b6028ecb926294181f6ec32eb1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e19c6-558"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhnIzvFrV%2FTh11HbUKxJeeMmMk2%2BEthoyX9MesW%2Fa%2FxHteKqpiQnnmdtkFOOCWtfb%2FdIeGa0fHKQ7gAJ6WdGOI5gKxIXeYk2N%2BVgOswDLjPS4hUL%2FvaNl5FFGsd15WUJ%2FyL%2BVxIw6GKCPogwIdyTw%2F12dl84"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f429948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
JsTrans.dictionary.3fa048a08e.js
www.signal-arnaques.com/js/JsTrans/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/js/JsTrans/JsTrans.dictionary.3fa048a08e.js?v=1651382922
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
860cf7e9d84b13646650e2c3c0a832975ba3d530320a0f20724e8851df887cd4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20980
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a8a-1878c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHtlbI9eANBrA5i1Snb3G8Dx4DGXBpYfTpnw7H96yq995SdfzFXr2NAZiyRN6zj1U7ZshfM7WFJdfTxBwbcIL1SVYoobB%2Fef0yBhEYAzB7Kmjm3MTBTwlhuK5cNlFje1tFbYqNS9Zz1rflS2RY96fC4kBeMP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f449948-FRA
expires
Mon, 02 May 2022 00:34:32 GMT
js-view-result.js
www.signal-arnaques.com/compiled/js/ 		502 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-view-result.js?v=1651382860
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b14448b1c2ef09954debc5d12004faf4f5b71c922457e73c854bbcee5827e81f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a4c-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX%2BItsKsCLqDchsRMeLUAEDWsoIAO2EnoB74%2BxhNAHFJwXGTZfMkqTJa%2BJhqFg3H2aFR3qoX3N76nElaaaCdZskeyBpPp7mjazOT751a%2F6uBKtViwoMH9RlgIFQyFqgXVsI9X31Y%2Fn1fk7Bxly2hIuAImmWx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f459948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
js-scamgroup-result.js
www.signal-arnaques.com/compiled/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-scamgroup-result.js?v=1651382871
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640255a01451e54d9cd87939d4c7e958d82a672db5ff8fa4958ad07a44b90a9a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a57-190a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jISTik2vDrULTT0vMw2OOORvuR44o8W%2Fl3hP2xB7udRR%2B9Obavpp%2FpI56%2FB63Ij54sveHiVuf2wo2cnjZb9YN0rR4vGMvBAD1c2CFNZG9fsQYd6smyReb%2FKeMLlHarkEgVS8aHcAVzqnmzSQES50jYZrNjlU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f469948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
js-scam-comment-result.js
www.signal-arnaques.com/compiled/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-scam-comment-result.js?v=1651382878
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fec363d2a76d9f58f483c133df9bb8e5038f97a00b3b34fa6649b8358b2d880
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a5e-37df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHnwD5uGiI%2Fh9GcSQuFNYpQ421zlCTeP0k%2FoF1YyW%2BA%2F9ADurwqaxxZWpOtQyygs1F7opTR4go1Nj4Fy%2F0j%2BOfLYdBO7PCGLeujcOh629CjpO%2Ff3E6P7s%2BDHuuT6YPBMJFlKJMpPn7%2FovdZT4b1LhOPNOuBZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f479948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
yii.js
www.signal-arnaques.com/assets/c8e1f9fd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/c8e1f9fd/yii.js?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-51c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9q2cpszJnrb17QYMS0sNV51ddICzNlfCxbsC89RK8rVbYpbyrYbtLm4Q27CCJHrb1sjM0PzoPvjMOIxH3d0kl7UX62JWx4DTZRUK7QQ1foqAVN3GXBGUNwgj0Nkv7hBeDkm4YAWCxIWk%2FmTGKXp6wcUJQbP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f489948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
messageWidget.js
www.signal-arnaques.com/assets/8478ea70/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/8478ea70/js/messageWidget.js?v=1651451052
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4298d4a277561300fa5a6fec531ade995060f05861146c23962f1296eb4451a4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
last-modified
Mon, 02 May 2022 00:24:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626f24ac-731"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cH3lms7H%2FfVfPSsoJmdWBaypGfzSfXtYFiJ5oKzFvWopGOLXzZrDCKXQ8p2ch3X8CStjFEh4lyLVvjVb4ozfNPfSS2yc3hiF6dKntXS2XqxGB58FEWN0mHeGTNkCth2BJjwJiTI4Pie3tTRix%2FOdp%2Frq6rB7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f4a9948-FRA
expires
Mon, 02 May 2022 06:24:12 GMT
jquery-ui.min.js
www.signal-arnaques.com/assets/2698a9a1/file/ 		232 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/2698a9a1/file/jquery-ui.min.js?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d54fe6aa52ab9e16aee43b110f24af75e37c690b512a4e61676e88f943b7b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-3a0ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXfwazXPeXYNpXnW%2Bzb0DS3ye%2BGRFPEaDoxanszr2kTYMJG2uo%2BJV1pCKoFzAyjNZK86J%2BEdO2bMtIfyqU8VOpE1do3HR7fN%2B%2FmqC5NGuH3qQJ9iembydAmbEmRn0J8zYtRwX3ytkl7wG5oBHZlSHJ4j0XCl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f4b9948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
jquery-ui-no-conflict.min.js
www.signal-arnaques.com/assets/2698a9a1/file/ 		233 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/2698a9a1/file/jquery-ui-no-conflict.min.js?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe03bf13b713fc2b1391519849061eca2bdffc656b88b0f1d815ff2756c1548
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-3a2d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqb80rstzyZk6J1W1U0vP2K5BBNQxnddYMsxssDvBzf3fb69Xz%2BPiLrvikMnhSPqA3h3t2ft6%2FPrVnzcB3tlW6%2BTW1xkpdLO0r1RrgXzkxJD9Gl8Fl6vdkgEtvWr8KDC64pCGzzCeSG25wwsUqyZSYwEFiN6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f4c9948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
jquery.ui.widget.js
www.signal-arnaques.com/assets/2698a9a1/file/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/2698a9a1/file/jquery.ui.widget.js?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e8e547f9e22aab4a2359a41b0f909ab28660e41958aa6da715e239498ee094a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-3d71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xdbs%2Bp6FCpofRgOmxgqhd9%2BoknUa2vCUJzRj3j4znafJQSO%2FoTJDegkXQE4VyZwflbCuAAEDjI5Rsu9Wr6dCzXUpYS810Rb7ENy48CFuIVQLWnXYQ3l%2BtRcqwxkkgR4QMA4FI6sQgMNHaLAErlMo2sKYzKn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f4d9948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
jquery.iframe-transport.js
www.signal-arnaques.com/assets/2698a9a1/file/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/2698a9a1/file/jquery.iframe-transport.js?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dca430eb7b398c1eae4bfc9e99c5666d7ae47cff06ee93e79be1e7cc80d9a1fd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-2091"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGcTWw8HpijEMS5HyOLw%2BBWI6IPCvx9S7sBSCPiJXjAj2INoaouGgzaP1hpoA3V97brssBhDb8Eq%2BlW0S6XmWzUxVz48GBmxuaF0myMj%2BoY3kDrZbyfT4KTa2ZH4lWHo%2BVf2qh2n1EQqLWJCkdFjzLuC%2BL2a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f4e9948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
jquery.fileupload.js
www.signal-arnaques.com/assets/2698a9a1/file/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/2698a9a1/file/jquery.fileupload.js?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2daac3e66b40750af85494e003d4a14350eda3b065c4b6f681f0e7b480ae995
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-c1a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaASTqQmgJ9pGwZzPEoPkV%2FyBkC%2BJKHXRFcA6fJUEVjr1SxWPhhOk0KpqSd%2FLuICCE3W1Z1ymboe9yhQ0mV0P%2B1fNyYeXaN6sVeBb69ZlJYYwMDPsk1n%2BLeT1ydtqBdNqZf7jfkh5x95iBDqfmfPkyXtVd79"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd74f4f9948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
addCommentFile.js
www.signal-arnaques.com/assets/2698a9a1/file/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/2698a9a1/file/addCommentFile.js?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09099a5f6b8add7e52a39b8ed5850ad8093363748c20ec59859e281031522f8a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-240e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwconAUkXhhYvwPWQOOVxwj0FBMiz3WeNeuvR7Vp52ftipdOxIJR7xDhj%2B5btqwkGjvlQKcFOWzXXG7V6QMLDJaDqe%2BmtFoWTKDmwP4rUPhYy1EPOJzVSLWAIG%2BkVVfEAhph6fG%2Fg90Mw7FjeT9bKtjh7L3S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd75f509948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
experienceDate.js
www.signal-arnaques.com/assets/2698a9a1/js/ 		1 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/2698a9a1/js/experienceDate.js?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fdf6263d195011f19590877d752b8eb68941b7fa039202314b8cbd536604f69
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-574"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOeqf9oqGIP8C9d%2Fsjk486XK2hngoozKEHO%2FaWc2SijxT68KE9ZAzBvV5xjU4WD5wJojQtGgKhS26h5y4HUUFhmF0a4i6nl8Ty5tXw2xhOT5fd7HRso6qsm0GuCkmQ%2FA74%2Fc9vRXcFiJSa%2BojETHlEh6ePm2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd75f519948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
yii.activeForm.js
www.signal-arnaques.com/assets/c8e1f9fd/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/assets/c8e1f9fd/yii.activeForm.js?v=1651382917
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86414ea5538d5f21da467f12d2334388a419e87dd0cc35b87469c7623c56a2c3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:28:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a85-9044"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yx504R5muu5VxK%2B0CAz5sFANpJ9tMyRkvMQ018u7Lf6OHqsD%2BbmcwP6qllYyHLsXrnHx4TXLxZKdJlEUpIUQv8KNPT9%2BKlEbmKt6gkOvRNTYopoU3%2BZiWJOFmG9jLGxLsx7gFhUaPGy5ouLVVsTylpRrPe4n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd75f529948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
js-comment-report-result.js
www.signal-arnaques.com/compiled/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-comment-report-result.js?v=1651382864
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49b7a72d983bd847c260bdbbf237c7dc4b8362e48c21d45aa0335aec8a80e56
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a50-1655"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JemMe7IZNjCW890ACFQOvkjsPW1bOhij2SSwwM5mSEseBhgX%2F7GaOWKqRjIzzAxJcNwhHEYjvKHozcTkSXAYoL4%2FUD%2FV8r5qLGNm3NIeCXlHXjdUKoHLkyMZOdjTuVlkBNnDX64hjhrwOjnMXQyzi0qzckLb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd75f539948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
js-report-activity-result.js
www.signal-arnaques.com/compiled/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-report-activity-result.js?v=1651382862
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df2375a2d624011a6fc983d2c6adf82874334cc2b47e0a1fe4af32de2a46e3ff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a4e-16a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyoAPCshemWi8Edv73GJAPbu0VQj0gUcLKbYbxJCCl2b1KQe90p%2BLD%2Bgqx60LIA6bm7MKlpl5h%2F0aQ%2F8U9QA4Sn8N827Bs8IW56IjUc0DDbr2EFlwpIx%2BE1nZ%2BvDXLrDXFuxCQgr7CGnktl3jHpQlAWLU%2BOK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd75f559948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
js-end-result.js
www.signal-arnaques.com/compiled/js/ 		53 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-end-result.js?v=1651382846
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
158c79f8f043da4ab01133ab8a46a6592a46cf370d5e38e025bc6435a9c06c60
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a3e-35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hTBAtQ2ZL0HWPgKyM43Fe1xLJe8e2QPIZlatnhcNJXn0bXlsjndKREdDM83l%2FyloEvhgTAgMLqyPT8g%2B78z5e1s6eJr%2FizwUNvfVUZ%2FP%2BF%2BflbLc4W9MDmKuB7PHFbt4oH6MhGe9qxN8VawYXiXNOvNLSx5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd75f569948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
js-async-result.js
www.signal-arnaques.com/compiled/js/ 		127 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/compiled/js/js-async-result.js?v=1651382845
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
664f6f43724648146281333fb952f724da7bc00bd9af19606a10f7eca8b38672
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:27:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"626e1a3d-1fd99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjyNm9iovqqbhpl8rPTJOz6YFeE%2FU35UHlOcKlSHBKhtq51%2Fs4qZMvYZTY%2FYuERfa9iEif%2BEsrN5o8fV4%2B9sRuA890SrVsckyXYoYP2RxgM6CiHGW4XkIwF%2Fzv2ZYS21smfDUQkHVkOFkk0AaTpiJK6iS%2Fq5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
cf-ray
704c9cd75f589948-FRA
expires
Mon, 02 May 2022 05:42:45 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.signal-arnaques.com/
Origin
https://www.signal-arnaques.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
704c9cd76cdd9a2a-FRA
choice.js
quantcast.mgr.consensu.org/choice/9-P16wfWE_fUV/signal-arnaques.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/9-P16wfWE_fUV/signal-arnaques.com/choice.js
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30b9565d98805ee20815261ecaee264cc816dbf844e5977369b9927fba0fe312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 02 May 2022 00:23:59 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 08:39:11 GMT
server
AmazonS3
age
14
etag
W/"ace767ef0b3eb2873f0c6aecc15c2c2d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
0BVUm7h9QrQxG5faGPgHpadkL8MHS-heHho_tyitKXo83XEerHlalQ==
gtm.js
www.googletagmanager.com/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W2ZVRRC
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
501d101ef7e1a0b3c7e74ff1d5c497b5a8b5ed3a32956b326846beff9d359c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42514
x-xss-protection
0
last-modified
Mon, 02 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 May 2022 00:24:12 GMT
sa.js
sibautomation.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/sa.js?key=dgxmhmwk8udarp0eqgm3yuk8
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
34bfb1c53f424622eaeb0088d84f3b25fbc4ecc69ed4c4f56cee6c686a1f1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
11208
x-powered-by
Sails <sailsjs.com>
x-xss-protection
1
x-sib-server
SENDINBLUE-web1-2
cf-bgj
minify
server
cloudflare
etag
W/"299e-Oqdc/sHyy3ZjpqcfAHh17A4IfJQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-polished
origSize=10654
cf-ray
704c9cd79df79a39-FRA
expires
Mon, 02 May 2022 04:24:12 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/ 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8416474909997810
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
386a9e19984d1c4474f02a0acdc25516d40dc88527adbaa37a222d874f86734e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112663
x-xss-protection
0
server
cafe
etag
13801539627492164391
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 02 May 2022 00:24:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/ Frame D407 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8416474909997810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6672
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 22:33:00 GMT
etag
3347421328414474149
expires
Sun, 15 May 2022 22:33:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
nginx
etag
"604b9fc7-981e"
x-hw
1651451052.cds010.fr8.hn,1651451052.cds120.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
16267
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=87059&f=2&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 02 May 2022 00:24:12 GMT
Server
nginx
X-IPLB-Request-ID
B2A2D182:9ECE_36264064:01BB_626F24AC_F193D85:2028E
X-IPLB-Instance
38432
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
447ca3a97e3cf55835cb3034b55810b1c6f63955776190d00281f53069b7090c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
30788
Expires
Mon, 02 May 2022 00:39:12 GMT
sync
gum.criteo.com/ 		49 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1507
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
CookieSync.html
csync-eu.smartadserver.com/1097/
Redirect Chain
  • https://csync-global.smartadserver.com/1097/CookieSync.html
  • https://csync-eu.smartadserver.com/1097/CookieSync.html
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/1097/CookieSync.html
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
HTTP/1.1
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

Location
https://csync-eu.smartadserver.com/1097/CookieSync.html
Date
Mon, 02 May 2022 00:24:12 GMT
Cache-Control
private, max-age=86400
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
Expires
Tue, 03 May 2022 00:24:12 GMT
mapper.js
spl.zeotap.com/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cf-ray
704c9cd7da15904f-FRA
date
Mon, 02 May 2022 00:24:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:12 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
B2A2D182:D0A6_91EFC133:01BB_626F24AC_E518538E:17AA8
ETag
"6167dbf8-15ab"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame 0F6A 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1651451052742
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 09 May 2022 00:24:12 GMT
px.js
p.cpx.to/p/12769/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12769/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.62.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-62-190.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
59fedc3a485206b15c05de2a30199f268c05d5860fa9b642b1124f92f709b4ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:12 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1769
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-183.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:19:07 GMT
Via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
72305
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P6
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
dl4gXeVlyo60-bjU5DOTHNm81GSQkyP0_f2U0vGLVEO6cxNs5uhzTw==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:12 GMT
Content-Encoding
gzip
Last-Modified
Sun, 01 May 2022 23:30:31 GMT
Server
Apache
ETag
"9023fb-930b-5ddfba95edb22"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=644
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Mon, 02 May 2022 00:34:56 GMT
prebid.js
ads.themoneytizer.com/moneybid6_13/build/dist/ 		657 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
966ebda03f5ece17fb50895816842ceb3bcff62573e45a214a40d1d64f22005b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 08:51:50 GMT
server
nginx
etag
"622081a6-a4431"
x-hw
1651451052.cds010.fr8.hn,1651451052.cds148.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
200349
star-16.svg
www.signal-arnaques.com/images/ 		591 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/images/star-16.svg
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/compiled/css/css-follow-widget-result.css?v=1651382884
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
423ce3611f9b062e2ed88157e935fe28130edc87ccd6bef5b750faab7e24d249
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/compiled/css/css-follow-widget-result.css?v=1651382884
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18674
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-24f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnN7B3tTzAUbRg8jG4cBiuPrMX5aZ9PbdhXUAd%2BetzkaUKGwOYa%2F6mkXzVuDQdllS2zHM6iFmhfTJYQZtHm7%2FeKvV2dwRAao5BToDofw9TZ6J7jCBMTS8RoJJstplRvVBvo6CYB7%2BR96M7asQpyVxV0cboK9"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=21600
cf-ray
704c9cd8482e9948-FRA
expires
Mon, 02 May 2022 01:12:58 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=signal-arnaques.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/9-P16wfWE_fUV/signal-arnaques.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
798f5481a5a9a77bdd05e6949f9ca2f61cf3957fa191a937bb99da277ae8802e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:08 GMT
content-encoding
br
age
47
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 19:50:09 GMT
server
AmazonS3
etag
W/"e052ac178cc7dcc4cc089dd0184806fa"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
qmjRGQ4eN7BSsKZncieqjNEuXJdPvk7aY4CJAJys9vUFpACXhbXFkw==
cm.html
sibautomation.com/ Frame 8B3F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?key=dgxmhmwk8udarp0eqgm3yuk8
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=dgxmhmwk8udarp0eqgm3yuk8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
70e05a2b1f33e3b3c0553a5ae231e9626862a958b7369ca57be2b9cb8fefb287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
7115
cache-control
public, max-age=7200
cf-apo-via
origin,host
cf-cache-status
HIT
cf-ray
704c9cd86ede9a39-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 00:24:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 02 May 2022 02:24:12 GMT
last-modified
Sun, 01 May 2022 22:25:37 GMT
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Sails <sailsjs.com>
x-sib-server
SENDINBLUE-web2-2
x-xss-protection
1
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d6acf823e1219151aa9ab83d8c253a5fd35923843bcb9e110180b67a27e46330
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
h5pq1xUpOnJ7Z6HtFq2fNQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 02 May 2022 00:43:49 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
v1AuMjDMxNkiA+xz3dMioQOrcOFJr1aPRjDXAsl24cUDR7vjMDYuEtIwh7yK5ujFukYsKAuvwSyJS5NcGtoZ+Q==
x-fb-trip-id
686109401
x-fb-content-md5
c7c7d7790f5a8f33f8cdf24c6d9118a8
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 02 May 2022 00:24:12 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"126dbc475f516fb20d484c7babaf6423"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1422
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
29461
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 12:38:34 GMT
Server
ECS (frb/669F)
Etag
"f1369725ba22125b0df0251e74090aa0+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
/
spl.zeotap.com/ 		2 KB
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4791e11b26a06555f032c553cc2faedae3a175ea0901d55289c9c967201aae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cf-ray
704c9cd87a9f904f-FRA
date
Mon, 02 May 2022 00:24:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
recaptcha__de.js
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ 		363 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.signal-arnaques.com/
Origin
https://www.signal-arnaques.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 20:04:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146779
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 20:04:03 GMT
identity
api.rlcdn.com/api/ 		44 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
rid
match.adsrvr.org/track/ 		63 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
10ba9f0948782ff0173005188e6bcf75b34618b3633285d1228ed96d17697185

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 01 Jun 2022 00:24:13 GMT
optimize.js
www.google-analytics.com/gtm/ 		117 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-PDSKCKT
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2ZVRRC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b66aba6530a4275574fb199306a40682adee1ec1ed255e5f3df0f3c4504f40b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41874
x-xss-protection
0
expires
Mon, 02 May 2022 00:24:13 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2ZVRRC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
304
date
Mon, 02 May 2022 00:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 02 May 2022 02:19:09 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:15:05 GMT
content-encoding
gzip
age
549
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
svxv2-Ep-gkBpKv8y1-OWdOBgINVE9bjDv0E082CvXK64fnX7fia5w==
rules-p-9-P16wfWE_fUV.js
rules.quantcount.com/ 		2 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-9-P16wfWE_fUV.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:56:54 GMT
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
server
AmazonS3
age
1638
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P2
content-length
2
x-amz-cf-id
KQUiQVb9AQqd37kzi-VsHvTeFmubX3TjfERLmkIan11kzf1QL3i1rg==
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db41456fe-dbf9-403a-6ac2-0be5dcd38...
  • https://mwzeom.zeotap.com/mw?adnxs_uid=8646490127283099469&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?adnxs_uid=8646490127283099469&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cda0bee904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:13 GMT
X-Proxy-Origin
178.162.209.130; 178.162.209.130; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
78c8f377-d273-4c68-8380-b043f6d4277d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://mwzeom.zeotap.com/mw?adnxs_uid=8646490127283099469&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGz7V_ExNRlPiz-DCK58ayY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGz7V_ExNRlPiz-DCK58ayY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cda1bf1904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGz7V_ExNRlPiz-DCK58ayY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db41456fe-dbf9-403a-6ac2-0be5dcd3882d%26reqId%3Da7db4833-593b-48e0-7ee6-851b390d7a9d%26zdid%3D1258
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=36330359507202384782875764095815842546&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b39...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=36330359507202384782875764095815842546&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cdabc7c904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v031-09da8f8aa.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ToQSlPAxRFg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=36330359507202384782875764095815842546&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=nESLXsIstfvm9fyvlVpKA6iGyO2nrEQd%2BS41iYitP1U%3D
95 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=nESLXsIstfvm9fyvlVpKA6iGyO2nrEQd%2BS41iYitP1U%3D
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cd99b81904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=nESLXsIstfvm9fyvlVpKA6iGyO2nrEQd%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Db4...
  • https://mwzeom.zeotap.com/mw?cid=2d9a626f-24ac-4500-a3f3-a31d829ea435&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=2d9a626f-24ac-4500-a3f3-a31d829ea435&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cd9fbda904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 02 May 2022 00:24:13 GMT
Server
MT3 4363 5e696a4 master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=2d9a626f-24ac-4500-a3f3-a31d829ea435&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=b41456fe-dbf9-403a-6ac2-0be5dcd3882d&reqId=a7db4833-593b-48e0-7ee6-851b390d7a9d&zdid=1258
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 02 May 2022 00:24:12 GMT
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=87059&f=28&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:13 GMT
Server
nginx
X-IPLB-Request-ID
B2A2D182:9ECE_36264064:01BB_626F24AC_F193D88:2028E
X-IPLB-Instance
38432
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
geo
rbx
list
www.signal-arnaques.com/comment/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/comment/list?scamId=388341&type=scam
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/compiled/js/js-head-result.js?v=1651382840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
639e668bd672ebb1fd41335a13895260cff202be6cc898ba43bf4b622a49c87d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.signal-arnaques.com/scam/view/388341
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxLDY%2BCXrirnETITdPS3VXLm7phvgZBmGpwjqfM7aYPKmE56DdSHTtVud8bqJuucbnqphnvJnzBkoouvUF7XNVUlDksyLdrS6n09E8FWrnReji3LKD8cAfGsVRW6EQgHLVqRs7z57CBV6bdLKAQbtzURlY9H"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
704c9cd938ed9948-FRA
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
gettimezone
www.signal-arnaques.com/coreutils/date/ 		36 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/coreutils/date/gettimezone?offset=0
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/compiled/js/js-head-result.js?v=1651382840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2a3c83a4e309f316638a86dc8513056309daa032ff6c587fbe753c4a48f4b3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.signal-arnaques.com/scam/view/388341
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWn2xG2i5lzHmStCEV5tPEw7%2BBUFQFkKPK6WZ60aqxWEpXY8olhODkZLEaKYFFTmqYnKgEMS6XRLxcE%2BzozZ2jFWAqZtfAlhjf%2FockTBY39YGg32AxWAdUd1HCnXuezF50CPFwoCNdtfzZxID0Dd0kQEcv8n"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
704c9cd9792d9948-FRA
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 8B3F 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=dgxmhmwk8udarp0eqgm3yuk8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://sibautomation.com/
Origin
https://sibautomation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
704c9cd99eea9a2a-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 00:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 00:01:12 GMT
list
www.signal-arnaques.com/comment/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/comment/list?scamId=388341&type=scam
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/compiled/js/js-head-result.js?v=1651382840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
639e668bd672ebb1fd41335a13895260cff202be6cc898ba43bf4b622a49c87d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.signal-arnaques.com/scam/view/388341
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7Y40OuB4txCxBuZESFxyBdam0y7h2F4tVGCaZrTTMD76PDSjJ7TfToOY81I0EUIZVYM%2BuePO4IuMebGI81wOZeISFO%2FucnjQoxdRbWQpsGxstnI5m3Z2cMNMxfDJ1TQv%2FeAhg00vUhkxHSuqt2xqTjtOpde"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
704c9cd9a94e9948-FRA
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
circle4.png
www.signal-arnaques.com/dist/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/dist/images/circle4.png
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/compiled/css/css-head-result.css?v=1651382840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcad4183569becced18ffb22a088920f178e130ce3eaff9971f4db28d06caafc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/compiled/css/css-head-result.css?v=1651382840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14418
content-length
2625
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
"626e19c5-a41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVFJX5jzzyrFx%2FYjHmTEnojjDY0VawIzH%2Fe2bt54i8C1sFQhWqCz7zrH5nU4SoMzR1ia%2BZdHWwmkwYA6L83suc03pw1fxRwiiCdV%2BbTlIU0MTd02j4b8yofKHXn6RdfyWJa%2FhZLKjGGDDZ7XNjOGrqbITlH8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd9a94f9948-FRA
expires
Mon, 02 May 2022 02:23:55 GMT
thumb-up.png
www.signal-arnaques.com/assets/c0380339/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/assets/c0380339/images/thumb-up.png
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/assets/c0380339/css/vote.css?v=1651451052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b915a29cada30935bea7a9708efd2a792c8c3c5866da99fd296b84057792f9ee
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/assets/c0380339/css/vote.css?v=1651451052
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
content-length
9993
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 23:42:46 GMT
server
cloudflare
etag
"626f1af6-2709"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=597GYGTlUoLew5wYbg0GNdUSi%2FJQaIj8QEYtIp%2BLNcqm2jRMTFv8lFwv6xIO3Vu01v08ah5P6ifdLpiywjiwW0TjG4vcHVNtHnUenbO3IU05uV8wMR8y2P8dYsYldb1%2BRK%2F3KSmOytvElXmZ8DwVPusM73Js"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd9a9509948-FRA
expires
Mon, 02 May 2022 05:42:46 GMT
thumb-down.png
www.signal-arnaques.com/assets/c0380339/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.signal-arnaques.com/assets/c0380339/images/thumb-down.png
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/assets/c0380339/css/vote.css?v=1651451052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45ee5f637266ee5aabed8a381549bef77942e784b650e0fb4056c424a62e84f3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/assets/c0380339/css/vote.css?v=1651451052
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
content-length
10424
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 23:42:46 GMT
server
cloudflare
etag
"626f1af6-28b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3r7%2Beh5wORWelTMpG8vlGL%2BEd0rrI%2Blw0CIr8yeg%2F8vc7cV50xdbC4OToLkcRP4VDm%2BRmh6xw8Qb%2BiIOtlODL5Gp%2BCnx%2B2hvya96K7Y%2FL9ovtP%2BSWQ7pcFzP%2FNdxx7SlSQpEMxpj4Pj2FJDJq0ZhYmYcpQ1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=21600
accept-ranges
bytes
cf-ray
704c9cd9a9519948-FRA
expires
Mon, 02 May 2022 05:42:46 GMT
glyphicons-halflings-regular.woff
www.signal-arnaques.com/dist/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/dist/fonts/glyphicons-halflings-regular.woff
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/compiled/css/css-head-result.css?v=1651382840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.signal-arnaques.com/compiled/css/css-head-result.css?v=1651382840
Origin
https://www.signal-arnaques.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2487
x-xss-protection
1; mode=block
last-modified
Sun, 01 May 2022 05:25:25 GMT
server
cloudflare
etag
W/"626e19c5-5b18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41Hf5A7Bcuq0T9iAjpJkuWQi6w8%2FXMAJ3wuq9UNom5geoXVv%2BBxTrVWHpTNkYP28O%2BBYJXqo06OQ%2F1u0%2Bd2t7t%2F7XtqCXDdsgrpX5kwj%2BNXmjcVhPIvDiElBW3mnSMraiDx0R7az67vpWw1GMXQmf4nheGrC"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=21600
cf-ray
704c9cd9a9539948-FRA
expires
Mon, 02 May 2022 05:42:46 GMT
global-consent.html
consent.heretic-sas.com/ Frame DBD8 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.heretic-sas.com/global-consent.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=signal-arnaques.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:805f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769d077eaba2e0219995cd3172a1d566c136dac4dc521131a6660591de0f2557

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5498
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
704c9cda0ed09b63-FRA
content-encoding
br
content-type
text/html
date
Mon, 02 May 2022 00:24:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Mon, 06 Sep 2021 11:39:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLrQ74SHHNDGovmI8nOKdRu2BY6iCs3qvGe%2F%2FYyBBDIV9SSsUBnGLjMFZRHITbcW1ss%2Bo6ImbsiVs6zp09dRr61bzI%2BEgk24I%2FwqPEbbizeUGAqP1tu0m3psEpJfqx05cS9z2vh9HGY3ouILbWW41pEr7rvJHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
localstore.js
script.4dex.io/ 		483 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1763103
x-amz-request-id
tx6e6f1dacee994dfb86df1-0062543d8e
x-amz-id-2
tx6e6f1dacee994dfb86df1-0062543d8e
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ak0N5BI0LmHTxgxVca0kU4JJG5YLar2I09e8qwqKDLasDJd2MZ6%2Bn01TAPchbhq2VnS8%2B13h1YqcFpVL%2Bw3z8g32tvL01pZRC%2F9mWWZ5vLoG0CE%2B9IX1%2Fz0bL7A7mVNpl%2F5SsjdE%2B8Ajy8jJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1649687875786561
cf-ray
704c9cda0c925c6e-FRA
s
kvt.sddan.com/api/v1/public/p/29567/d/50/ 		0
0
9.gif
id5-sync.com/i/12/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.45 , France, ASN16276 (OVH, FR),
Reverse DNS
p39.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:12 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
image/gif;charset=UTF-8
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P
CP="CAO PSA OUR"
cm
in-automate.sendinblue.com/ Frame 8B3F 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.sendinblue.com/cm?uuid=fe215923-9cd1-4f05-ae11-7da7d122996e&key=dgxmhmwk8udarp0eqgm3yuk8&cuid=a7f34478-5c92-4488-8c22-e59cc1413731
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=dgxmhmwk8udarp0eqgm3yuk8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
704c9cda1f369290-FRA
sdk.js
connect.facebook.net/en_US/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1165587d1dddbf63a83d886fe4346e3f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b9d125f5d40691fc63dcdd1017f4a61c243893706421e07e535aa79eb079c81b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.signal-arnaques.com/
Origin
https://www.signal-arnaques.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
93IFL9OPEWaV6ZQd8MmZqg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 01 May 2023 22:48:05 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82882
x-fb-rlafr
0
x-fb-debug
c1aNTJW33QIzvDLE3KOd5nmiLYbebEutUUD+1t57t6iIxNdCGCI3QwKEXZ7ety1kULnjSudxPUir2x06jLrY2Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
7bf01dc34fdc80fcf5ae24c321a8c293
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 02 May 2022 00:24:13 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"496eed0894b452899e9bea10f47c2600"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html
platform.twitter.com/widgets/ Frame BEE7 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.signal-arnaques.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
957555
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Mon, 02 May 2022 00:24:13 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 13 Apr 2022 12:15:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D4)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
pica.js
www.signal-arnaques.com/cdn-cgi/challenge-platform/h/g/scripts/ 		21 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3399db2787956cf92c105524a23dd5bf9588eebc406a7bac06017659d7b73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/scam/view/388341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZQMEkiGorDPFP411JZmQdG3BIAIWUcBwdvnQ0lPCwFvSnaAsmqhRzG26tVHy3QqNCKoDnX2fZVoGzTseCXyaiQr8mxbT8nS47A39eNxX%2FgyEkMhDGaTrqy3AiT8qTa3B5WRjHyBuFkuHC7VCRwE%2BSdKoJfV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
704c9cda099d9948-FRA
fire.js
s.cpx.to/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12769&ref=&url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&hn_ver=40&fid=3a652964-675b-4063-973d-3f49cefab4f9
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12769/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.48.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-48-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
41e9617e86ff8016e7b8db4db16ce0bd4b78d5ec953b02908fb7be109f5cd8c4
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 02 May 2022 00:24:13 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
1038
Expires
Mon, 21 Mar 2022 12:56:56 UTC
headerstats
as-sec.casalemedia.com/ 		0
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:13 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[178.162.209.130], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.signal-arnaques.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Mon, 02 May 2022 00:24:13 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=426141358&t=pageview&_s=1&dl=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&ul=en-us&de=UTF-8&dt=www.mondialrelay.com%20%7C%20compagniemondialrelayexpress%40gmail.com%20%7C%20Site%20internet%20frauduleux%20%7C%203%20commentaires&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=fL5ZZOxfTq2-ZL2YPrqOtg.3&_u=aEBAAEABQAAAAC~&jid=1052598127&gjid=280369519&cid=1551782448.1651451053&tid=UA-52231022-1&_gid=303006075.1651451053&_r=1&gtm=2wg4r0W2ZVRRC&z=116204090
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 1C3E 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B&co=aHR0cHM6Ly93d3cuc2lnbmFsLWFybmFxdWVzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=normal&cb=rs6j9ymr5fbm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aaf2ce6fd423685fb4437b508879dcb8c6e145ab61e261da21f3a510b591c363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m/hRaJRRqHiXlWw9POTInQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22840
content-security-policy
script-src 'report-sample' 'nonce-m/hRaJRRqHiXlWw9POTInQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 00:24:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel;r=861752212;labels=Categories.education;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341;uht=2;fpan=1;fpa=P0-1160041930-1651451053402;pbc=;ns=0;ce=1;qjs...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=861752212;labels=Categories.education;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341;uht=2;fpan=1;fpa=P0-1160041930-1651451053402;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;us_privacy=1---;ref=;d=signal-arnaques.com;je=0;sr=1600x1200x24;dst=0;et=1651451053402;tzo=0;ogl=url.%2Fscam%2Fview%2F388341%2Ctype.article%2Ctitle.Attention%20Arnaque%252E%252E%252E%20Partagez%20!%2Csite_name.Signal-Arnaques%2Cdescription.Arnaque%20suspect%C3%A9e%20%3A%20www%252Emondialrelay%252Ecom%20%7C%20compagniemondialrelayexpress%40gmail%252Eco
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=867943051;source=choice;rf=0;a=p-9-P16wfWE_fUV;url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341;uht=2;fpan=0;fpa=P0-1160041930-1651451053402;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=867943051;source=choice;rf=0;a=p-9-P16wfWE_fUV;url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341;uht=2;fpan=0;fpa=P0-1160041930-1651451053402;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;us_privacy=1---;ref=;d=signal-arnaques.com;je=0;sr=1600x1200x24;dst=0;et=1651451053404;tzo=0;ogl=url.%2Fscam%2Fview%2F388341%2Ctype.article%2Ctitle.Attention%20Arnaque%252E%252E%252E%20Partagez%20!%2Csite_name.Signal-Arnaques%2Cdescription.Arnaque%20suspect%C3%A9e%20%3A%20www%252Emondialrelay%252Ecom%20%7C%20compagniemondialrelayexpress%40gmail%252Eco
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
sibautomation.com/cdn-cgi/ Frame 8B3F 		0
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sibautomation.com/cm.html?key=dgxmhmwk8udarp0eqgm3yuk8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/json

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
x-content-type-options
nosniff
server
cloudflare
cf-ray
704c9cdbcacf9a39-FRA
x-frame-options
DENY
invisible.js
consent.heretic-sas.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame DBD8 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.heretic-sas.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651449600
Requested by
Host: consent.heretic-sas.com
URL: https://consent.heretic-sas.com/global-consent.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:805f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74dc28ec5035781538f06a092a653d86792805e065717f08fad9039a615cbf3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.heretic-sas.com/global-consent.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQCVWFg0ss%2F%2B9o2yfkMgwg%2BlEl61qQjMmCIvTZud7p3AHZ0wT%2BlXaalpA%2B22WAst2NpgaGVDxV1v9vAdyZL5I0a%2FNb41eVbDWIVCxEGtMnZyb9uw%2BOl%2Fmh660EK6Fm1otmwSDl1%2BCrmIZGq%2BgotFvqv66Oa4og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
704c9cdbead09b31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
stats.g.doubleclick.net/j/ 		4 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52231022-1&cid=1551782448.1651451053&jid=1052598127&gjid=280369519&_gid=303006075.1651451053&_u=aEBAAEAAQAAAAC~&z=1269425099
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 02 May 2022 00:24:13 GMT
content-type
text/plain
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
102.json
id5-sync.com/g/v2/ 		213 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.45 , France, ASN16276 (OVH, FR),
Reverse DNS
p39.id5-sync.com
Software
/
Resource Hash
1d125190e523ca5966223c1da52646daae0d9dd3150da59acc309b567dc767f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.signal-arnaques.com
Date
Mon, 02 May 2022 00:24:12 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
settings
syndication.twitter.com/ Frame BEE7 		169 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=49eafa50fa4b8c3316c2922cad82c067450755cb
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.signal-arnaques.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
110
date
Mon, 02 May 2022 00:24:12 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 00:24:13 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
8a8d783599b253f4dd1c1ea30b723a5593ace3c5abaca3865d281ca449e7ea54
content-length
143
cookie.js
partner.googleadservices.com/gampad/ 		223 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.signal-arnaques.com&callback=_gfp_s_&client=ca-pub-8416474909997810
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3376cbd6e1a177a5c017eb59284304b91e4bb794e7915ec70fe3037b064fb093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.signal-arnaques.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.signal-arnaques.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&tn=DIV&id=lang-selector&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A436 		292 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8416474909997810&output=html&adk=1812271804&adf=3025194257&lmt=1651451053&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651451052713&bpp=3&bdt=199&idt=184&shv=r20220427&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3279543391900&frm=20&pv=2&ga_vid=1551782448.1651451053&ga_sid=1651451053&ga_hid=426141358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531550%2C31067323%2C31061828%2C31062930&oid=2&pvsid=1584946475217727&pem=878&tmod=1475904135&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=743
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f732e1acd2a414ba09e03624683bc806dedb11c783ffcf37a8f8097efa721c7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
73061
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 00:24:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.signal-arnaques.com%2F&domain=www.signal-arnaques.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.signal-arnaques.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 02 May 2022 00:24:13 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1178
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.signal-arnaques.com%2F&domain=www.signal-arnaques.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=N6QSE3xGSHNRYmN6bXdPeC9xVXowaGhvVXZhRlpVM2tOV3pWMnNVelo4dEw2LzNhbFNaSUFzQTlFSGhENVA1Q3BuaWVWalAvbmhDTERXRDhwSjFDTFZENTk1TUI3OXhQcW9rZWNMeW4waVllK2QvWXRUOWduRy9FTjFyWG...
336 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=N6QSE3xGSHNRYmN6bXdPeC9xVXowaGhvVXZhRlpVM2tOV3pWMnNVelo4dEw2LzNhbFNaSUFzQTlFSGhENVA1Q3BuaWVWalAvbmhDTERXRDhwSjFDTFZENTk1TUI3OXhQcW9rZWNMeW4waVllK2QvWXRUOWduRy9FTjFyWG9PeU9VNjZvMC8vbnZEb3k0YXh3aWRoUWNKSExVc2cwODVobFdFN0V1WXUyLzNUb0VsS1FDbG1HTkx6MTJDOG9ZZzcxdndQMXlicHhJcE5EN0NZQUFQVjlwKzg5Y2hmNmZvQ092aU8yWXJURC9QNkdDUzZHZDZsc3o1M2k4ZWZ2aHZ3SUZESC85fA&cppv=2
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
20daf678e0ee043638fecd2a0ce38c691cf711504a41069c5ab907002904d816
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2991
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:12 GMT
location
https://mug.criteo.com/sid?cpp=N6QSE3xGSHNRYmN6bXdPeC9xVXowaGhvVXZhRlpVM2tOV3pWMnNVelo4dEw2LzNhbFNaSUFzQTlFSGhENVA1Q3BuaWVWalAvbmhDTERXRDhwSjFDTFZENTk1TUI3OXhQcW9rZWNMeW4waVllK2QvWXRUOWduRy9FTjFyWG9PeU9VNjZvMC8vbnZEb3k0YXh3aWRoUWNKSExVc2cwODVobFdFN0V1WXUyLzNUb0VsS1FDbG1HTkx6MTJDOG9ZZzcxdndQMXlicHhJcE5EN0NZQUFQVjlwKzg5Y2hmNmZvQ092aU8yWXJURC9QNkdDUzZHZDZsc3o1M2k4ZWZ2aHZ3SUZESC85fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2160
content-length
509
expires
0
12.json
id5-sync.com/g/v2/ 		213 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.45 , France, ASN16276 (OVH, FR),
Reverse DNS
p39.id5-sync.com
Software
/
Resource Hash
acbc633e36c64626b7cf221773bf4ac7d1589de6cf4d10bd2059f1340f02fb9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.signal-arnaques.com
Date
Mon, 02 May 2022 00:24:12 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
p
in-automate.sendinblue.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.sendinblue.com/p?key=dgxmhmwk8udarp0eqgm3yuk8&cuid=a7f34478-5c92-4488-8c22-e59cc1413731&ma_url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&sib_type=page&ma_title=www.mondialrelay.com%20%7C%20compagniemondialrelayexpress%40gmail.com%20%7C%20Site%20internet%20frauduleux%20%7C%203%20commentaires&sib_name=www.mondialrelay.com%20%7C%20compagniemondialrelayexpress%40gmail.com%20%7C%20Site%20internet%20frauduleux%20%7C%203%20commentaires&ma_referrer=&ma_path=%2Fscam%2Fview%2F388341
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=dgxmhmwk8udarp0eqgm3yuk8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
704c9cdc38a49290-FRA
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1763030
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx4f97644ee3cb4969a8d89-0062543dbd
x-amz-id-2
tx4f97644ee3cb4969a8d89-0062543dbd
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPVv71UkgPfwhiFn9G%2FupN5UPuZepfbVSqGy4XfgG7k6RGXxtIogMzkW15%2BXZRB3AM49HgJv9VvgV7kSSt5Pe%2BIctF9dtg5hAEnBgA7h99%2BMiIyoSUEKNT6czozGsGYoRHXKXwSe8RPDYWKq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1649687874851815
cf-ray
704c9cdc5a789b40-FRA
access-control-allow-headers
Authorization
notifyme.php
adtrack.adleadevent.com/ 		0
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.249.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-249-234.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 May 2022 00:24:13 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.signal-arnaques.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3a652964-675b-4063-973d-3f49cefab4f9
  • https://s.cpx.to/ca.png?dsp=dbm&fid=3a652964-675b-4063-973d-3f49cefab4f9&google_gid=CAESEC1wg9Remijlt6sdlOMf9Ik&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=3a652964-675b-4063-973d-3f49cefab4f9&google_gid=CAESEC1wg9Remijlt6sdlOMf9Ik&google_cver=1
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
HTTP/1.1
Server
52.211.48.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-48-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 02 May 2022 00:24:13 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=3a652964-675b-4063-973d-3f49cefab4f9&google_gid=CAESEC1wg9Remijlt6sdlOMf9Ik&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
token.rubiconproject.com/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=29d8f0db0ada8831&gdpr=0
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12769%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.signal-arnaques.com%252Fscam%252Fview%252F388341%26h...
  • https://s.cpx.to/an_fire?app_nexus_uid=8646490127283099469&pid=12769&ref=&url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&hn_ver=40&fid=3a652964-675b-4063-973d-3f49cefab4f9
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=8646490127283099469&pid=12769&ref=&url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&hn_ver=40&fid=3a652964-675b-4063-973d-3f49cefab4f9
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
HTTP/1.1
Server
52.211.48.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-48-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 02 May 2022 00:24:13 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 02 May 2022 00:24:13 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:13 GMT
X-Proxy-Origin
178.162.209.130; 178.162.209.130; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fbb6a780-0f2f-4cbd-81bf-260c4365a857
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=8646490127283099469&pid=12769&ref=&url=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&hn_ver=40&fid=3a652964-675b-4063-973d-3f49cefab4f9
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3a652964-675b-4063-973d-3f49cefab4f9
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3a652964-675b-4063-973d-3f49cefab4f9
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8&fid=3a652964-675b-4063-973d-3f49cefab4f9
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8&fid=3a652964-675b-4063-973d-3f49cefab4f9
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
HTTP/1.1
Server
52.211.48.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-48-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 02 May 2022 00:24:13 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 02 May 2022 00:24:13 UTC

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8&fid=3a652964-675b-4063-973d-3f49cefab4f9
date
Mon, 02 May 2022 00:24:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pool.grid-data.bidswitch.net/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.201.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-201-25.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D3a652964-675b-4063-973d-3f49cefab4f9&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3a652964-675b-4063-973d-3f49cefab4f9&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3a652964-675b-4063-973d-3f49cefab4f9&gdpr=0&cklb=1
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
HTTP/1.1
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3a652964-675b-4063-973d-3f49cefab4f9&gdpr=0&cklb=1
pragma
no-cache
date
Mon, 02 May 2022 00:24:12 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52231022-1&cid=1551782448.1651451053&jid=1052598127&_u=aEBAAEAAQAAAAC~&z=726828256
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52231022-1&cid=1551782448.1651451053&jid=1052598127&_u=aEBAAEAAQAAAAC~&z=726828256
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame 1C3E 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B&co=aHR0cHM6Ly93d3cuc2lnbmFsLWFybmFxdWVzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=normal&cb=rs6j9ymr5fbm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 13:05:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 13:05:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame 1C3E 		363 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B&co=aHR0cHM6Ly93d3cuc2lnbmFsLWFybmFxdWVzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=normal&cb=rs6j9ymr5fbm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 20:04:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146779
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 20:04:03 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.signal-arnaques.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.signal-arnaques.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Mon, 02 May 2022 00:24:13 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
prebid
ib.adnxs.com/ut/v3/ 		40 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b08305ae9166722ee0a68f621224867397cc5d1d4d538ebc2239bc9cf1306b96
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 May 2022 00:24:13 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.130; 178.162.209.130; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6ae79d30-6932-4fe8-954e-65233ba8fa53
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.signal-arnaques.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
b1h.zemanta.com/api/bidder/prebid/bid/ 		0
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.95 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.signal-arnaques.com
Access-Control-Allow-Credentials
true
/
shb.richaudience.com/hb/ 		4 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.signal-arnaques.com
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.signal-arnaques.com
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.signal-arnaques.com
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.signal-arnaques.com
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.signal-arnaques.com
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.signal-arnaques.com
access-control-max-age
86400
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		714 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&PublisherDomain=https%3A%2F%2Fwww.signal-arnaques.com
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
da54bc15d687280dc010e41cbd404b9ed74fece1df768d2aed048fe6b97e63ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.signal-arnaques.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
22
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
714
expires
0
openrtb
adx.adform.net/adx/ 		0
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		112 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e17d341715e3c3bf9018507cdabcb3734bd79a97ac0d3762eec28033090824bc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 May 2022 00:24:13 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.130; 178.162.209.130; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ff22bf59-dbc4-47f5-abd5-3ad9fcfdb1e2
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.signal-arnaques.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/pbjs/1/2a156/1/www.signal-arnaques.com/ 		129 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2a156/1/www.signal-arnaques.com/ROS?rnd=0.49803702817585016&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26323%3A300x250%2C300x600%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&pbv=6.13.0&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&gdpr=0&e_id5id=%257B%2522uid%2522%253A%25220%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=3c160d2a-9440-4cb1-a2e1-573b9f07681e
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
79d225821b0d5d3ba4a75346bfbc65a815388286dbe8a4d5467aa9d99c53d07c

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.signal-arnaques.com
expires
Mon, 02 May 2022 00:24:13 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
129
x-sid
AMS-732
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cdcec0d68fb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cdcec0f68fb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cdcec1068fb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cdcec1168fb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cdcec1268fb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cdcec1368fb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.signal-arnaques.com
access-control-allow-credentials
true
cf-ray
704c9cdcec1468fb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
moneybid.js
ads.themoneytizer.com/bidder1/ 		75 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=87059&adid=11&formatid=video&size=desktop&country=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx
x-hw
1651451053.cds140.fr8.hn,1651451053.cds281.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
81
moneybid.js
ads.themoneytizer.com/bidder1/ 		624 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=87059&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
b9c86b893a57333329f7b8bc0e416d670e4fe76997b031dca070e0213d1eff5f

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx
x-hw
1651451053.cds140.fr8.hn,1651451053.cds267.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
429
moneybid.js
ads.themoneytizer.com/bidder1/ 		627 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=87059&adid=19&formatid=26711&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
10456e303fca18bb69dea0060c97da6b5f18435072b7bdc716746c23da67fe75

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx
x-hw
1651451053.cds140.fr8.hn,1651451053.cds056.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
429
moneybid.js
ads.themoneytizer.com/bidder1/ 		628 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=87059&adid=3&formatid=26323&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
592c69a8bdcbafc86c4d3e1978b15c8108f9b0f1cf0b7db126b96e95ebdc95a4

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx
x-hw
1651451053.cds140.fr8.hn,1651451053.cds291.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
432
moneybid.js
ads.themoneytizer.com/bidder1/ 		631 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=87059&adid=28&formatid=30012&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
361f72f8a4fd3d2cb53eb1113a03c445b73827f142add85f31261b2a73b83c08

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
server
nginx
x-hw
1651451053.cds140.fr8.hn,1651451053.cds283.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
435
c
prebid.a-mo.net/a/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Mon, 02 May 2022 00:24:13 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.247.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-247-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2762ccea71e5d0f15aa88cb405c581eec8bb30eb392589a11e5435e55b75392a

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
content-type
application/json
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		25 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.247.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-247-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4df27efd0cb59263899762b6d613958a952ff33244ffb99ee2bbe679461da0a2

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
51
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39536&zone_id=1078218%3B1124620%3B1078218%3B1078302%3B1078218%3B1078302&size_id=68%3B15%3B2%3B15%3B15%3B2&alt_size_ids=221%3B2%2C55%2C58%2C221%3B19%2C43%2C44%2C117%3B%3B10%3B19%2C43%2C44%2C117&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,83378,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=3c160d2a-9440-4cb1-a2e1-573b9f07681e%5E1&rf=https%3A%2F%2Fwww.signal-arnaques.com&kw=87059&tg_i.siteid=87059&tg_i.pbadslot=%2F87059%2F%2Fdesktop%2F26325%3B%2F87059%2F%2Fdesktop%2F26328%3B%2F87059%2F%2Fdesktop%2F26322%3B%2F87059%2F%2Fdesktop%2F26711%3B%2F87059%2F%2Fdesktop%2F26323%3B%2F87059%2F%2Fdesktop%2F30012&tk_flint=pbjs_lite_v6.13.0&x_source.tid=2ec51738-a4e5-4979-9baa-22e9fbfa9131%3B88d49cda-8074-47ad-8211-1c06ca7d5f8c%3B2196663b-e19d-421a-8b89-1329fc6343c1%3B3bb1fb14-c972-4f8c-bbde-51ec5ff58ae5%3B0e872a4e-c5f7-4e53-b024-3fcbc972c509%3B2a7406bc-9d98-4f64-90af-df389d51f8d2&p_screen_res=1600x1200&rp_floor=0.5%3B0.01%3B0.01%3B0.01%3B0.01%3B0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F87059%2F%2Fdesktop%2F26325%3B%2F87059%2F%2Fdesktop%2F26328%3B%2F87059%2F%2Fdesktop%2F26322%3B%2F87059%2F%2Fdesktop%2F26711%3B%2F87059%2F%2Fdesktop%2F26323%3B%2F87059%2F%2Fdesktop%2F30012&slots=6&rand=0.4855754331040645
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a37a57cd1ff1fef337e26ac160387b2fd188307d2988a819b4287eb16ab2522b

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:13 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.signal-arnaques.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2613
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adjson
ads.betweendigital.com/ 		2 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
mp.4dex.io/ 		114 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd984ce4b82562faf4f710d01f01759e3aefcf3bf9a17334d4c44a3f4cb947c

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
704c9cdd0b41926b-FRA
pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.signal-arnaques.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
hb
ice.360yield.com/ 		249 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22118fd422bad818bb%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2283378%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223c160d2a-9440-4cb1-a2e1-573b9f07681e%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229075b0a740be435%22%2C%22pid%22%3A%2222681719%22%2C%22tid%22%3A%22aa4971f0-bfce-4c38-8634-803a5f7e1c33%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%22914d436d18ac0b4%22%2C%22pid%22%3A%2222681720%22%2C%22tid%22%3A%2288d49cda-8074-47ad-8211-1c06ca7d5f8c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2292a3529337428a%22%2C%22pid%22%3A%2222681721%22%2C%22tid%22%3A%222196663b-e19d-421a-8b89-1329fc6343c1%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2293f48cd8353aa27%22%2C%22pid%22%3A%2222681718%22%2C%22tid%22%3A%223bb1fb14-c972-4f8c-bbde-51ec5ff58ae5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A168%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.41.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-41-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c735b9c81da7ba3ecbffac431dde49125c595cf5651d5ec275f955815ad5f33a

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.signal-arnaques.com
date
Mon, 02 May 2022 00:24:13 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
249
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		150 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22119c106ab619061b%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2283378%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223c160d2a-9440-4cb1-a2e1-573b9f07681e%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2294ae411bf33ef64%22%2C%22pid%22%3A%2222681714%22%2C%22tid%22%3A%220e872a4e-c5f7-4e53-b024-3fcbc972c509%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2295c0ed853440d77%22%2C%22pid%22%3A%2222680859%22%2C%22tid%22%3A%222a7406bc-9d98-4f64-90af-df389d51f8d2%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.41.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-41-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2a382915a44c34a3f5b367f3a2ed19b2c50a7f8e479360870ccd2627cc768316

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.signal-arnaques.com
date
Mon, 02 May 2022 00:24:13 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
150
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid-request
onetag-sys.com/ 		15 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
btlr.sharethrough.com/universal/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.signal-arnaques.com
date
Mon, 02 May 2022 00:24:13 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.signal-arnaques.com
date
Mon, 02 May 2022 00:24:13 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.signal-arnaques.com
date
Mon, 02 May 2022 00:24:13 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.signal-arnaques.com
date
Mon, 02 May 2022 00:24:13 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.signal-arnaques.com
date
Mon, 02 May 2022 00:24:13 GMT
access-control-allow-credentials
true
vary
Origin
auction
tlx.3lift.com/header/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.13.0&referrer=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&tmax=3000&gdpr=false
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.181.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-181-98.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6e27013350cec0dadc5bf5fd07c0922cf371e915301f26edc77db353c4d3a389
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3649
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=N6QSE3xGSHNRYmN6bXdPeC9xVXowaGhvVXZhRlpVM2tOV3pWMnNVelo4dEw2LzNhbFNaSUFzQTlFSGhENVA1Q3BuaWVWalAvbmhDTERXRDhwSjFDTFZENTk1TUI3OXhQcW9rZWNMeW4waVllK2QvWXRUOWduRy9FTjFyWG9PeU9VNjZvMC8vbnZEb3k0YXh3aWRoUWNKSExVc2cwODVobFdFN0V1WXUyLzNUb0VsS1FDbG1HTkx6MTJDOG9ZZzcxdndQMXlicHhJcE5EN0NZQUFQVjlwKzg5Y2hmNmZvQ092aU8yWXJURC9QNkdDUzZHZDZsc3o1M2k4ZWZ2aHZ3SUZESC85fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 02 May 2022 00:24:13 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1054
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pica.js
consent.heretic-sas.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame DBD8 		25 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://consent.heretic-sas.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:805f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198b2757e214f0bdc11ad92501b14f236fabad0b26777fd6e1f0cde34d308eac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.heretic-sas.com/global-consent.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G4EQqxQ%2B31zTe63LPmMP1CrMLJiyLBPdI9tR5NkypKHaADoom2sYWpjBSMAVf%2F6EVX2lrHCcYlwrABeLIXhJk5HEaB23qdUy%2BTFlov2ZlkjWRfgsGCaqKHgMiUYntkuZREQwNd419q2VzXrUtipeQQOV8kgxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
704c9cdd4c3d9b31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame 1C3E 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1C3E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1C3E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:40:09 GMT
x-content-type-options
nosniff
age
276244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 05 May 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C3E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B&co=aHR0cHM6Ly93d3cuc2lnbmFsLWFybmFxdWVzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=normal&cb=rs6j9ymr5fbm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 11:18:05 GMT
x-content-type-options
nosniff
age
479168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 11:18:05 GMT
704c9cd4ad319948
www.signal-arnaques.com/cdn-cgi/challenge-platform/h/g/cv/result/ 		2 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/cdn-cgi/challenge-platform/h/g/cv/result/704c9cd4ad319948
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651449600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.signal-arnaques.com/scam/view/388341
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Yk0Q56kNzfDvN3YOD8BOlicpY1ke8dOCPLWowF54f3HWE5O6THAAoO2V5NJUC0Gis99jG31ytvvwmD2WcowySmeRYgyPUTnP1%2FOemEDW01Eoxd1bGcRbW5WhFQjWZeeXhlFgXr%2BAyXCkaw5iJNBu%2FNB8bPA"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
704c9cdf0d669948-FRA
webworker.js
www.google.com/recaptcha/api2/ Frame 1C3E 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=2W_gRz39xX8G13fM-OdyQPlc
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B&co=aHR0cHM6Ly93d3cuc2lnbmFsLWFybmFxdWVzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=normal&cb=rs6j9ymr5fbm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a73b51a8588a606f360f33a9829565e622627877c1d127d5663a411026afd62
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B&co=aHR0cHM6Ly93d3cuc2lnbmFsLWFybmFxdWVzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=normal&cb=rs6j9ymr5fbm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 02 May 2022 00:24:13 GMT
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.signal-arnaques.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.signal-arnaques.com
date
Mon, 02 May 2022 00:24:13 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ 		591 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
4fc41b75b04cdb61f83dfe1ded1fd78b770bfe8f1689822a4dff38b6a421d63b

Request headers

Referer
https://www.signal-arnaques.com/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:13 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.signal-arnaques.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=87059&f=28&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=87059&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 02 May 2022 00:24:14 GMT
Server
nginx
X-IPLB-Request-ID
B2A2D182:9ECE_36264064:01BB_626F24AD_F193D95:2028E
X-IPLB-Instance
38432
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
bframe
www.google.com/recaptcha/api2/ Frame 6DE4 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
90b91537d66896f0795a898464552cec91f904748d626e6bad4e353b2b0a35ec
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2f6xLdi3ffULl6zCw46qAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1110
content-security-policy
script-src 'report-sample' 'nonce-2f6xLdi3ffULl6zCw46qAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 00:24:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame 6DE4 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 13:05:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 13:05:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame 6DE4 		363 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&k=6LdppiETAAAAAGLi93fbYIWli9uZCxN3wzBdYp2B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 20:04:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146779
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 20:04:03 GMT
704c9cda0ed09b63
consent.heretic-sas.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame DBD8 		2 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.heretic-sas.com/cdn-cgi/challenge-platform/h/g/cv/result/704c9cda0ed09b63
Requested by
Host: consent.heretic-sas.com
URL: https://consent.heretic-sas.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651449600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:805f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://consent.heretic-sas.com/global-consent.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPtfYdax%2Fh9ECJjk5vh3CQnpU5GuKpthFGqF8aYh2mk9QjwvwaEHjJoUfyEb8Xnm9PiXkfvTzORWlaE22uCjCTzCMQsIDCGZ8O%2FAIqtgwTa7R2JmD0SNYyEcVkdVl2UKnhKxB6vY3mQGTeWdnhKB1BrlUKw4YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
704c9ce179259b31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bundle.js
ib.3lift.com/rev/6ce243b78b284997e927c02b87e59df511f993b2/dist/ Frame 75FC 		255 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/6ce243b78b284997e927c02b87e59df511f993b2/dist/bundle.js
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-100.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef6c1d24fceb61aaabec98cff1ea71499dccd73ab4e4d50c40c25525aaf371fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:23:25 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 14:52:14 GMT
server
AmazonS3
age
975650
etag
"c90e77ee7a83919d8776d4c512cce0d5"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
82706
x-amz-cf-id
W6Ldfc0zq2QjD6SR9kcBadBv8Bkscj9z7w8BGnu8VK2GjkoTii3_Zg==
notify
tlx.3lift.com/header/ Frame 75FC 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.145&ts=1651451053&aid=4760471789224572977436&ec=3690_62334_10631116&n=GgDyAs4BCAASFjQ3NjA0NzE3ODkyMjQ1NzI5Nzc0MzYYACABKOocMP7mA0ABSABQAGAKaABwo4ADkAEAmAEAqAEAsAG%2FAbgBCcABkQHIAb8B4AET8AEA%2BAG%2FAYACkQGIAhORAgAAAAAAAPA%2FmQK4HoXrUbjOP6ECAAAAAAAA8D%2BoAgCwAgPIAgTYAgDxAmZmZmZmZuY%2F%2BALhOIAD2AWIA1qQAwCYAwCgAwC4A7H9EsADAMgDANIDCDEwNjMxMTE24AOEsuIL6QMAAAAAAAAAAPADvwH4AgyIAwCSAwQzOTk1mAMAoAPj8wOoAwA%3D
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.181.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-181-98.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 75FC 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=4760471789224572977436
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/reactive_library_fy2019.js?bust=31067323
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e8fdc2417c25949079a72f1714dd7afc195bddc4b4b973a589ad8235928a1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52966
x-xss-protection
0
server
cafe
etag
841863655878187186
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 May 2022 00:24:14 GMT
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=MoneyTizer_MegaBannerBasse_HDX_2&aid=4760471789224572977436&rev=6ce243b&pr=un&bc=0.191&bmid=3690&biid=7265&sid=62334&brid=49187&adid=10631116&crid=24680708&ts=1651451053&bcud=191&ss=12&caid=0&unid=0&domain=www.signal-arnaques.com&ref=https%253A%252F%252Fwww.signal-arnaques.com%252Fscam%252Fview%252F388341&rr=creative&fid=10&rb=0&g=0&cb=10723
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame 367F 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 75FC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-100.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 13:45:47 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
211127
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
3125
x-amz-cf-id
w8dbrlltVM776qYQlNKDS0fxoXt3jgfvxNwtq8vJqRhV6zaE2bW94A==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 75FC 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-100.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 21:24:52 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
356363
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
3518
x-amz-cf-id
JarnF1FQkh2wetTnziQIjMdJhWRP6VqJfUF7CG6CRhQBQVMyQuME9A==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=MoneyTizer_MegaBannerBasse_HDX_2&aid=4760471789224572977436&rev=6ce243b&cta_render_method=1&cta_render_text=&cb=87603
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
js
tags.mathtag.com/notify/ Frame 533C 		12 B
343 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTkRFM1pEUTFZVEV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NzcyMTY4Nzg5NjczNzE2NjIvMTA2MzExMTYvMTE1MDc0OTQvNjIvMGNwdmEwNFV3LWgxOVlXdXNnYVFTZFF5eEZKNXlsQTRTX2RQOTI2cFVfZy8xLzYyLzAvMC8xODkyNzgyLzI5OTcwMTQ5MTQvMjE1NTQzLzExNDk1ODUvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTc3MjE2ODc4OTY3MzcxNjYyL2Ftcy8wLzkxMDMvNDAvOTk5LzI1OC8xNzguMTYyLjIwOS4wLzAuMDAwLzE2NTE0NTEwNTMvMTY1MTQ2MzY1My82Mi80MzM4Lw/fiAKJ3Jt977L_xWu_rjhfc9j6Dc&nodeid=3149&group=cdg&auctionid=3977216878967371662&shardkey=3977216878967371662&sid=11507494&cid=10631116&price=0.191&bp=a_bjbbgg&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.29
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/6ce243b78b284997e927c02b87e59df511f993b2/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
6ec464824d178992ba75c33d46b5e8c73fcd0fd83ea26840e48cd91c83b85adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:16 GMT
Last-Modified
Wed, 05 May 2021 21:24:43 GMT
Server
nginx
ETag
"60930d1b-c"
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=360
Content-Length
12
Expires
Mon, 02 May 2022 00:24:15 GMT
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=MoneyTizer_MegaBannerBasse_HDX_2&aid=4760471789224572977436&rev=6ce243b&pr=un&bc=0.191&bmid=3690&biid=7265&sid=62334&brid=49187&adid=10631116&crid=24680708&ts=1651451053&bcud=191&ss=12&caid=0&unid=0&domain=www.signal-arnaques.com&ref=https%253A%252F%252Fwww.signal-arnaques.com%252Fscam%252Fview%252F388341&rr=creative&fid=10&rb=0&g=0&cb=96862
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
moatad.js
z.moatads.com/triplelift879988051105/ Frame 75FC 		314 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/triplelift879988051105/moatad.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/6ce243b78b284997e927c02b87e59df511f993b2/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c7f38d262390f7dbd8a2c6488e62d5ad4ce0689bad93dca8feb351af5fe8ef85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 16:20:06 GMT
server
AmazonS3
x-amz-request-id
Z1N3JN18W6SEJCYD
etag
"b3dd849c0df6ab19db9cdc76e3284915"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=51863
accept-ranges
bytes
content-length
107761
x-amz-id-2
bcbub2f+rep/xuIrRfOu4S/oUSBhzZS/xUliXviCMfJMZT4UYA/gRPm4Yfjk/uiFrSa3I+RLkmo=
tpvpx
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/tpvpx?inv_code=MoneyTizer_MegaBannerBasse_HDX_2&aid=4760471789224572977436&rev=6ce243b&pid=63971&unid=0&vid=1&sr=10&cb=39345
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.signal-arnaques.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 00:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.signal-arnaques.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 00:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/ Frame A567 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5607
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 22:50:47 GMT
etag
3347421328414474149
expires
Sun, 15 May 2022 22:50:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/ Frame 5CA0 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5607
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 22:50:47 GMT
etag
3347421328414474149
expires
Sun, 15 May 2022 22:50:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame A567 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 01 May 2022 23:32:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 02 May 2022 00:24:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 May 2022 00:24:14 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A567 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:43:30 GMT
x-content-type-options
nosniff
age
2444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 01 May 2023 23:43:30 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A567 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 16:19:20 GMT
x-content-type-options
nosniff
age
29094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 01 May 2023 16:19:20 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame A567 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8280
x-xss-protection
0
server
cafe
etag
1405619832300133377
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 00:16:15 GMT
583c04eba622323b1bc7d6fda2f57e1e.js
www.gstatic.com/mysidia/ Frame 5CA0 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3720
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 05:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 25 Jul 2022 17:16:50 GMT
53a7a71b70ef187a79a0d28dd2b87b3a.js
www.gstatic.com/mysidia/ Frame 5CA0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/53a7a71b70ef187a79a0d28dd2b87b3a.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e013371a791d452987626cf17dfd9fe21234190d7aab26c7ba3d93a41d7975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 10:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
397233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6201
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 08:44:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 26 Jul 2022 10:03:41 GMT
css
fonts.googleapis.com/ Frame 5CA0 		8 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 01 May 2022 23:46:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 02 May 2022 00:24:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 May 2022 00:24:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 5CA0 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 23:27:14 GMT
a44a0b8f447061e92ca19622c4392a02.js
www.gstatic.com/mysidia/ Frame 5CA0 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 08:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2233
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 08:44:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 26 Jul 2022 08:37:13 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 5CA0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:43:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 23:43:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 5CA0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 00:22:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5CA0 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 00:24:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 5CA0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
548
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 00:15:06 GMT
l
www.google.com/ads/measurement/ Frame 5CA0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCSzQyzd3NMdrwfU1mrsPBTQS7SNwtWQH50a9LAXNGiRUO92dqSbt6woMxCTnITH_bSKQ3dkSzM7pv7y3EkMsfULkKXA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
3c09399fce195357915a25abcce0a496.js
www.gstatic.com/mysidia/ Frame 5CA0 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 07:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12188
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 23:28:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 07:48:45 GMT
n.js
geo.moatads.com/ 		98 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=3537061256&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-QWZbXVZgr1f3LlF%2Fnkx0mb91P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-4hXA3ZfY41ErZQ%3D%3D&sc=1&os=1-tQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRIPLELIFT1&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1651451054518&de=657392047205&m=0&ar=bee2df476bf-clean&iw=2a1d5c5&q=2&cb=0&ym=0&cu=1651451054518&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4338%3A63971%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A4760471789224572977436%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=3690&zMoatOrigSlicer2=49187&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&id=1&ii=4&bo=3690&bd=signal-arnaques.com&gw=triplelift879988051105&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A490%3A490%3A0%3A852&jm=-1&fs=198121&na=1672255191&cs=0&ord=1651451054518&jv=1613009784&callback=DOMlessLLDcallback_73698521
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/triplelift879988051105/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.16.189 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-16-189.eu-west-2.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
5d41e70b9943705d7dac5fb5e2dc0b0e559b2da511c118a126dfb7cc3d7aea56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"3e473625127950a93c9a26be5d24616ed4a99157"
content-length
98
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRIPLELIFT1&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1651451054518&de=657392047205&m=0&ar=bee2df476bf-clean&iw=2a1d5c5&q=3&cb=0&ym=0&cu=1651451054518&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4338%3A63971%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A4760471789224572977436%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=3690&zMoatOrigSlicer2=49187&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&id=1&ii=4&bo=3690&bd=signal-arnaques.com&gw=triplelift879988051105&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A490%3A490%3A0%3A852&jm=-1&fs=198121&na=827173814&cs=0
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 02 May 2022 00:24:14 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E008 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
66630
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 05:53:44 GMT
etag
48472445140208031
expires
Mon, 02 May 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
583c04eba622323b1bc7d6fda2f57e1e.js
www.gstatic.com/mysidia/ Frame E747 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3720
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 05:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 25 Jul 2022 17:16:50 GMT
53a7a71b70ef187a79a0d28dd2b87b3a.js
www.gstatic.com/mysidia/ Frame E747 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/53a7a71b70ef187a79a0d28dd2b87b3a.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e013371a791d452987626cf17dfd9fe21234190d7aab26c7ba3d93a41d7975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 10:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
397233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6201
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 08:44:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 26 Jul 2022 10:03:41 GMT
css
fonts.googleapis.com/ Frame E747 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 01 May 2022 23:43:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 02 May 2022 00:24:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 May 2022 00:24:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame E747 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 23:27:14 GMT
a44a0b8f447061e92ca19622c4392a02.js
www.gstatic.com/mysidia/ Frame E747 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 08:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2233
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 08:44:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 26 Jul 2022 08:37:13 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame E747 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:43:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 23:43:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame E747 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 00:22:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E747 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 00:24:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame E747 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
548
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 00:15:06 GMT
l
www.google.com/ads/measurement/ Frame E747 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhu6K08pHif0vnk4CvPMuBMF8fLtLWjM_2vyLA9PWV6LvNVoUdaNCdaz1nO6KVJBvjdhvEQ0hKUyk2FJhRK5j68-dCkw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
3c09399fce195357915a25abcce0a496.js
www.gstatic.com/mysidia/ Frame E747 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 07:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12188
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 23:28:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 07:48:45 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.signal-arnaques.com%2F%2Fscam%2Fview%2F-&i=TRIPLELIFT1&ol=3537061256&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-QWZbXVZgr1f3LlF%2Fnkx0mb91P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-4hXA3ZfY41ErZQ%3D%3D&sc=1&os=1-tQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&id=1&ii=4&f=0&j=&t=1651451054518&de=657392047205&cu=1651451054518&m=71&ar=bee2df476bf-clean&iw=2a1d5c5&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4131&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A490%3A490%3A0%3A852&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=53&cd=0&ah=53&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4338%3A63971%3Aundefined%3A10&bo=3690&bd=signal-arnaques.com&gw=triplelift879988051105&zMoatOrigSlicer1=3690&zMoatOrigSlicer2=49187&zMoatTactic=undefined&zMoatPixelParams=aid%3A4760471789224572977436%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=1&jm=-1&tc=0&fs=198121&na=852710280&cs=0
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 02 May 2022 00:24:14 GMT
dpixel
cms.quantserve.com/ Frame E008 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBvEO1jFAGz_9ezBt5-JShw&google_cver=1&google_push=AYg5qPLJQHQY-MlFHFrsUOCdx5DVsHfxUoMAwaBBtRGRlMunJC6siuAtpzQpTeS-roPiCEfffkYz0PcyHSozrzJZnQA51_5eBzbX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E008
Redirect Chain
  • https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEPhfBSbzZ-il3uNykiV-rWE&google_cver=1&google_push=AYg5qPIF9S1rLslWI3DNusaNDFND20L0-dq7wJcWEdGb8govBlPu0znilQT6DgPZD0TWkqkrmXBmPGHuxlLN6kI...
  • https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=W2L7A4Q8SJtLJfLhUXvGZ4&tap=gAds&google_gid=CAESEPhfBSbzZ-il3uNykiV-rWE&google_cver=1&google_push=AYg5qPIF9S1rLslWI3DNusaNDFND20L0-dq7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=W2L7A4Q8SJtLJfLhUXvGZ4&tap=gAds&google_gid=CAESEPhfBSbzZ-il3uNykiV-rWE&google_cver=1&google_push=AYg5qPIF9S1rLslWI3DNusaNDFND20L0-dq7wJcWEdGb8govBlPu0znilQT6DgPZD0TWkqkrmXBmPGHuxlLN6kI1sGF9OBsVnzo
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=7884000; includeSubDomains
via
HTTP/2.0 odnd
last-modified
Wed, 27 Apr 2022 22:04:01 GMT
date
Mon, 02 May 2022 00:24:15 GMT
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=W2L7A4Q8SJtLJfLhUXvGZ4&tap=gAds&google_gid=CAESEPhfBSbzZ-il3uNykiV-rWE&google_cver=1&google_push=AYg5qPIF9S1rLslWI3DNusaNDFND20L0-dq7wJcWEdGb8govBlPu0znilQT6DgPZD0TWkqkrmXBmPGHuxlLN6kI1sGF9OBsVnzo
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-tb
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame E008 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDt7vOkijs07AeCJekhuamM&google_cver=1&google_push=AYg5qPIFiogLr_7Qh8I5As7_Kfa4Yye6ZzOp2xFK2vx0_ZFJltMVpZr9ZiEDth2wUNLRUQLdmjL0-k2HHtoXnZpGUwBHPz9YVt1Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
kvlghrmsk02l877ac0hln3lafm34v5so
pixel
cm.g.doubleclick.net/ Frame E008
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FQLm-iCBRTWp_YIQ6O74uA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FQLm-iCBRTWp_YIQ6O74uA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIXtfGkNu3glIQKVbjMMu2X0FK_Lqv1xsaBM31gggJsFXEtzG0xRC-Jt_lSuJbx8Q0ucGuVVDCOV53hLaLSpE6EYLfduHn1
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FQLm-iCBRTWp_YIQ6O74uA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIXtfGkNu3glIQKVbjMMu2X0FK_Lqv1xsaBM31gggJsFXEtzG0xRC-Jt_lSuJbx8Q0ucGuVVDCOV53hLaLSpE6EYLfduHn1
date
Mon, 02 May 2022 00:24:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E008
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEODPQuxU0fKB2ijrTzmomcU&google_cver=1&google_push=AYg5qPIvz0YQD40Xvs0wAnGQDPgFesdRdGvd5CYikLTXphyfmMMlRKRBpBxfRkV_2JhsjcASqj7...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJOWkJHQlItMUQtRVgxRQ==&google_push=AYg5qPIvz0YQD40Xvs0wAnGQDPgFesdRdGvd5CYikLTXphyfmMMlRKRBpBxfRkV_2JhsjcASqj7f8OyAdXJKNgLvzffQCSOfMXEN
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJOWkJHQlItMUQtRVgxRQ==&google_push=AYg5qPIvz0YQD40Xvs0wAnGQDPgFesdRdGvd5CYikLTXphyfmMMlRKRBpBxfRkV_2JhsjcASqj7f8OyAdXJKNgLvzffQCSOfMXEN
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJOWkJHQlItMUQtRVgxRQ==&google_push=AYg5qPIvz0YQD40Xvs0wAnGQDPgFesdRdGvd5CYikLTXphyfmMMlRKRBpBxfRkV_2JhsjcASqj7f8OyAdXJKNgLvzffQCSOfMXEN
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame E008
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym8kru8EzaEc9UlILlpKtgAABLcAAAAB&google_cver=1&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_push=AYg5qPK4JyzPrkuUDWauefCKRRkMcbGM1g3xZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym8kru8EzaEc9UlILlpKtgAABLcAAAAB&google_cver=1&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_push=AYg5qPK4JyzPrkuUDWauefCKRRkMcbGM1g3xZST8lLwS27ryex6i_pQUeCZHgb3oKr4F2eKBOxGKPlTumxpq3hYbW8iO6XDDE-_W
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym8kru8EzaEc9UlILlpKtgAABLcAAAAB&google_cver=1&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_push=AYg5qPK4JyzPrkuUDWauefCKRRkMcbGM1g3xZST8lLwS27ryex6i_pQUeCZHgb3oKr4F2eKBOxGKPlTumxpq3hYbW8iO6XDDE-_W
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Mon, 02 May 2022 00:24:14 GMT
/
cc.adingo.jp/adx/push/ Frame E008 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEGtfYlfCqKWUrjdFdUt9RJw&google_cver=1&google_push=AYg5qPJYzsd4Vi_FzF_s724Y4uJvZIOSTvUl1Oy6rA72fVgUoL7LIAO3DbH6NivUm2MMQf_woEKd7oBrbsDIF3MrDmTopcCbPGVc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.206.14 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-206-14.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:15 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame E008 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISh5adXwTaZJwSzYoo-IMNWZhU7v6WgH_t71QcGXPmvrym8iM1XkyK8flTJUpDKIEvETqG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame D7FC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 18:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 18:13:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9F6F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
66630
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 05:53:44 GMT
etag
48472445140208031
expires
Mon, 02 May 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
redir.html
p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E6FE 		247 B
965 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
ed9bb1b90991d4c7eb2fa26dda4778cf020cc64b25d6aa35e5817a30ed7003d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
207
content-security-policy-report-only
script-src 'nonce-wJWfRO8wyQKL7sxZ6dC3_A' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 00:24:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ev3
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev3?vid=1&aid=4760471789224572977436&sr=10&uid=0&type=mi&ord=1651451054518
Requested by
Host: www.signal-arnaques.com
URL: https://www.signal-arnaques.com/scam/view/388341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 9F6F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBvEO1jFAGz_9ezBt5-JShw&google_cver=1&google_push=AYg5qPLpJGfXa3xri0y9VKnQ043YbGopMIP7nHtfqcLhLLdIpxQ-A82gzs...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLpJGfXa3xri0y9VKnQ043YbGopMIP7nHtfqcLhLLdIpxQ-A82gzsZkPNu8cHhPVXJVZd0uNRpt0haqGkKqsQoSGiT24Tuo&google_hm=yHQVP1g0HR6F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLpJGfXa3xri0y9VKnQ043YbGopMIP7nHtfqcLhLLdIpxQ-A82gzsZkPNu8cHhPVXJVZd0uNRpt0haqGkKqsQoSGiT24Tuo&google_hm=yHQVP1g0HR6Ft6sXWqMNCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLpJGfXa3xri0y9VKnQ043YbGopMIP7nHtfqcLhLLdIpxQ-A82gzsZkPNu8cHhPVXJVZd0uNRpt0haqGkKqsQoSGiT24Tuo&google_hm=yHQVP1g0HR6Ft6sXWqMNCg
pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 9F6F 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEAxOgwt84IfxNtfS_ObOtOA&google_cver=1&google_push=AYg5qPIf23RoW68yTuLGd0OU9ppUldawzMujql65-eSznYcf5_kzSdV_E3d7PfDWSL6Vb0jZ-Be-6Qojy65FWl8oIahGgji58IUXwg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 9F6F 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDt7vOkijs07AeCJekhuamM&google_cver=1&google_push=AYg5qPKTwkMpI_ByZkOxZeFEGI6Exq2cK5WwCxWkCa995Y4WIhh8cskkJk6Te7NbcrVU_vB7KSe6f8Ej1gQ0QIqrMcOXnqoO4MvW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
tkr0ofbjemfjopvncshn4amo4fiud8ih
pixel
cm.g.doubleclick.net/ Frame 9F6F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEODPQuxU0fKB2ijrTzmomcU&google_cver=1&google_push=AYg5qPKodp6B8IuHgp8oaeHgg7Bra0qF7zG1Yg_26ZogGIYCKIuYaz18uhBySkk5l1RyyArPAan...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJOWkJHQlItMUQtRVgxRQ==&google_push=AYg5qPKodp6B8IuHgp8oaeHgg7Bra0qF7zG1Yg_26ZogGIYCKIuYaz18uhBySkk5l1RyyArPAan3WgJ3mZ801-TekekqRXRQ3zHY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJOWkJHQlItMUQtRVgxRQ==&google_push=AYg5qPKodp6B8IuHgp8oaeHgg7Bra0qF7zG1Yg_26ZogGIYCKIuYaz18uhBySkk5l1RyyArPAan3WgJ3mZ801-TekekqRXRQ3zHY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJOWkJHQlItMUQtRVgxRQ==&google_push=AYg5qPKodp6B8IuHgp8oaeHgg7Bra0qF7zG1Yg_26ZogGIYCKIuYaz18uhBySkk5l1RyyArPAan3WgJ3mZ801-TekekqRXRQ3zHY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9F6F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym8kru8EzaEc9UlILlpKtgAABLcAAAAB&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_cver=1&google_push=AYg5qPJ-Ltb4OLWgrzVXJKYKTbsZUOnQfKz1P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym8kru8EzaEc9UlILlpKtgAABLcAAAAB&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_cver=1&google_push=AYg5qPJ-Ltb4OLWgrzVXJKYKTbsZUOnQfKz1Pr0uSuqFOhG5l226nx29a2WztuZAiLonSK83ECBb2FUwzv2acV5_t07C5nNBOENJsA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym8kru8EzaEc9UlILlpKtgAABLcAAAAB&google_gid=CAESEB1i81qGg9RteE_ldaL1RWU&google_cver=1&google_push=AYg5qPJ-Ltb4OLWgrzVXJKYKTbsZUOnQfKz1Pr0uSuqFOhG5l226nx29a2WztuZAiLonSK83ECBb2FUwzv2acV5_t07C5nNBOENJsA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
462
Expires
Mon, 02 May 2022 00:24:14 GMT
trk
ag.innovid.com/ Frame 9F6F 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESECM-ofN5Tjjd_O2r2ugy9BY&google_cver=1&google_push=AYg5qPJ2BxWsqZv07UwLAX-TVdN0Byo4Ae1Os45wPC3a7mA4M4KDZuiul7x02GC76Ga4AYhU5zoPyy_byu9VDoNzifH8o_1kBcRpug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:fcf5:ef31:f27f:f1a6 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
/
cc.adingo.jp/adx/push/ Frame 9F6F 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEGtfYlfCqKWUrjdFdUt9RJw&google_cver=1&google_push=AYg5qPLvcSd6nRw8Sxno4eHQZ_ziFVIjffUFcssYkI39BydUYCE0MLUiaFuOMRBN5KxHDyJzti2DcMttqiAkFrYZpk5eR9JPhDKVog
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.206.14 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-206-14.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:15 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 9F6F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JC2zrSkqdj7o39-cfIw7_yydRMhzsdW2-xDrMXxhS8ZWfYCRs42gHMEGMX-svsaUkJrPue
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CA0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2xlYWRlcmJvYXJkCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNECshAAAAAAAAKkAwBAoNEAMhAACAZmZGY0AwBAoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAADBAMAQKDRAQIQAAAAAAYLJAMAQKDRARIQAAAACAcNFAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAAAAA4GZAMAQKDRAUIQAAAACAk9NAMAQKDRAVIQAAAAAAAChAMAQKDRAWIQAAAAAAABhAMAQKDRAYIQAAAAAAQGxAMAQKDRAyIQAAAAAzM9M_MAQKDRAzIQAAAAAzM9M_MAQKDRA0IQAAAAAzM9M_MAQKDRA1IQAAAAAzM9M_MAQKDRA2IQAAAAAzM9M_MAQKDRA3IQAAAAAzM9M_MAQKDRA4IQAAAAAAAPA_MAQKDRA5IQAAAMzMzCpAMAQKDRA6IQAAAMzMzCtAMAQKDRA7IQAAgGZm1mZAMAQKDRA8IQAAgGZm1mZAMAQKDRA9IQAAAAAA4GZAMAQKDRA-IQAAAAAAUGtAMAQKDRA_IQAAAAAAUGtAMAQKDRBAIQAAgJmZaWxAMAQSGkNLR3Rvc3ZHdl9jQ0ZWbmRFUWdkMmcwTkNnIgl0ZXh0L3J5dWsoFQ==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/53a7a71b70ef187a79a0d28dd2b87b3a.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.html
p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E6FE 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
abf5d2a75b5601df7752d923986568ce3241b1b9517a23d41ede64db891759da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1859
content-security-policy-report-only
script-src 'nonce-1sU4dVy3OuPnHgm9laCDlg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 00:24:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E747 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgojCAEqH2ltYWdlLXdpdGgtY3RhLW9uLWxhcmdlci1zY3JlZW4KCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAzCg0QKyEAAAAAAAAUQDAECg0QAyEAAAA0MzNJQDAECg0QDSEAAAAAAAAAADAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAGEAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAIBw0UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAzcxcYEAwBBIaQ0tDdG9zdkd2X2NDRlZuZEVRZ2QyZzBOQ2ciKmltYWdlL2ltYWdlX3ZpZ25ldHRlX3RyYW5zbHVjZW50X3YyX21lcmdlZCgj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/53a7a71b70ef187a79a0d28dd2b87b3a.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 41B2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 18:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 18:13:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E747 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgojCAEqH2ltYWdlLXdpdGgtY3RhLW9uLWxhcmdlci1zY3JlZW4KCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAzCg0QFCEAAAAAgJPTQDAECg0QFSEAAAAAAAAqQDAECg0QFiEAAAAAAAAcQDAECg0QGCEAAIBmZiZxQDAEEhpDS0N0b3N2R3ZfY0NGVm5kRVFnZDJnME5DZyIqaW1hZ2UvaW1hZ2VfdmlnbmV0dGVfdHJhbnNsdWNlbnRfdjJfbWVyZ2VkKCM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/53a7a71b70ef187a79a0d28dd2b87b3a.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220427&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
716f820ad040b0116bb2e41e24b47fb12c94264fe23ded8ca829daca1d8a58c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10603
x-xss-protection
0
sync
eb2.3lift.com/ Frame EE12
Redirect Chain
  • https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059
  • https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/6ce243b78b284997e927c02b87e59df511f993b2/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
c8237af9aaa63ae17670587e1dd06f7388db23a38a9f4be44c20a666f214d725

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
457
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 00:24:16 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 02 May 2022 00:24:16 GMT
location
/sync?max=10&gdpr=false&cb=80059&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rum
www.signal-arnaques.com/cdn-cgi/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.signal-arnaques.com/scam/view/388341
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/json

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.signal-arnaques.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
704c9cec98e39948-FRA
vary
Origin
rum
www.signal-arnaques.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.signal-arnaques.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.signal-arnaques.com/scam/view/388341
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/json

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.signal-arnaques.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
704c9cecb8fd9948-FRA
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8416474909997810&plah=www.signal-arnaques.com&bust=31067323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 00:24:16 GMT
generic
match.adsrvr.org/track/cmf/ Frame EE12 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ebda
eb2.3lift.com/ Frame EE12
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDc2Mzg2MDEyMjc5ODQzMjgzMw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EE12
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDSEaj8nvoKFycRfHx-KgQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDSEaj8nvoKFycRfHx-KgQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDSEaj8nvoKFycRfHx-KgQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EE12
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDc2Mzg2MDEyMjc5ODQzMjgzMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDc2Mzg2MDEyMjc5ODQzMjgzMw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI2MDc2Mzg2MDEyMjc5ODQzMjgzMw%3D%3D
date
Mon, 02 May 2022 00:24:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame EE12 		0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3260763860122798432833&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6D504CAEB17C4640996387D9392F97A7 Ref B: FRAEDGE1120 Ref C: 2022-05-02T00:24:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXd/GmSgZO0LUO+jUA8HA==
xuid
eb2.3lift.com/ Frame EE12
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3260763860122798432833?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-wY95TlhE2oShVwLaG_W8Y0W_T9kkX8k2rN59KfEP_A--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-wY95TlhE2oShVwLaG_W8Y0W_T9kkX8k2rN59KfEP_A--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 02 May 2022 00:24:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-wY95TlhE2oShVwLaG_W8Y0W_T9kkX8k2rN59KfEP_A--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame EE12
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3260763860122798432833&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3260763860122798432833&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=triplelift
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455421025682333&expires=30&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=9fcb8828-774d-4934-b5fc-5d99117ef0b4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=9fcb8828-774d-4934-b5fc-5d99117ef0b4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=9fcb8828-774d-4934-b5fc-5d99117ef0b4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 02 May 2022 00:24:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame EE12 		42 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3260763860122798432833&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:15 GMT
etag
"8120eaf0ff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EEEA37684E3B4AFDB96AA2B6447F33BE Ref B: FRAEDGE1317 Ref C: 2022-05-02T00:24:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame EE12
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3260763860122798432833
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3260763860122798432833&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3260763860122798432833&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GH4Y7J1V5Z33XKRWG9EB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3260763860122798432833&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EE12
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=80059&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Pragma
no-cache
Date
Mon, 02 May 2022 00:24:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE65 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3615
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 23:24:01 GMT
expires
Mon, 01 May 2023 23:24:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0CD2 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
664ee8d47af2e9e7bf7bc946c299cc3e979a3cd02cf92f0a7b93453907022288
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nMGZLquFz3CvRsUcF+AkeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-nMGZLquFz3CvRsUcF+AkeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 00:24:16 GMT
expires
Mon, 02 May 2022 00:24:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame DE65 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 18:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 18:13:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0CD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220427&jk=1584946475217727&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DE65 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qcp_qg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220427&jk=1584946475217727&bg=!oqGloeXNAAZNIUvJbSE7ACkAdvg8WpS_BEDMn2f-8YwgJVtxnpakssDC8EKsyN3Y7hgBqE5Uk74x-QIAAABDUgAAAAhoAQcKAKsnwdX2I24hVyS56Xx3JdWygYH5Ch4j61dW1LMYba0kEkLYbbGJWTmFsDcdR1N0cRW1Mufvfz8pnUBFopRin4cclZovYjtaIfnMtNyr8J8HnfUU-a5J-IvuGe1vFZyVix8RHboiM_YOcHK-W9GnkXg2Z8anzG9ed52vYLgI4nU7Oe5N99GMth-wgTF-q79Hon3IKkmmNqaFP_YML8l3K0-w4yagyypecIqiHTCZAtt7hnIC_Mr7EjC5V3zFDzh9N_OxIu7UY0yZYNNzOJfmypOt-yG0xQ8lCSZI3ZbN16Sb4F5cA1TD_kL_vjg_KgVPMvvP8buVxSvsveluwqw2EkROgxdI6_Y-MA8AtVIn9kV1Pdy10CSDBc-FX2Zfx4tamg1wIxZGjM2491oYYtXLR3B5uU7STJaXCg67272TPqqM8ycD__5hS49AgaYOl5NgukO24YyJjXGkaWcFasQsfNfbYI-X9adH_zh9YZcVv1u45NEjpyFfOcEiJ96rrWm8CnmUCel1GpqhL3NH7vCpS5HrYZ1kC31Vqerwwo9j7ONb6lo_4OotX2BgftCpZ4Vh1SzHnSR7QIrCjVM9rSWRgXQyM6LsX2WofCOaTGZKnVOGm4B3_gZ-PqNMwQ4Kk7L9lG2NszZws7q2wmhA2Dj8VTG0vO2VO1c5tjzy-q9ssgMkd9TBpAsy7-wOGFxFbvZms7IFgTmd-INf5_lW_K_i6EqGTNWuCJIa1sPSUpltDlPiIFoq2LmRd-EjEhdu6MpQMH1zNnb64ootp1N7bm2GyCgTZRpuk9ZP1oIVSUKm5vmsrSRMIw2fLZRKFvh2GEfUxsJUmljE4OFUq6-bqRcLM7CuuL8uIUJJQiWRArDKZvyCdCgHT2_1ICmlQugAjMGagL1OJGTejOOpvbjy7A-jQ8fe3jQF4rPQfW3aeyuCAu7ZLlE5rPFYKNLduCreFxcEQHNB2WEXKcU7AAD5dAgMFMek6Ez_5jR0UoB3lHGwCbx1ZvUN9drSgIBE9HpkG8uJ0V7HSV57kEcge_n8gVNh56Hm4MmkTywkPYejR8ZtEmx09aT9D9lehMADmXBDWi-MyJpXH3wyKnWKz8V2lJqB6Qfu8aZmbrPZrtRp29SaBsjVu8gJAAMYFLOgIW54iXSXPzgvF50rN59_sKaESdlLcyFxpyWoOjlATWiftu8NQU1iD0qFDgXfCuHTsg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
sync
eb2.3lift.com/ Frame 420B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
89595610eec120cae7b18d6fcf7947587f044b7ab18dd161941caa3c52e9c662

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
520
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 00:24:17 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 22AD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 00:24:17 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 5878 		61 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6587187179
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.2
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 0FEA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d22aa3a1f099b6aeedd26460b98e018577711448d2a9444b64ea7e9db537734

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
704c9cf28e5668fb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2CC4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 02 May 2022 00:24:17 GMT
ETag
"623de86a-cf34"
Expires
Tue, 03 May 2022 00:24:19 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame F689 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1651451053610&gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sspmatch-iframe
ads.betweendigital.com/ Frame 9325 		746 B
925 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
15291fd1224c41bd5c1ae73b96b884718c9307f102315ce2b53e04fbbd79022e

Request headers

Referer
https://www.signal-arnaques.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
746
content-type
text/html
prebid
b1h.zemanta.com/usersync/ 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.95 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:17 GMT
Content-Length
26
Content-Type
image/gif
setuid
ib.adnxs.com/prebid/ Frame 420B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3260763860122798432833
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 420B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=3260763860122798432833
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 420B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AABFcE7E3kkAACPUSyFBkg&dongle=bzwx
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AABFcE7E3kkAACPUSyFBkg&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AABFcE7E3kkAACPUSyFBkg&dongle=bzwx
Date
Mon, 02 May 2022 00:24:17 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
xuid
eb2.3lift.com/ Frame 420B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=342e13bf-c9ae-11ec-ba0e-dd9480ecc920&dongle=d54f&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=342e13bf-c9ae-11ec-ba0e-dd9480ecc920&dongle=d54f&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=342e13bf-c9ae-11ec-ba0e-dd9480ecc920&dongle=d54f&gdpr=1&gdpr_consent=
Date
Mon, 02 May 2022 00:24:17 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
342e13c0-c9ae-11ec-ba0e-dd9480ecc920
xuid
eb2.3lift.com/ Frame 420B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-fb5e8204-3d69-4234-49b3-e136e995dac1$ip$178.162.209.130&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-fb5e8204-3d69-4234-49b3-e136e995dac1$ip$178.162.209.130&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-fb5e8204-3d69-4234-49b3-e136e995dac1$ip$178.162.209.130&dongle=4430
Date
Mon, 02 May 2022 00:24:17 GMT
Connection
keep-alive
Content-Length
141
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 420B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=Ym8ksQAGLOABLAAZ
  • https://eb2.3lift.com/xuid?mid=3657&xuid=Ym8ksQAGLOABLAAZ&dongle=3c0a&gdpr=1&gdpr_consent=&_test=Ym8ksQAGLOABLAAZ
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=Ym8ksQAGLOABLAAZ&dongle=3c0a&gdpr=1&gdpr_consent=&_test=Ym8ksQAGLOABLAAZ
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1651451057.207305,VS0,VE0
x-served-by
cache-fra19180-FRA
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=Ym8ksQAGLOABLAAZ&dongle=3c0a&gdpr=1&gdpr_consent=&_test=Ym8ksQAGLOABLAAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 420B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8646490127283099469&dongle=4d58&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=8646490127283099469&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:17 GMT
X-Proxy-Origin
178.162.209.130; 178.162.209.130; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8738460c-01d8-477a-95ab-fcc75e720b2b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=8646490127283099469&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 420B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=064314f4-3456-4b90-aae3-33e7fac78f22&dongle=31ac
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=064314f4-3456-4b90-aae3-33e7fac78f22&dongle=31ac
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=4945&xuid=064314f4-3456-4b90-aae3-33e7fac78f22&dongle=31ac
Date
Mon, 02 May 2022 00:24:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 420B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8857679995411781151&dongle=d407
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=8857679995411781151&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=8857679995411781151&dongle=d407
pragma
no-cache
date
Mon, 02 May 2022 00:24:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame 420B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=2d9a626f-24ac-4500-a3f3-a31d829ea435&dongle=3995&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=2d9a626f-24ac-4500-a3f3-a31d829ea435&dongle=3995&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 02 May 2022 00:24:17 GMT
Server
MT3 4379 fe37bbe master pao-pixel-x20 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=2d9a626f-24ac-4500-a3f3-a31d829ea435&dongle=3995&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 02 May 2022 00:24:16 GMT
match
ads.betweendigital.com/ Frame 9325
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetwe...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=b0a98e34289945fca28062a26c599224&ssp=between&bsw_param=9fcb8828-774d-4934-b5fc-5d99117ef0b4&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9fcb8828-774d-4934-b5fc-5d99117ef0b4
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9fcb8828-774d-4934-b5fc-5d99117ef0b4
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=9fcb8828-774d-4934-b5fc-5d99117ef0b4
Date
Mon, 02 May 2022 00:24:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
btw
sync.dmp.otm-r.com/match/ Frame 9325 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=058590ef-f5be-527a-8c09-5152ee6675ff
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.65.201.138.clients.your-server.de
Software
nginx/1.19.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 02 May 2022 00:24:17 GMT
server
nginx/1.19.7
match
ads.betweendigital.com/ Frame 9325
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=Lh18mfJFSfx.AikABlGAgidUXg
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=Lh18mfJFSfx.AikABlGAgidUXg
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:17 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f23-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=Lh18mfJFSfx.AikABlGAgidUXg
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame 9325
Redirect Chain
  • https://mitdmp.whiteboxdigital.ru/pixel?id=058590ef-f5be-527a-8c09-5152ee6675ff&source=between&redirect=true&href=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D123%26external_user_id%3...
  • https://ads.betweendigital.com/match?bidder_id=123&external_user_id=ae4f2a92-b4ad-40bc-b9f6-22dce959cc29
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=123&external_user_id=ae4f2a92-b4ad-40bc-b9f6-22dce959cc29
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 02 May 2022 00:24:17 GMT
Server
nginx/1.21.0
Location
https://ads.betweendigital.com/match?bidder_id=123&external_user_id=ae4f2a92-b4ad-40bc-b9f6-22dce959cc29
Access-Control-Max-Age
3628800
Access-Control-Allow-Methods
GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers
Content-Length,Content-Range
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length
0
bidder_18.html
cache.betweendigital.com/code/ Frame 11A9 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=058590ef-f5be-527a-8c09-5152ee6675ff&CACHEBUSTER=818211
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 02 May 2022 00:24:17 GMT
etag
W/"60bf907f-ee9"
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
311
x-cdn-request-id
422fef2647a198e3bfda0ee733cc772f
usync.js
eus.rubiconproject.com/ Frame 22AD 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41656
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Mon, 02 May 2022 11:58:33 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 0FEA 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
400841
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
704c9cf30ecc68fb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame 2CC4 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:17 GMT
X-Proxy-Origin
178.162.209.130; 178.162.209.130; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
02633151-d6de-4f1a-b86a-93d26ebbee94
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 4572 		0
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
704c9cf34efc68fb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
setuid
ib.adnxs.com/prebid/ Frame C6FA
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=c97fc36596afb27de0db8dcc8608f3ef
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=c97fc36596afb27de0db8dcc8608f3ef
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
47d33dcd-0f93-4476-a37c-bfb61813935f
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 02 May 2022 00:24:17 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
178.162.209.130; 178.162.209.130; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
704c9cf34efd68fb-FRA
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=c97fc36596afb27de0db8dcc8608f3ef
server
cloudflare
bidswitch
event.clientgear.com/gogocookie/ Frame 11A9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=9fcb8828-774d-4934-b5fc-5d99117ef0b4
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=9fcb8828-774d-4934-b5fc-5d99117ef0b4
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=9fcb8828-774d-4934-b5fc-5d99117ef0b4
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:18 GMT
content-length
0

Redirect headers

location
http://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=9fcb8828-774d-4934-b5fc-5d99117ef0b4
date
Mon, 02 May 2022 00:24:17 GMT
content-length
0
connectmyusers.php
cdn.connectad.io/ Frame DFC1 		1 KB
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
704c9cf3df439048-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
pixel
cm.g.doubleclick.net/ Frame 22AD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZlYzVlMGYxNDc1NTkwNTU5ZDJhZmYzMGEyZjFjZDcwNzRlOTk5NQ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZlYzVlMGYxNDc1NTkwNTU5ZDJhZmYzMGEyZjFjZDcwNzRlOTk5NQ&gdpr=0
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZlYzVlMGYxNDc1NTkwNTU5ZDJhZmYzMGEyZjFjZDcwNzRlOTk5NQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 22AD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jfuRtCelR2-HMO9HAYM-Aw&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jfuRtCelR2-HMO9HAYM-Aw&gdpr=0
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jfuRtCelR2-HMO9HAYM-Aw&gdpr=0
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5T4J9AYKERH5SR1SBAN3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jfuRtCelR2-HMO9HAYM-Aw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 22AD
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=S0x4kbvqQSuQwQd-BNHpbg&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S0x4kbvqQSuQwQd-BNHpbg&gdpr=0
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S0x4kbvqQSuQwQd-BNHpbg&gdpr=0
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
96VZY70BRAESDCSAZ66T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S0x4kbvqQSuQwQd-BNHpbg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 22AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELaCiqKI2I7GTTh2Wd88ibk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELaCiqKI2I7GTTh2Wd88ibk&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELaCiqKI2I7GTTh2Wd88ibk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 22AD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
709414.gif
id.rlcdn.com/ Frame 22AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
setuid
px.ads.linkedin.com/ Frame 22AD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2NZBGBR-1D-EX1E&gdpr=0
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2NZBGBR-1D-EX1E&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: BB8D7B8B28444C3BA5617441D03E02FA Ref B: FRAEDGE1120 Ref C: 2022-05-02T00:24:17Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXd/GmidpX95RzzjOCITA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2NZBGBR-1D-EX1E&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 22AD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2NZBGBR-1D-EX1E&sigv=1&esig=2~b9ab7b6b1e17dcac05c61f30ddbccc32ccb996c4&gdpr=0
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2NZBGBR-1D-EX1E&sigv=1&esig=2~b9ab7b6b1e17dcac05c61f30ddbccc32ccb996c4&gdpr=0
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2NZBGBR-1D-EX1E&sigv=1&esig=2~b9ab7b6b1e17dcac05c61f30ddbccc32ccb996c4&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 019A
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
704c9cf40fee68fb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Mon, 02 May 2022 00:24:17 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/
1
sync-eu.connectad.io/syncer/ Frame 69B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
704c9cf43f909048-FRA
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
08c8e3eb-8a6b-4038-8d6f-999df0a6ccf5&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame AC9A
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/08c8e3eb-8a6b-4038-8d6f-999df0a6ccf5&partner_id=1010
0
393 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/08c8e3eb-8a6b-4038-8d6f-999df0a6ccf5&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
704c9cf4b8cb68fb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 02 May 2022 00:24:17 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/08c8e3eb-8a6b-4038-8d6f-999df0a6ccf5&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame 1FFC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
704c1e4d3fcc922a3031d436b584678b
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FAEE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56981
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 02 May 2022 16:13:58 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
Ym8kru8EzaEc9UlILlpKtgAA%261207
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame A58A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Ym8kru8EzaEc9UlILlpKtgAA%261207
0
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Ym8kru8EzaEc9UlILlpKtgAA%261207
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
704c9cf5495468fb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 02 May 2022 00:24:17 GMT
Expires
Mon, 02 May 2022 00:24:17 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Ym8kru8EzaEc9UlILlpKtgAA%261207
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
34a77b9d-c9ae-11ec-99d1-141922060506
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 3019
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=34a77c00-c9ae-11ec-99d1-141922060506
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/34a77b9d-c9ae-11ec-99d1-141922060506
0
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/34a77b9d-c9ae-11ec-99d1-141922060506
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
704c9cfcb9f568fb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 02 May 2022 00:24:18 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/34a77b9d-c9ae-11ec-99d1-141922060506
Server
nginx
X-fe
133
fa5f80e4-cb32-4bd2-94ec-2362dcae7020
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 80AC
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/fa5f80e4-cb32-4bd2-94ec-2362dcae7020?gdpr_consent=null&gdpr=0
0
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/fa5f80e4-cb32-4bd2-94ec-2362dcae7020?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
704c9cf7dc0c68fb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Mon, 02 May 2022 00:24:17 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/fa5f80e4-cb32-4bd2-94ec-2362dcae7020?gdpr_consent=null&gdpr=0
server
_
y-UW8g8XxE2uFkI9_NMP0.93gSsd2j60wUebvJlOI-~A&gdpr=0&gdpr_consent=
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame F0B9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-UW8g8XxE2uFkI9_NMP0.93gSsd2j60wUebvJlOI-~A&gdpr=0&gdpr_consent=
0
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-UW8g8XxE2uFkI9_NMP0.93gSsd2j60wUebvJlOI-~A&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
704c9cf6fb1e68fb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

age
0
content-length
0
date
Mon, 02 May 2022 00:24:17 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-UW8g8XxE2uFkI9_NMP0.93gSsd2j60wUebvJlOI-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
PugMaster
image6.pubmatic.com/AdServer/ Frame FAEE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37814354&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bc85645f4b3a11bcf637d78a78a66fabb25d5e9136b6840b6029827d37b05a1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 90A7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 02 May 2022 00:24:18 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 02 May 2022 00:24:18 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1502E6FA-2081-4535-A9FD-8210E8EEF8B8
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 705C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2d9a626f-24ac-4500-a3f3-a31d829ea435&gdpr=0&gdpr_consent=
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2d9a626f-24ac-4500-a3f3-a31d829ea435&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 02 May 2022 00:24:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug025:0:437

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 02 May 2022 00:24:18 GMT
Expires
Mon, 02 May 2022 00:24:17 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4379 fe37bbe master pao-pixel-x26 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2d9a626f-24ac-4500-a3f3-a31d829ea435&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame D216
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5968812546922592617
42 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5968812546922592617
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 02 May 2022 00:24:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug015:0:284

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5968812546922592617
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame A7D2 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 00:24:17 GMT
expires
Mon, 02 May 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
508415
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
1502E6FA-2081-4535-A9FD-8210E8EEF8B8
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 1B71 		0
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/1502E6FA-2081-4535-A9FD-8210E8EEF8B8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
704c9cf7cc0868fb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 00:24:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FAEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FQLm-iCBRTWp_YIQ6O74uA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=56981
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 02 May 2022 16:13:58 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame FAEE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2d9a626f-24ac-4500-a3f3-a31d829ea435
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2d9a626f-24ac-4500-a3f3-a31d829ea435
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 02 May 2022 00:24:18 GMT
Server
MT3 4379 fe37bbe master pao-pixel-x22 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2d9a626f-24ac-4500-a3f3-a31d829ea435
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 02 May 2022 00:24:17 GMT
generic
match.adsrvr.org/track/cmf/ Frame FAEE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=1502E6FA-2081-4535-A9FD-8210E8EEF8B8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame FAEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTUwMkU2RkEtMjA4MS00NTM1LUE5RkQtODIxMEU4RUVGOEI4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:384
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FAEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHrm-BMhaniK5Isnbb2BIkY&google_cver=1
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHrm-BMhaniK5Isnbb2BIkY&google_cver=1
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:315
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHrm-BMhaniK5Isnbb2BIkY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame FAEE 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 01 May 2022 00:24:17 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FAEE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6000409301337650221
42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6000409301337650221
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:18 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:417
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:18 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6000409301337650221
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame FAEE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame FAEE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8646490127283099469&gdpr=0&gdpr_consent=
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8646490127283099469&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:389
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 00:24:17 GMT
X-Proxy-Origin
178.162.209.130; 178.162.209.130; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8ad38495-8c7e-4dd6-aafb-df01a0f2c79a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8646490127283099469&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FAEE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Q6BYmEemD5pYpFjIE_NDyBeiDJtYp1qdQ6CUIe-P
42 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Q6BYmEemD5pYpFjIE_NDyBeiDJtYp1qdQ6CUIe-P
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:506
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Q6BYmEemD5pYpFjIE_NDyBeiDJtYp1qdQ6CUIe-P
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
sync3.sniperlog.ru/ Frame 11A9
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiyybyTBlIFl4XSlAY*
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiyybyTBlIFl4XSlAaiARA0Xgogya4R7IbgACWQwGR8
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABiyybyTBqIBEDReCiDJrhHshuAAJZDAZHw*
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiyybyTBqIBEDReCiDJrhHshuAAJZDAZHw*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=345e0a20-c9ae-11ec-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=345e0a20-c9ae-11ec-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=gOtz14RGIrH0r82LurUATg&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=gOtz14RGIrH0r82LurUATg&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=gOtz14RGIrH0r82LurUATg&extra2=aidata&google_gid=CAESEATBnjdlgLvQvFjhVLjIpvA&google_cver=1
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync3.sniperlog.ru/?src=ggl&extra1=gOtz14RGIrH0r82LurUATg&extra2=aidata&google_gid=CAESEATBnjdlgLvQvFjhVLjIpvA&google_cver=1
Protocol
HTTP/1.1
Server
31.172.81.172 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:18 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync3.sniperlog.ru/?src=ggl&extra1=gOtz14RGIrH0r82LurUATg&extra2=aidata&google_gid=CAESEATBnjdlgLvQvFjhVLjIpvA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame ABEE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=058590ef-f5be-527a-8c09-5152ee6675ff&CACHEBUSTER=818211
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 00:24:18 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 02 May 2022 00:24:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame ABEE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 00:24:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41655
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Mon, 02 May 2022 11:58:33 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame ABEE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&gdpr_consent=undefined&gdpr=0&khaos=L2NZBGBR-1D-EX1E
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
818211
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 11A9
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/818211
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/818211
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/818211
Protocol
H2
Server
2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software
ms-counter-3.3.5/1.20.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:18 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.3.5/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:18 GMT
server
ms-counter-3.3.5/1.20.2
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/818211
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 11A9
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=058590ef-f5be-527a-8c09-5152ee6675ff&expires=60
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9fcb8828-774d-4934-b5fc-5d99117ef0b4&gdpr=&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9fcb8828-774d-4934-b5fc-5d99117ef0b4&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.137.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:18 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9fcb8828-774d-4934-b5fc-5d99117ef0b4&gdpr=&gdpr_consent=
Date
Mon, 02 May 2022 00:24:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/usync/ Frame FEE7 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=058590ef-f5be-527a-8c09-5152ee6675ff&CACHEBUSTER=818211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
058590ef-f5be-527a-8c09-5152ee6675ff
an.yandex.ru/mapuid/betweendigitalis/ Frame 11A9
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F058590ef-f5be-527a-8c09-5152ee6675ff
  • https://an.yandex.ru/mapuid/betweendigitalis/058590ef-f5be-527a-8c09-5152ee6675ff
  • https://an.yandex.ru/mapuid/betweendigitalis/058590ef-f5be-527a-8c09-5152ee6675ff?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/058590ef-f5be-527a-8c09-5152ee6675ff?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:19 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 00:24:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 02 May 2022 00:24:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:19 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 00:24:19 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/betweendigitalis/058590ef-f5be-527a-8c09-5152ee6675ff?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 02 May 2022 00:24:19 GMT
sync
t.adx.opera.com/ Frame 11A9 		0
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=058590ef-f5be-527a-8c09-5152ee6675ff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:19 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TRIPLELIFT1&ol=3537061256&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98bjmPghU%3C4Y%24%26Pz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-QWZbXVZgr1f3LlF%2Fnkx0mb91P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-4hXA3ZfY41ErZQ%3D%3D&sc=1&os=1-tQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.signal-arnaques.com%2Fscam%2Fview%2F388341&id=1&ii=4&f=0&j=&t=1651451054518&de=657392047205&cu=1651451054518&m=5307&ar=bee2df476bf-clean&iw=2a1d5c5&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4131&le=1&lf=118&lg=1&lh=26&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A490%3A490%3A3887%3A852&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5095&cd=53&ah=5095&am=53&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4338%3A63971%3Aundefined%3A10&bo=3690&bd=signal-arnaques.com&gw=triplelift879988051105&zMoatOrigSlicer1=3690&zMoatOrigSlicer2=49187&zMoatTactic=undefined&zMoatPixelParams=aid%3A4760471789224572977436%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=1&jm=1&tc=0&fs=198121&na=1886440191&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.signal-arnaques.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 00:24:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 02 May 2022 00:24:19 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FAEE 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:24:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kvt.sddan.com
URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https://www.signal-arnaques.com/scam/view/388341

Verdicts & Comments Add Verdict or Comment

333 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| __tcfapi function| __uspapi object| dataLayer string| YCL object| _csrfToken string| LANGUAGE_URL_PREFIX string| FPJ_VALUE string| ONLINE string| ISMOBILE object| sib object| sendinblue object| $jscomp function| $jscomp$lookupPolyfilledValue object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay function| _ function| Sweetalert2 function| swal function| sweetAlert function| gtag function| $ function| jQuery function| bootstrapButton function| bootstrapTooltip object| jQuery19105623203116442397 string| scamId string| activity string| scamgroupId string| edit string| domName object| opts string| pfx function| MobileDetect function| toggleFollowingActivity object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined string| google_user_agent_client_hint object| http string| url number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| ix_lib object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26300 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetRichAudienceZone function| GetAdmixerZone function| GetGothamadsZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText string| pubstack_ab object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26300 object| md object| google_tag_manager function| mapperjs boolean| sas_usePostStandard boolean| sas_useID5Module object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode function| google_sa_impl object| googleToken object| googleIMState object| gapi object| ___jsl string| EXPERIENCE_DATE_LIMIT object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| SCAM_ID number| SCAM_USER_ID function| tmzrChunk object| _pbjsGlobals object| ADAGIO object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 object| pubstack_publica number| bidder_geo object| headertag string| GoogleAnalyticsObject function| ga function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| libJsLeadPlace function| refreshVisibility30012 function| Adcall_30012 object| Yii function| options function| initTabGroup function| initTabScam function| initNewGroup function| getContent function| joinAction string| listType string| groupPart function| doGetCaretPosition function| setCaretPosition function| replaceURLWithHTMLLinks function| keyUpHandler function| updateList function| removeCommentSwall function| editCommentFailedSwall function| getFilesDescriptions function| copyToClipBoardClick function| copyToClipBoard function| removeCommentSuccess function| updateCommentList function| sendReply function| disallowReply object| commentList object| yii function| MessageWidget function| DP_jQuery_1651451052997 function| DP_jQuery_1651451053005 function| commentfileUploadInit object| CommentAdd object| CommentAddGroup function| checkExperienceDate function| uncheckExperienceDate function| updateExperienceDateCommentsList function| getExperienceDateHtml function| reportComment_clickHandler function| sendCommentReport_clickHandler function| closeReportingCommentClick function| notIos_ReportCommentModal_ShownHidden object| _tooltipComment boolean| _reportRequestLaunched string| clickHandler function| reportActivity_clickHandler function| sendReport_clickHandler function| closeReportingActivityClick function| notIos_ReportActivityModal_ShownHidden object| _tooltipActivity function| setFpjc function| getFpjc function| startFpj function| assignFpj function| axios function| Fpj2 object| __CF$cv$params number| offset object| __cfBeacon object| regeneratorRuntime function| __tcfapiui object| FB object| __twttrll object| twttr object| __twttr object| gaplugins object| google_optimize object| gaData object| gaGlobal object| recaptcha object| closure_lm_387705 boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| tmcredentials object| googletag object| apntag object| _ADAGIO object| bid undefined| vastUrl object| targetingParams undefined| Adcall_26322 undefined| Adcall_26323 undefined| Adcall_26325 undefined| Adcall_26326 undefined| Adcall_26328 undefined| Adcall_26711 string| Smart_SR_data object| ONFOCUS object| slowBidders object| adsArea30012 object| observers30012 function| refreshQueueManager30012 function| loopChecker30012 undefined| Adcall_79570 undefined| Adcall_video object| google_llp number| _tlTagsPending number| google_lpabyc object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| DOMlessLLDcallback_73698521 object| el object| lastBidder30012 object| GoogleGcLKhOms

116 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQoaCdkYgwCgoIgQIQoaCdkYgwCgoI4gEQoaCdkYgwCgoI5gEQoaCdkYgwCgoIhwIQoaCdkYgwCgkICRChoJ2RiDAKCQhJEIynnZGIMAoJCAsQoaCdkYgwCgoIjAIQoaCdkYgwCgoIjgEQjKedkYgwCgoIzgEQjKedkYgwCgoIkQIQjKedkYgwCgoIkgIQjKedkYgwCgoIlAIQjKedkYgwCgoI1gEQjKedkYgwCgkIORCMp52RiDAKCQg6EKGgnZGIMAoJCBsQjKedkYgwCgkIXxChoJ2RiDAKCQgfEIynnZGIMA==
www.signal-arnaques.com/ Name: advanced-frontend
Value: u30hstkn4nm72tr2eeogdd6kes
www.signal-arnaques.com/ Name: _csrf-frontend
Value: f50886bd46a57c35c3477dae278c4cea06f601b3fbdba228756417290e116438a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22KsohhNcxNKZjN8mMujYD2AF_dgoH21GP%22%3B%7D
.www.signal-arnaques.com/ Name: sib_cuid
Value: a7f34478-5c92-4488-8c22-e59cc1413731
.zeotap.com/ Name: zc
Value: b41456fe-dbf9-403a-6ac2-0be5dcd3882d
.zeotap.com/ Name: zsc
Value: %C9%B5t%07%A8%E0%A2%9AKr+%CDT%A5%A5%AB%3E%E6%95%B0%CB%D3%3DA%D9iuB%8D%A5%27%CA%D9Cc%D6%D5Vx0%A8Z%88%D0%7F%B7+%0B%3D%C5U%90%5D%9C%F6%8F%A8%12G1%A7.%E0L%AA%7F%5Bz%297%05_%E9sj%B9%DA%01%DF%5B%21%7C%CCxjB%29%CB%AA%F3%BE1%B8%DE%D0i%3B%B8%E3~%D3%E0%D8%9E%04
.agkn.com/ Name: ab
Value: 0001%3AdDEyZjBoEI%2FhxcOj5Tdh%2FRCL72gZKwLD
.adnxs.com/ Name: uuid2
Value: 8646490127283099469
.mathtag.com/ Name: uuid
Value: 2d9a626f-24ac-4500-a3f3-a31d829ea435
sibautomation.com/ Name: uuid
Value: fe215923-9cd1-4f05-ae11-7da7d122996e
www.signal-arnaques.com/ Name: timezone-offset
Value: e2ab908957b2eee9717953010e54b69830f1ed4f423bc8cd3360250b3c4624fca%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22timezone-offset%22%3Bi%3A1%3Bs%3A1%3A%220%22%3B%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUmeQ8Wk9rexte-2KSdSikIm4sPb_uj5wSJZ_4ZjuZzrCO0VORoSbH7bY-2k9ys
.demdex.net/ Name: demdex
Value: 36330359507202384782875764095815842546
.dpm.demdex.net/ Name: dpm
Value: 36330359507202384782875764095815842546
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.signal-arnaques.com/ Name: _gaexp
Value: GAX1.2.fL5ZZOxfTq2-ZL2YPrqOtg.19140.3
.signal-arnaques.com/ Name: _ga
Value: GA1.2.1551782448.1651451053
.signal-arnaques.com/ Name: _gid
Value: GA1.2.303006075.1651451053
.signal-arnaques.com/ Name: _gat_UA-52231022-1
Value: 1
.cpx.to/ Name: cpSess
Value: 29d8f0db0ada8831
www.signal-arnaques.com/ Name: fpjc
Value: 0f075caa2ecbf09ec4c200c9729fa5b5
.quantserve.com/ Name: mc
Value: 626f24ad-666fa-6b0be-54c62
www.signal-arnaques.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.signal-arnaques.com/ Name: sharedid
Value: 3c160d2a-9440-4cb1-a2e1-573b9f07681e
.signal-arnaques.com/ Name: __qca
Value: P0-1160041930-1651451053402
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1502E6FA-2081-4535-A9FD-8210E8EEF8B8
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 058590ef-f5be-527a-8c09-5152ee6675ff
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.smartadserver.com/ Name: pid
Value: 1726461769657391240
.cpx.to/ Name: dsp_dbm
Value: CAESEC1wg9Remijlt6sdlOMf9Ik#1651451053612
.signal-arnaques.com/ Name: __gads
Value: ID=318bf2769220998e-22a0b6b188cd0062:T=1651451053:RT=1651451053:S=ALNI_MZGrFbpjw5cJsQELLld9EQYyy63wg
.cpx.to/ Name: dsp_app_nexus
Value: 8646490127283099469#1651451053644
.cpx.to/ Name: dsp_pubmatic
Value: 1502E6FA-2081-4535-A9FD-8210E8EEF8B8#1651451053674
.adnxs.com/ Name: icu
Value: ChgIl5J9EAoYASABKAEwrcm8kwY4AUABSAEQrcm8kwYYAA..
.rubiconproject.com/ Name: khaos
Value: L2NZBGBR-1D-EX1E
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqMe0FHYn76qy+IXqvPVzt4X6LBWwGzep3j+CQiMALPWXPzTEj+m5acZXONW1xT6iQe42/mX5R9ByiqUBrLCgDqJhsHlJbldDcVa50ynPZUiKZr5ZVxLWDe
.signal-arnaques.com/ Name: cto_bundle
Value: M4EXuF9ydG5lVTVzTnFFbFlabkRHVWdQeDd1QVZzSHZtalNZZlhWN2VwUnlUQjhSZXlUQUlSc0FNNk5lRGhENTlZN294WU1zQ2U0QnYwT0c1c1VIcDBwUDE2emlheVdZZUdqOW9iZ0NMSmZMeFdxS1olMkZHdXJYTzQzQkdjeVhSb0VjdGpW
.signal-arnaques.com/ Name: cto_bidid
Value: UQZtYl80VHBpYTJ3TW9rTzljTko4aHNXdXdLS1FsRyUyRkVJSTE5OUI2REZZTzM0bnBWenVBWkNsQ1ZWZ1dIZmEyU3ljdGpNRkp4WmxheWVRd25rbDRKR0xYMjNRJTNEJTNE
.signal-arnaques.com/ Name: __cf_bm
Value: z8hqdBJXFoChv2vFR3W17HbkGN2fLq0hwAeLm35BaUc-1651451053-0-AcgrtMQyWl7szUxJr2qdJoVHYJ9jIQeIc2HacpPg/QR1//yEhAJrbz6+76pQY5l0KJNYE1s4DTtSAKqdgrmcx5XfZFlRH1/crXKOSTkAhpHO5TdVV9T8yVeMtrm6inECWQ==
.heretic-sas.com/ Name: __cf_bm
Value: rNmaYBqotQORR0xBJ9uvxADCm94GDFc.hQjSvyFI778-1651451054-0-AXILv9nIuc+F5cNVl+rNleghPt5/Pba5JFWpoeqtjSYiMz8/bX9K0eiV1eKWW3oroZfsA7VEVRnPntqeUZE834GrqK+dXRAmGToIH6rP5Cd9nCEDdyCDT1G08y+nj5AznQ==
.casalemedia.com/ Name: CMID
Value: Ym8kru8EzaEc9UlILlpKtgAA
.casalemedia.com/ Name: CMPS
Value: 5235
.casalemedia.com/ Name: CMPRO
Value: 1207
.innovid.com/ Name: uuid
Value: 2c2d38b0-7405-436b-8600-154c62bede5d-20220501 20:24:14
.3lift.com/ Name: tluid
Value: 3260763860122798432833
.bing.com/ Name: MUID
Value: 364E751443EF6C81217B648C423D6D74
.yahoo.com/ Name: A3
Value: d=AQABBLAkb2ICEHUZzfXJCt629EnYYwz0IjsFEgEBAQF2cGJ5YgAAAAAA_eMAAA&S=AQAAAuiW0gqRP3UVfc5c2GsXOT4
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&762b0350-2102-454e-8ce5-07e79102e5ac"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTE0NTEwNTY7MjswMjEKj10OgnqeiZt7WtEguS1aMgpRgAKY3lDYd6dGUBzNVA==
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2616:u=1:x=1:i=1651451056:t=1651537456:v=2:sig=AQFSyHhB9bP_cN3EAbV5jQcpnYrpaayJ"
.amazon-adsystem.com/ Name: ad-id
Value: A-trZQ63DE_WriBWxZofkWI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidswitch.net/ Name: tuuid
Value: 9fcb8828-774d-4934-b5fc-5d99117ef0b4
.bidswitch.net/ Name: c
Value: 1651451056
.bidswitch.net/ Name: tuuid_lu
Value: 1651451056
.turn.com/ Name: uid
Value: 8857679995411781151
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxMjQwMjWzMDI2NhbiM9S1KCj2DzSOCAxKKcyX4jU0MzU0MTU0MDU3NDIHAI0TCIU0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmpoYmpoYGpuaGQBAPQqw8EQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxMjQwMjWzMDI2NhbiM9S1KCj2DzSOCAxKKcwHAJoyxLMlAAAA
.mfadsrvr.com/ Name: tuuid
Value: 064314f4-3456-4b90-aae3-33e7fac78f22
.mfadsrvr.com/ Name: c
Value: 1651451057
.mfadsrvr.com/ Name: tuuid_lu
Value: 1651451057
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1651451057
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ym8ksQAGLOABLAAZ
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2Ileif+Nj!]tbP6j2F-.aE@%O4WYq=0R!>7B$:Aglg(q3jPQl7A2R$00:B[6WH=scev$d5/1OAf_^oD/X+GY1Qw2Q%Ty_$
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJjOTdmYzM2NTk2YWZiMjdkZTBkYjhkY2M4NjA4ZjNlZiIsImV4cGlyZXMiOiIyMDIyLTA3LTMxVDAwOjI0OjE3WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA1LTAyVDAwOjI0OjE3WiJ9
.whiteboxdigital.ru/ Name: MiId
Value: ae4f2a92-b4ad-40bc-b9f6-22dce959cc29
.bidr.io/ Name: bito
Value: AABFcE7E3kkAACPUSyFBkg
.bidr.io/ Name: bitoIsSecure
Value: ok
.adhigh.net/ Name: gi_u
Value: Lh18mfJFSfx.AikABlGAgidUXg
.admixer.net/ Name: am-uid
Value: b0a98e34289945fca28062a26c599224
.adhigh.net/ Name: btw_sync
Value: jlE
.360yield.com/ Name: tuuid
Value: 08c8e3eb-8a6b-4038-8d6f-999df0a6ccf5
.360yield.com/ Name: tuuid_lu
Value: 1651451057
.casalemedia.com/ Name: CMST
Value: Ym8krmJvJLEA
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fb5e8204-3d69-4234-49b3-e136e995dac1.wEBpswnkdROo1L5hsWgWO8J7iotsUGRFkXXvGYCHPj4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-16CBD1pQjRJs-E26ZXawbKi0YI.544L3rfctK2mQ0BCKTOdxwUswkLUwtOCdco1Pg5gzdQ
.betweendigital.com/ Name: ut
Value: Ym8ksQAJYlj8dIiAM-4bp8vg5H_bnhneROzLKg==
.analytics.yahoo.com/ Name: IDSYNC
Value: 198a~24nc
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158810:3
.pubmatic.com/ Name: DPSync3
Value: 1651536000%3A174%7C1652659200%3A197_219_201
.pubmatic.com/ Name: SyncRTB3
Value: 1652659200%3A21_13_7_8_220_161_56_54_3%7C1652745600%3A35
.quantserve.com/ Name: d
Value: EPsBDgGFJoEO-TA
.ipredictive.com/ Name: cu
Value: 342e13bf-c9ae-11ec-ba0e-dd9480ecc920|1651451057857
.smilewanted.com/ Name: sw_user_params_infos
Value: wjcGj%2BSXCPPEwJpEnBLqfY8KbAwCDYkGGOioDWICeRiuM05v6CyGoDUHlMlVKrwFzSSXmpD8QT%2BOS81C1WbLP6YRBbBU%2FQHf6bCR1PmxViR4BnNMJ5R3DfbOTpenY1pXL8kzO10fPUSYFjvx4YRLDmA5S1gYSdMIA3UIoUBBDAs6I8cSgkLClhtTeIgVQd23vCdMUEgRDcRRZc6YIVwrdnLggLXQUU1rT%2BZuGOvi6z%2F5LgcwOHnPIWDCpfxzFR%2BGwgF%2BCJQtR9I1ggXNbecwTfxmr8yEwIW%2FB92agYJFt16BSqDK%2Fm%2BStZnH0r7FLD2PAzuZTBip3ADiADOmd06dxvaQdX5J0vTEGNRsStNf7TiX5Uw6Y3ZAXGgAIlPPGYT45NUemnHC8Gq6bWHGsyAorhbVsWJhGaecXSEWqgxVcpNYfizdwhJRl66odZkjeafT
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Q6BYmEemD5pYpFjIE_NDyBeiDJtYp1qdQ6CUIe-P&KRTB&19420-Q6BYmEemD5pYpFjIE_NDyBeiDJtYp1qdQ6CUIe-P&KRTB&22979-Q6BYmEemD5pYpFjIE_NDyBeiDJtYp1qdQ6CUIe-P
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8646490127283099469&KRTB&23339-8646490127283099469
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHrm-BMhaniK5Isnbb2BIkY&KRTB&16514-CAESEHrm-BMhaniK5Isnbb2BIkY&KRTB&23025-CAESEHrm-BMhaniK5Isnbb2BIkY
.simpli.fi/ Name: suid
Value: 5D326C4D147445B9B5E6CF91BC8B257D
.de17a.com/ Name: guid2
Value: 1.5968812546922592617
.adsniper.ru/ Name: uuid3
Value: IiQzNDVlMGEyMC1jOWFlLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.bumlam.com/ Name: suuid3
Value: IiQzNDVlMGEyMC1jOWFlLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.onaudience.com/ Name: cookie
Value: 37f3110af55534bd
.onaudience.com/ Name: done_redirects147
Value: 1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4065567543558910469
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5968812546922592617
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6000409301337650221&KRTB&23263-6000409301337650221
.pubmatic.com/ Name: PugT
Value: 1651451058
.aidata.io/ Name: __upin
Value: gOtz14RGIrH0r82LurUATg
.aidata.io/ Name: __upints
Value: 1651451058
x01.aidata.io/ Name: adsnpr
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2d9a626f-24ac-4500-a3f3-a31d829ea435&KRTB&16736-uid:2d9a626f-24ac-4500-a3f3-a31d829ea435&KRTB&23019-uid:2d9a626f-24ac-4500-a3f3-a31d829ea435&KRTB&23208-uid:2d9a626f-24ac-4500-a3f3-a31d829ea435

9 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.signal-arnaques.com/scam/view/388341
Message:
Access to XMLHttpRequest at 'https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https://www.signal-arnaques.com/scam/view/388341' from origin 'https://www.signal-arnaques.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https://www.signal-arnaques.com/scam/view/388341
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3260763860122798432833
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=3260763860122798432833
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/709414.gif?gdpr=0
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271802&client=ca-pub-8416474909997810&fa=2&ifi=3&uci=a!3&btvi=1&xpc=m0xfvcWCWw&p=https%3A//www.signal-arnaques.com
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.themoneytizer.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adtrack.adleadevent.com
adx.adform.net
ag.innovid.com
ajax.googleapis.com
an.yandex.ru
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
b1h.zemanta.com
b1sync.zemanta.com
beacon.walmart.com
btlr.sharethrough.com
c.bing.com
c.tmyzer.com
c1.adform.net
cache.betweendigital.com
cc.adingo.jp
cdn.connectad.io
ced.sascdn.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
consent.heretic-sas.com
csync-eu.smartadserver.com
csync-global.smartadserver.com
csync.loopme.me
csync.smilewanted.com
d2zur9cc2gf1tx.cloudfront.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
ib.3lift.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
in-automate.sendinblue.com
inv-nets.admixer.net
js-sec.indexww.com
kvt.sddan.com
match.adsrvr.org
match.prod.bidr.io
mitdmp.whiteboxdigital.ru
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
p.cpx.to
p.rfihub.com
p4-b5ya3u2no6fr6-nqw5oqwzwcw2sssw-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
pool.grid-data.bidswitch.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.smilewanted.com
px.adhigh.net
px.ads.linkedin.com
px.moatads.com
quantcast.mgr.consensu.org
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
shb.richaudience.com
sibautomation.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.bumlam.com
sync.dmp.otm-r.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync3.adsniper.ru
sync3.sniperlog.ru
syndication.twitter.com
t.adx.opera.com
tag.leadplace.fr
tags.mathtag.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.signal-arnaques.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
z.moatads.com
kvt.sddan.com
104.22.69.131
104.244.42.200
108.138.2.183
13.32.99.100
13.88.42.153
138.201.65.75
142.250.184.194
142.250.184.226
142.250.184.227
145.239.193.51
145.40.89.200
146.0.227.109
151.101.2.49
151.139.128.11
151.236.118.210
157.90.3.144
162.55.236.224
169.50.137.184
178.250.0.157
178.250.2.151
18.170.16.189
18.185.181.98
185.255.84.150
185.33.221.50
185.64.189.110
185.64.190.80
185.64.190.81
185.86.137.114
185.86.137.131
185.86.137.133
185.94.180.126
188.42.191.196
193.0.160.129
194.190.76.45
198.47.127.19
198.47.127.20
2.16.186.26
2.18.233.201
2001:678:cb4:bbbb::11
2001:6d0:4001::226
209.54.176.128
213.155.156.181
23.205.235.133
23.35.236.188
23.35.236.201
23.35.236.247
23.35.237.151
23.88.75.189
2600:9000:223c:3c00:6:44e3:f8c0:93a1
2600:9000:236e:e400:9:46dc:4700:93a1
2602:803:c003:200::51
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:37ce
2606:4700:10::ac43:db6
2606:4700:20::681a:1c6
2606:4700:20::681a:9a9
2606:4700:3034::ac43:805f
2606:4700:4400::ac40:996f
2606:4700:440e::ac40:9c1a
2606:4700::6811:90c
2606:4700::6812:372
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:801::2002
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
2a02:2638::1c
2a02:26f0:6c00::210:ba0b
2a02:26f0:6c00::210:ba18
2a02:6b8::90
2a03:2880:f01c:8012:face:b00c:0:3
2a05:d018:d29:3602:1396:457e:6f4c:9f77
2a05:d01c:1d8:8100:fcf5:ef31:f27f:f1a6
3.124.247.47
3.126.56.137
3.33.220.150
3.68.148.208
31.172.81.158
31.172.81.159
31.172.81.172
34.120.133.55
34.236.235.128
34.98.67.61
35.156.201.25
35.157.220.171
35.211.178.172
35.227.252.103
35.244.174.68
37.157.2.234
37.157.4.29
37.252.173.22
46.249.52.249
47.252.78.131
50.31.142.95
51.195.5.45
51.222.80.231
51.75.86.98
52.211.48.15
52.49.66.40
52.50.60.18
52.59.116.64
52.94.220.185
54.217.249.234
54.38.64.100
54.64.206.14
54.77.41.50
54.82.134.209
64.202.112.255
69.173.144.139
69.173.144.165
74.121.143.240
74.121.143.246
76.223.111.18
81.163.17.245
82.145.213.8
89.108.120.68
96.16.141.156
99.81.62.190
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
0412c253ef97503c889613306b73d5c1e5ae956828aaa2d59b0e32ce7c942ea6
04c091c0a61fd6776cf307a60c6acf243271f48fa92bdbccfe4d2d84eec8f1c6
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09099a5f6b8add7e52a39b8ed5850ad8093363748c20ec59859e281031522f8a
0957bc246046f3e667939246c4c8888d23f9027d0250e6c8b5d67c4964f08eff
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0fdf6263d195011f19590877d752b8eb68941b7fa039202314b8cbd536604f69
10456e303fca18bb69dea0060c97da6b5f18435072b7bdc716746c23da67fe75
10ba9f0948782ff0173005188e6bcf75b34618b3633285d1228ed96d17697185
15291fd1224c41bd5c1ae73b96b884718c9307f102315ce2b53e04fbbd79022e
158c79f8f043da4ab01133ab8a46a6592a46cf370d5e38e025bc6435a9c06c60
1761d30d6966673031a8ff581c89ae60eb27c8fa229673ecd3aa548b37c3b4f5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ce69b07de503667c61ff053b461601e2ce0343ac0c1197029c4ab07cf76233
198b2757e214f0bdc11ad92501b14f236fabad0b26777fd6e1f0cde34d308eac
19d54fe6aa52ab9e16aee43b110f24af75e37c690b512a4e61676e88f943b7b8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cb6114f93da11ad3eb003fd9a64fd9c5506e49afd6547f001eb2b4c60107e70
1d125190e523ca5966223c1da52646daae0d9dd3150da59acc309b567dc767f7
20daf678e0ee043638fecd2a0ce38c691cf711504a41069c5ab907002904d816
2286b87d134e4af5f96e880ada03fa42fe168d7a8cc4b019dd58b83e7d486c56
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2762ccea71e5d0f15aa88cb405c581eec8bb30eb392589a11e5435e55b75392a
2a382915a44c34a3f5b367f3a2ed19b2c50a7f8e479360870ccd2627cc768316
2a71a362be867e35ace74fdd5a2cd309af39da70250d973e000ed810dd8e5a64
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2acc0b4868b17a88546d8b8f25bd47d0f46f389c3525ed0594c704320b1322f3
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2b66aba6530a4275574fb199306a40682adee1ec1ed255e5f3df0f3c4504f40b
2ba5b5d0c0d833df3a1c94ac7092ceb06bf968efb97ec2703fbd020524693922
2c2a3c83a4e309f316638a86dc8513056309daa032ff6c587fbe753c4a48f4b3
2e8fdc2417c25949079a72f1714dd7afc195bddc4b4b973a589ad8235928a1a1
2f91188245fc065fd6c502d1e3b262033871fea5a2c7c87b7cf9b06af29b30c6
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
30b9565d98805ee20815261ecaee264cc816dbf844e5977369b9927fba0fe312
3376cbd6e1a177a5c017eb59284304b91e4bb794e7915ec70fe3037b064fb093
34bfb1c53f424622eaeb0088d84f3b25fbc4ecc69ed4c4f56cee6c686a1f1c61
361f72f8a4fd3d2cb53eb1113a03c445b73827f142add85f31261b2a73b83c08
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38429ed1aef2f088f912d2ea07ec74734a93885f3f2a289d3ea309a88d3a7fb0
386a9e19984d1c4474f02a0acdc25516d40dc88527adbaa37a222d874f86734e
3a9ed2d5a23c2bb4cf0b2c1066f1ca5348bbda41c57c627e68fe595f5ec92560
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d22aa3a1f099b6aeedd26460b98e018577711448d2a9444b64ea7e9db537734
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
41e9617e86ff8016e7b8db4db16ce0bd4b78d5ec953b02908fb7be109f5cd8c4
423ce3611f9b062e2ed88157e935fe28130edc87ccd6bef5b750faab7e24d249
4298d4a277561300fa5a6fec531ade995060f05861146c23962f1296eb4451a4
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447ca3a97e3cf55835cb3034b55810b1c6f63955776190d00281f53069b7090c
45ee5f637266ee5aabed8a381549bef77942e784b650e0fb4056c424a62e84f3
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d3399db2787956cf92c105524a23dd5bf9588eebc406a7bac06017659d7b73f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4df27efd0cb59263899762b6d613958a952ff33244ffb99ee2bbe679461da0a2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fc41b75b04cdb61f83dfe1ded1fd78b770bfe8f1689822a4dff38b6a421d63b
501d101ef7e1a0b3c7e74ff1d5c497b5a8b5ed3a32956b326846beff9d359c0f
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
5489cff1f4e131a2c1674549214cb3b131e5e300d4d0df0c2191e312461bc75b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
592c69a8bdcbafc86c4d3e1978b15c8108f9b0f1cf0b7db126b96e95ebdc95a4
59fedc3a485206b15c05de2a30199f268c05d5860fa9b642b1124f92f709b4ee
5bfab095c00b90d1c1ec499b770605c09eb8e2286504fabc89820be04464a0d2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d41e70b9943705d7dac5fb5e2dc0b0e559b2da511c118a126dfb7cc3d7aea56
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6275a1a04ce7add076e83814e6fba53ef080f134b4d4af277be7290581830131
639e668bd672ebb1fd41335a13895260cff202be6cc898ba43bf4b622a49c87d
640255a01451e54d9cd87939d4c7e958d82a672db5ff8fa4958ad07a44b90a9a
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
664ee8d47af2e9e7bf7bc946c299cc3e979a3cd02cf92f0a7b93453907022288
664f6f43724648146281333fb952f724da7bc00bd9af19606a10f7eca8b38672
6711c3bfd2ee52b6cad608bc28f735e23bd51d18bebda453c1e0b7075b53f01a
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
68c22d7f0f18e872ba355615a021ca740fa6bade2b38c4267767a7f2e5590e20
6a73b51a8588a606f360f33a9829565e622627877c1d127d5663a411026afd62
6cd984ce4b82562faf4f710d01f01759e3aefcf3bf9a17334d4c44a3f4cb947c
6e27013350cec0dadc5bf5fd07c0922cf371e915301f26edc77db353c4d3a389
6ec464824d178992ba75c33d46b5e8c73fcd0fd83ea26840e48cd91c83b85adf
6fa0ad4cdd6752550185c1107b7c59127a5fcb17daac59daba2a3be1309d35a8
70e05a2b1f33e3b3c0553a5ae231e9626862a958b7369ca57be2b9cb8fefb287
716f820ad040b0116bb2e41e24b47fb12c94264fe23ded8ca829daca1d8a58c1
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
74dc28ec5035781538f06a092a653d86792805e065717f08fad9039a615cbf3f
769d077eaba2e0219995cd3172a1d566c136dac4dc521131a6660591de0f2557
798f5481a5a9a77bdd05e6949f9ca2f61cf3957fa191a937bb99da277ae8802e
79d225821b0d5d3ba4a75346bfbc65a815388286dbe8a4d5467aa9d99c53d07c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c6d20ce50797421136114f015b2f3464cb53f38bc75c5e1aa313f29881dc6d1
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66
7d3339a037c6b196febc6d8e25b3c1e1a827b97b75d5651e6923fd365f749029
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860cf7e9d84b13646650e2c3c0a832975ba3d530320a0f20724e8851df887cd4
86414ea5538d5f21da467f12d2334388a419e87dd0cc35b87469c7623c56a2c3
872bd3b9dbaf07e40fdbe88990f45bf999948a3d5a0f9af6cc70d7261267ccef
89595610eec120cae7b18d6fcf7947587f044b7ab18dd161941caa3c52e9c662
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90b91537d66896f0795a898464552cec91f904748d626e6bad4e353b2b0a35ec
9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a
93e013371a791d452987626cf17dfd9fe21234190d7aab26c7ba3d93a41d7975
966ebda03f5ece17fb50895816842ceb3bcff62573e45a214a40d1d64f22005b
9876133081bf7e449dac29f084425ac5dc28dc86fea98bfb06d90ff0b2a32766
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e8e547f9e22aab4a2359a41b0f909ab28660e41958aa6da715e239498ee094a
9ef190ca9f8e3c2d5a123cc472f89c4762cee3b6028ecb926294181f6ec32eb1
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
9fec363d2a76d9f58f483c133df9bb8e5038f97a00b3b34fa6649b8358b2d880
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c13d8e0d5a92bee0904ed430f62649fad8fe778b3ea93cef5045299f70481e
a2daac3e66b40750af85494e003d4a14350eda3b065c4b6f681f0e7b480ae995
a2e613ee5829f804c471ad6f73021b514218e49c2881d4aee2e573c20d426e09
a37a57cd1ff1fef337e26ac160387b2fd188307d2988a819b4287eb16ab2522b
a3e9e695ef04e38c6417c1877bdd1ad35d02ded1e2d8ce9c3526a9779e08bb62
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
aaf2ce6fd423685fb4437b508879dcb8c6e145ab61e261da21f3a510b591c363
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abf5d2a75b5601df7752d923986568ce3241b1b9517a23d41ede64db891759da
acbc633e36c64626b7cf221773bf4ac7d1589de6cf4d10bd2059f1340f02fb9c
aceebcf826609f2e68340350296afb6c5bf9a178442e3025014788afebc465a8
ad83eaaf781355979afabcede910e1612afa0eed5b2d6c01bbf0641e6fc55b5e
b08305ae9166722ee0a68f621224867397cc5d1d4d538ebc2239bc9cf1306b96
b14448b1c2ef09954debc5d12004faf4f5b71c922457e73c854bbcee5827e81f
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b4d7898f043d97b83d66e31744358ab937caeab613ae0c0cbd5a40b65dfa62da
b5556bfd714e2aa2334c6c43a282c06a65295f730ff580b2d28609c6d4ce3751
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b915a29cada30935bea7a9708efd2a792c8c3c5866da99fd296b84057792f9ee
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
b9c86b893a57333329f7b8bc0e416d670e4fe76997b031dca070e0213d1eff5f
b9d125f5d40691fc63dcdd1017f4a61c243893706421e07e535aa79eb079c81b
ba53129058400a0992a2ace499fe3fab7630855b1e4a023780ffe2e0367beb71
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7f8cc32c7b89e40b7b4cb4ba5a2fd0f9df8b0140a264cd4284e239fb59232b
bc85645f4b3a11bcf637d78a78a66fabb25d5e9136b6840b6029827d37b05a1a
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
beddfa8f29bb1e03c39a2d704ca739f1515b3c445634772a2d6b97c12f8ad501
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2abc7956f71a1f5f777b79ed188bc1cfa5755dc42b853ee5361f7e93afacd93
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c735b9c81da7ba3ecbffac431dde49125c595cf5651d5ec275f955815ad5f33a
c7f38d262390f7dbd8a2c6488e62d5ad4ce0689bad93dca8feb351af5fe8ef85
c8237af9aaa63ae17670587e1dd06f7388db23a38a9f4be44c20a666f214d725
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
ca5ac667020324f0c44252a388e414d1681b254eb164fbc216c893cad4cbba92
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d13c9abe5bfe1b997e3c7c173daa48f1108f14776bd56810ac67c69a2ed02979
d16b481009776362f2e5673b49b8f12c7c22b08db65f0c0125b055bc206d383a
d325f1aab44d2af2bd71e98b737c4f94e2a8edbea86f5d0d48f679ed0f03c6cd
d37a75584116261e7175df3e014f9e81ad6e9d4f3b42ab5308cad9449f92c446
d4791e11b26a06555f032c553cc2faedae3a175ea0901d55289c9c967201aae0
d508774fcb1e11930a42ec9df2212af357fe0f923d2c01e17cc63291427a0cc9
d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561
d6acf823e1219151aa9ab83d8c253a5fd35923843bcb9e110180b67a27e46330
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8
d89c4ba7bebd3c6f3a5fa5f15c7a1780bbd18e11241705f8ac4b0edc24d3557d
da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da54bc15d687280dc010e41cbd404b9ed74fece1df768d2aed048fe6b97e63ba
dca430eb7b398c1eae4bfc9e99c5666d7ae47cff06ee93e79be1e7cc80d9a1fd
dd7dfdd77cb6b762c79ab4d500aae90a07d3a142185ffc4289050888ec49aa9a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df2375a2d624011a6fc983d2c6adf82874334cc2b47e0a1fe4af32de2a46e3ff
e17d341715e3c3bf9018507cdabcb3734bd79a97ac0d3762eec28033090824bc
e18113004c9a0722b67ace9c8ad89ec8a838520c04dd857a20d599339346d181
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a5436e99c5ae03db81bd328ee282bcb307a7a9bd873e75efd960904f579905
e4dc9da7fe3309d9151863244a30e46c8c96b878de1400944e60025f1814d1af
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ebe03bf13b713fc2b1391519849061eca2bdffc656b88b0f1d815ff2756c1548
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed9bb1b90991d4c7eb2fa26dda4778cf020cc64b25d6aa35e5817a30ed7003d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6877dde280683905a9ca38f513fd55744071d1871ab89edf87cf214d7892f2
ef6c1d24fceb61aaabec98cff1ea71499dccd73ab4e4d50c40c25525aaf371fd
f094087d780a32b501515afabac2e590d2b40c1ea1ca7a8b4f9442b776b0f657
f49b7a72d983bd847c260bdbbf237c7dc4b8362e48c21d45aa0335aec8a80e56
f62cd693ac027fd4b0ee04db6a872d044a8795db02d3f008c95b0a8273a5af61
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f732e1acd2a414ba09e03624683bc806dedb11c783ffcf37a8f8097efa721c7a
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fcad4183569becced18ffb22a088920f178e130ce3eaff9971f4db28d06caafc
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
fe72e710fa08ea724842080b779a946a2ef297a1337c14e53423fc53269fe98f
fee0ebfc2113cf67942fd48eafcc7636c4c65cd69d2644e7ad11545f5589227f